September 17, 2025 • 53 mins
Meter: Visit meter.com/itcareer to book a demo
How do you go from curious about hacking to becoming one of the most recognized names in cybersecurity?
In this episode of the I.T. Career Podcast, I sit down with John Hammond to unpack his real story—how he broke into security, the big moments that shaped his career, and the lessons he’d share with anyone chasing a cybersecurity dream today.
We cover:
– John’s path from curious beginner to respected cybersecurity expert
– Key decisions (and mistakes) that defined his journey
– His best advice for landing your first security job
– What he would do differently if he had to start over
Whether you’re starting out in IT, pivoting into cybersecurity, or just love a good origin story, this conversation is packed with practical takeaways you can use right now.
John's Resources:
Twitter/X: @_JohnHammond
Just Hacking Training: https://www.justhacking.com/
📌 Watch next: YouTube Playlist
🔗 Start your tech career journey: https://thebeardeditdad.com/itcareeraccelerator/
Exclusive Career Resources:
✅ Weekly Insider Tips: Subscribe
🎧 Listen to The I.T. Career Podcast:
➡︎ YouTube: https://itdad.info/ytpodcast
➡︎ Apple: https://apple.co/4aw0uVM
➡︎ Spotify: https://spoti.fi/3yBcrfu
Disclaimer: Some of these links are affiliate links where I'll earn a small commission if you make a purchase at no additional cost to you.
#johnhammond #cybersecurity #ad
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
I don't know everything. I can't.
There's no way for me to. There is just too much out
there. I don't even, I don't, I don't
want to call myself an expert and I hate when folks call folks
other folks expert because thereare no experts in the industry.
Today I'm sitting down with someone who needs no
(00:20):
introduction in the world of cybersecurity, John Hammond.
You've probably seen his YouTubevideos, his CTF challenges, or
maybe you've just heard the namefloating around in the
community. But what I want to gain today is
how did John break in? What's troubles did he face?
What advice does he have for people trying to land a role in
cybersecurity? And maybe most importantly, what
would he have done differently if he had to start all over it
(00:43):
again today? This is just going to be a real
conversation about his journeys,the winds along the way and the
lessons learned. And if you've ever wondered how
someone like John Hammond actually got to where he is,
this is an episode you're not going to want to miss.
John, welcome back to the CHANNEL.
Hey, thank you so much. It's great to be here.
Happy to be hanging out for a bit.
(01:04):
Absolutely. It's it's always a pleasure to
have you. You've got such an amazing
journey and you've done so much for the community.
Every time I get on YouTube, there's something you're out
there doing like just literally an hour before we recorded this,
I saw you on a live stream doingsome amazing work.
So. Well, hey, very flattered.
It's always a ton of fun. I think that's, you know, just
part of it. It's part of the passion.
(01:25):
It's part of the fun. Absolutely.
Well, for maybe the few people who haven't heard about you, do
you mind just giving us a quick who you are and what you do?
Totally. Well, Hi, Hey, hello.
My name is John Hammond. For my day job, I guess I run
around over with Huntress, a company that is a managed
security platform. So think EDR, think seem
(01:46):
solution, think security awareness training and a lot of
ITDR, some of the identity threat detection response.
That's a whole lot of fun. I'm part of their adversary
tactics team, so I get to chase hackers and malware and all the
stuff kind of beaten up the industry.
I've been hopefully getting to some of the defense and how can
we protect against that When I can fit it in.
I try to do some other YouTube work on the side and that is
(02:09):
just a really labor of love. Getting more education out the
door, some content, some training, some hands on keyboard
and practical stuff. You, you sound so humble.
I mean, are you up to like 2 million subscribers or something
now on your channel? I.
Guess so. I mean, it's really awesome the
amount you do to give back to the community and bring, you
know, just trying to help peopleon the journey.
(02:30):
But Speaking of the journey, do you mind like taking us back to
like the very beginning, like what really pulled you into tech
or specifically cybersecurity? OK, I'll do my darkness.
It is a, it is a long story. So if I'm rambling, hey, please
don't hesitate to stop me. But if we go, if we go way back,
way, way back, I think I kind ofgrew up like maybe any kiddo
(02:53):
thinking, oh, I want to make video games 'cause I, I like
playing video games as a kid andI want to learn how to, how to
make my own. And with that, I don't know,
that was a little bit of who trying to play with Game Maker,
yo-yo games back when they ownedthat and all Adventure Maker
were some super old tools and utilities that could kind of
help play with different languages and things to
(03:15):
experiment in that world. And then, I don't know, some
point I thought, like all these Hollywood movies and media are
cool for becoming a hacker. How does someone become a
hacker? Curse of the World unite more of
the cyber security and rather than the strict software
development or like game development world.
(03:35):
And I feel like I googled at some point, I literally probably
how to become a hacker and I hadfound an old blog post or write
up an article from a gentleman, Eric S Raymond.
I think he's one of the free andopen source software kind of, I
don't know pioneers in that front, but he had this blog post
literally titled how to become ahacker.
(03:57):
And the first kind of like action items were to learn some
programming, learn some scripting.
And at the time it said, hey, learn Python like the Python
scripting language. They said, look, you got to
learn how to be able to cut up code, be able to write some code
if you want to be a hacker. So I followed through with that.
(04:18):
Try to look on YouTube, really found a lot of tutorials for
getting started with the Python language, just being able to
practice and play with the syntax.
And that was just so much fun, so cool.
It opened up the whole world of Linux.
And I asked my dad at a young age, he, he's usually like a
network engineer, kind of a sys admin style.
And he said, look, John, you want a website here, you can
(04:42):
learn HTML and and CSS. And he said, if you want to host
the website, you're going to need a server and that's going
to need to run Linux. And you need a little, a little
bit of some of the know how in that world.
So that opened the floodgates really of OK, understanding what
is Linux made-up of? What are these other languages
like Python play a part in that?And that was fun for kind of the
(05:04):
high school days. It wasn't until I got to college
or university really, OK, an undergraduate education.
I'd attended the US Coast Guard Academy, so one of the United
States like military institutions, like a West Point
U.S. military Academy or Annapolis, the Naval Academy
here and there. I found myself at the Coast
(05:24):
Guard Academy and the Coast Guard Academy at the time did
not have a computer science degree or a major program of
study or even anything kind of in the cybersecurity realm.
So if we wanted to dig more intoit, you kind of had to be self
reliant, like going to find, go look at resources and go see how
(05:45):
could we learn this on our own. There was a sort of perfect
storm, though that was around the same time where there was
this really cool event and competition coming together with
a lot of the other service academies that they called Cyber
stakes. And I didn't know at the time, I
had no idea. I didn't realize, no one told me
that that was in essence a capture the flag or CTF, hey,
(06:10):
whole game cybersecurity sport to be able to interact and get
on keyboard and hack along and all these things.
And truth be told, we were the underdogs.
We we didn't really know what wewere doing because we didn't
have a lot of that training ahead of time because we didn't
have a program of study in that world.
But then it birthed really what became the cyber team, kind of
(06:32):
like, oh, some after school clubextracurricular activity kind of
thing. But at the military
institutions, you have to have adedicated and allotted like
sports period or sports time from 1600 to 1800 or like 4:00
to 6:00 PM every day. You would go to football or you
would go practice soccer. You would you would do your
(06:53):
sport. And some way, somehow this all
kind of got enough momentum thatcybersecurity and hacking along
in a bunch of different capture the flag competitions, We, we
swindled whatever Admirals and generals and we told them that's
a sport too. So we got to practice every day.
We get 2 hours of time before dinner to, yeah, dive into war
(07:16):
games, look into some these practice ranges, these online
labs. And that is really where I
started to cut my teeth on all those cybersecurity things.
Learning about vulnerabilities, learning about exploits,
learning what makes up all thosedifferent CTF categories.
And that is the snowball just kept rolling, you know?
That's crazy. It's a interesting path that,
(07:37):
you know, not a lot of people would think of getting into the
industry, I think. Was there a moment during all
this? You're like, this is what I was
meant to do. Like, this is for me, you know?
Is there something that sticks out in your mind?
Yes, and it's it's maybe a little bit silly, sorry, but you
know, over at the Coast Guard Academy or any of these other
(07:58):
sort of service academies duringyour first year when you're a
freshman or they will either call like a plebe or swab or 4th
class cadet. You kind of have to be super
militant the whole time. You always have to stand in the
position of attention. You have to be at the center of
the P way or the hallway every time you walk and you square
your your corners whenever you go down the stairs or the
(08:21):
ladder. Well, you have to walk the
absolute edge and square every single angle and turn that you'd
make. So this cyber stakes competition
thing that I was kind of alluding to that was live in
person. It was with all these other
service academies and we were going to make the drive or go to
it, but it was like an early morning take off before Reveley
(08:42):
or the start of the morning thatoh, they play the silly trumpet
to wake everyone up. This is like at two or three in
the morning. And I remember groggy eyed still
like, oh, but it instilled discipline and all to OK be
regimented. No matter.
No one's watching, no one's there to tell.
(09:03):
But I wanted to you square down the stairs to be able to exit
the building. And I have this very visceral
memory, this very vivid thing that stuck with me for some
reason because I was just so excited and so pumped to go to
this event with a bunch of othercadets and midshipmen and folks
in the Army, Navy, Air Force, etcetera.
It's like, I'm going to go do cybersecurity.
(09:25):
And it felt like doing this withthese people and being a part of
that community just felt like this is this is national
security in its own way, that this is important.
This is what we should be doing.And I felt like this is what I'm
going to do. This is it.
I'm going to go all in. And cybersecurity is just,
(09:45):
that's me, you know? That's really cool.
And so you got into it, you know, sounds like very early on,
you know, you kind of have that fire, you know, back in the high
school and what happened after you started, you know, like
you're there in the Coast Guard Academy.
How did you transition that intoyou know your your actual what
(10:06):
you do as a living? Super good question and I know
again, it long winding story, soforgive me.
While I was there at college, university, undergraduate, Coast
Guard Academy, YouTube had kind of been like a concurrent
thread. That was still something that
I'd even done during the high school days and through that
(10:27):
time period because while I was watching people and their
tutorials online and on YouTube.So I thought I could I could
try. I'll do that too.
And that had been a budding, growing seed and and flower kind
of throughout that. And I'd still try to squeeze it
in while I was at the Academy. And it didn't particularly take
(10:48):
off or anything by any means, but it gave me kind of the
outlet to learn for myself and then to try and teach other
people to like prove my own understanding, mastery,
knowledge, comprehension, etcetera.
So while I was there at school, at the Academy, this cyber team
sport I got to, when it came around to be my senior year, I
(11:12):
got to be, oh, the team captain or like the club president
equivalent or whatever. And I would spend a whole lot of
time teaching and trying to train the underclassmen and give
them new lessons, give them material, try to prepare or
create the CTF challenges for them to try their hand at.
So it was this cool little feedback loop, but some stuff
(11:35):
sort of fell away. I got myself on the naughty list
and the Coast Guard was not too happy with me.
So I I did not graduate. And they said, hey, John, no,
no, no Commission, no degree foryou or you're kind of castaway
off to the streets. And then I was figuring it out.
I was feeling, how do I put my life back together now, what I
(11:56):
thought I had on a silver platter, just kind of stripped
away from hey, my own mistakes or whatever silly stuff.
But I knew that when a lot of cadets graduated and if they
were to go to Coast Guard Cyber Command or some other cyber
endeavor, they normally go through a training program.
This is DC3 or the Department ofDefense Cyber Crime Center in
(12:16):
their cyber training Academy. So there was a strange
opportunity when my friends thatgraduated went through that
training program. They got to meet and understand,
interact with some of the instructors.
And turns out those instructors are looking for more
instructors. They're hiring.
(12:37):
So strange pivot points now, kind of a springboard I get to
jump from. Yeah.
OK. Coast Guard Department of
Homeland Security to now go teach as an instructor for my
first job with the DoD and Department of Defense and
teaching the other classmates and friends that I had made
there, which was neat and hysterical and cool, but also
(13:02):
very wild that, uh, my first jobis a teacher.
Well, I mean, it seems like it suits you really well, and it
kind of sounds like everything kind of came full circle.
You know, I hate to say everything happens for a reason,
but it sounded like, you know, it really did in that scenario.
Yes, a blessing in disguise because yeah, that I think threw
(13:22):
me into the industry and that made a whole lot of new
connections that were more in the government contracting and
kind of military world for a long while.
But it seems that, hey, a lot ofthe folks that are now doing
cool and incredible things in the industry came from that
background or something very, very similar.
While I was at DC3 and CTA as aninstructor, I pivoted over to
(13:49):
another agency to do some red teamwork on the keyboard.
But that it was slow moving, youknow, you find a lot of
government red tape here and there and we would just kind of
sit around waiting for some doctrine or memo or something to
kind of go through the formalityin process that just never
(14:09):
happens. It's slow, it's slow moving.
So all I'm now shifting around trying to go uncover my career,
the individuals and friends thatI had made while I was in that
sort of scrappy back against thewall scenario of how do I put my
life in order? One of the individuals was a
gentleman named Kyle or Kyle Hansloven.
(14:30):
And for folks that aren't aware,that is Kyle Hansloven, like the
CEO of Huntress, the one of the founders or Co founders there.
And this is way back years ago, maybe almost a decade now, where
I had said in a cold DM on Twitter, like I messaged him out
of the blue, said, hey, I'm one of the Coast Guard security
(14:51):
testers. I do this stuff on YouTube.
Would you like to take a look atsome of the videos that I put
out, like capture the flag tutorials, programming things.
And way back when this guy had said, like, hey, John, this is
cool, man. Hey, don't put yourself down.
I know you're in a weird transition spot, but like,
you're making all the right moves.
(15:12):
So we had that interaction wherehe, I don't know, we were
willing to meet in person. He wanted to show me the
Huntress office. That was like working out of a
closet in Baltimore at some point, but just made a friend,
made an Internet friend. That kind of was able to grow
into the real world for a career.
Because sometime later, once Huntress had landed their next
(15:33):
round of funding or Series A, Kyle comes back 2020 or so, and
he says, hey, John, I think we can afford you now.
Do you want to come join the party at Huntress?
And I was like, absolutely, without a doubt that that sounds
incredible. And it was a whole different
jumping off point from government contracting and one
(15:54):
of that military world, but it was now for the whole rest of
the world. We said cybersecurity for all
companies. And that means more in the
industry, more about for privatesector stuff.
But it was so cool because everything that I had kind of
learned, offensive and defensive, culminated in a sweet
(16:16):
way to bring defense, knowing and understanding what bad
actors and threat actors are up to, and then still kind of chase
some of the malware, some of thestuff that they're doing.
So I'm sorry, I know I'm rambling.
No, no, no. It it's a great story and it's
I, I love hearing these stories.But I do have a question.
So like, looking back, what do you think made you stand out
(16:39):
among the rest of the people? You know, because again, you,
you do things that's not typical.
You know, most people in the industry haven't had the level
of success I feel like you have.Is there something that made you
stand out enough where you, you,you know, for your first job,
you're able to become an instructor and then be able to
do what you're doing now? I think if I were to try and
(17:04):
pinpoint it, we, we tell everybody and you hear everyone
kind of say, you know, oh, show your work, document everything
that you're up to. Whenever you're working through
a a hack the box or try hack me room or whatever, share your
solution, share your write up, share what you're learning.
Like make that so known. I think something that I had
(17:26):
done was I I had put myself out there with reckless abandoned of
the mistakes that I'll make of the commands that I got wrong
trying to type on the keyboard of oh, figuring out the process,
falling down a rabbit hole, beating my head up against the
wall and then finding figuring out the solution.
(17:46):
And I know I was really strange at a right time, right place
kind of thing. But I put those things out on
YouTube. So there was like video evidence
of merit and competency and whatI could do and how I would do it
and all of those things. So it's, you're building your
resume, you're building your portfolio.
(18:07):
But I wanted to prove it. And I had a catalog of not only,
OK, me testing myself, but also the material that I would create
for others to learn. Like when I got to help teach
some of the other cadets at the Academy, I basically had a
textbook that, hey, here are thelabs, here are the exercises,
here's the material. And we'd give that to when I was
(18:30):
at DC3, like, hey, look at this work that I've done.
And I, I hope, I think that's really, you know, what, what
sells an interview of like, lookat all this.
Look what I could give to you. What?
What could I bring to the table here?
100% you know, I literally earlier this week I put out a
video about, you know, tips to breaking into cybersecurity and
one of the tips was to document your work.
(18:51):
And that can be something different for every person.
You know, not every person can turn on the camera and you know,
put themselves out there. I understand that 100% it is not
an easy thing to do, but if thatworks for you, if you enjoy
that, do that. Create a YouTube channel
documenting your journey. If you're more the keyboard
(19:11):
warrior type and want to just start a blog, do that.
Form a newsletter. You know, people are interested
in this stuff. You know, it can be as simple as
just regularly posting your journey and your mishaps to
LinkedIn. Another thing to remember is
everyone's like, I have to be perfect online.
I can't look, I can't show my flaws.
And The thing is, it is perfectly fine to show your
(19:33):
flaws. We are all human.
We all have to learn at some point and I think it's almost
better to show not always perfect work because it shows
the evolution of you learning. And when an employer goes and
looks at that, I mean, I know I'm a hiring manager at my job
and the people who include LinkedIn profiles where their
own personal websites and stuff and I can see their journey
(19:56):
always really intrigues me because you kind of get an extra
look into that person more than what the resume would show.
To be honest with you. A lot of people who do that,
half the time I don't even look at their resume.
I just go straight to their websites or their blog posts or
I've yet to have someone includea YouTube channel.
I'm really interested to see if someone when someone does that
(20:16):
but. Other than you, I know several
individuals who've gotten hired and gotten to where they are
because of their YouTube channel, because they're
documenting the journey. Because you're not only helping
yourself, let's be honest, you're not only helping yourself
exceed and excel in the career field.
You don't know how many countless thousands of other
peoples or in your case millionsof people that you are helping
(20:38):
along the way. It's.
Crazy. And it it's surreal, it's
fulfilling, but I think there are a whole lot of other maybe
parts or pieces of that story that are still worth maybe
getting some attention on. Like the way that I had landed
at Huntress was from Pure networking.
In all reality, that's just hate.
Chatting with folks, trying to see what I could explore, dig
(21:02):
into and meeting new people thatare doing cool things and
wanting to learn what I understand.
Wanting to see how how did they do what they did and then more
opportunities open up and more doors open for you.
So I know people again, they'll kind of beat a dead horses.
They network network with people.
But no, genuinely, seriously, you will find new things that
(21:23):
come your way, all thanks to theconnections you make and I, I.
Can I also relate to that story?When I started out in tech
industry, you know, I had less experience than you did, you
know, and I've told this story and actually again last week to
put it up on my channel, but I was a bulldozer operator.
I, I had no experience. I didn't have certifications.
(21:44):
And I mean, someone called me onthis last week because I had, I
took with the CCNA back in high school, but then ten years later
I went and got into the tech industry that CCNA doesn't count
no more. It has expired.
You know what I mean? I had an interest, I had that
passion. But the very first thing I
started doing besides like goingto YouTube and watching what I
need to do is I started going toin person networking events,
(22:07):
like where you can actually go and have drinks with people or
talk and meet people you could, and then reaching out to people
on LinkedIn or Twitter or whatever the platform is, start
networking with people. Because this is one thing I
learned very early on. And I, I, I personally, I really
(22:27):
hate it, but it's the truth. And I don't think it's ever gone
away 'cause sometime in the techindustry, it's not necessarily
what you know, it's who you know.
And those connections can reallyhelp you excel in this industry.
And you never know when you might, when they might pay off.
You know, you might meet someoneand form, you know, some sort of
relationship with them. And 10 years down the road, you
(22:49):
know, you might be ready to change the job.
And they're like, hey, I think you'd be perfect for this role.
You know, you never know when those might pay off.
So it is huge. And I think it's important once
you get into the industry, not to stop networking.
All's well because the industry is constantly evolving and
changing. You know, we're seeing it a lot
(23:10):
with AI and things evolving withthat.
And you know, it's if you have to be able to evolve with it, I
guess is what I'm saying. If I could dance with that a
little bit. I one thing I think is super
important because just as you mentioned, there is so much
non-stop stuff all the time. New changes, new innovation, new
(23:35):
evolution, new progress, new, Ohyeah, new technologies.
And I got to admit that is a little overwhelming, especially,
yes, for OK, new folks that are super interested and want to
dive into the scene and be part of the industry.
But even the folks in the industry are like, what the
heck, there's too much stuff. This is all the time, non-stop.
(23:59):
I I do want to dance a little bit of with that, just like
mental health and imposter syndrome and burnouts and just
fatigue. I felt like I ran hard and fast
for the start of OK career industry time and work.
And that I think did lead to, yeah, OK, where I'm at now, but
(24:21):
where I'm at now is really, really different.
I, I am married, you know, I, I want to spend time with the
family. I want to be able to relax and
take it easy. So for the folks that are at the
young age or diving in and interested and want to be a part
of this thing, like you've got the opportunity, you've got the
chance and time now to run hard and fast and make it awesome and
(24:45):
make it the best that you can be.
But no, you might hit a wall or you might start to slow down a
little bit just cause life gets in the way.
And that's not a bad thing, but it's something you got to, you
got to keep in mind, you got to be aware of.
So stockpile and accumulate the best you can because someday
there's more to it than just that hard work, that fun, that
(25:07):
hack the blocks, etcetera. You got a balance.
You got to find the balance. I mean, I've hit that.
Several times in my career I've been in the industry, gosh, I
don't know, 7-8 years now, whichis crazy to think, but I've,
I've hit that wall several times.
And there was even a point whereI'm like, you know, I don't know
if I want to continue doing tech.
There's more to it than that. I was in a really toxic, working
(25:30):
for a toxic employer at the time.
You got to balance that work life balance.
I am, I, I'm curious, like it's not talked about enough, but
have you faced burnout? I'm sure you have.
I mean, like I said, almost everyone has, you know, how, how
did you deal with that? You know, and is it something
that comes back from time to time?
(25:50):
Some, some time ago, I feel likeI made light of it.
I, I said aloud jokingly, you know, for fun, because I was
still in that like cannonball mentality.
Dive in, do everything, be a sponge until the ball got too
big for the cannon. And I said, I like to eat
burnout for breakfast because it's like not a, it's not a
concern. I'm just going to keep going.
(26:13):
And I think you, you put yourself in two different modes
where sometimes you want to be that all in 1000 miles an hour,
breakneck speed cannonball. I eat burnout for breakfast.
But then there is the like, OK, I got to slow down.
I need to chill out. I, I can't keep up with everyone
(26:34):
else because there's so much. And that's totally OK to take a
break, take a breather. So to answer your question,
really without a doubt, yes, 1000% I, I feel the burnout.
It's normally when I'm doom scrolling on social media.
It's normally when I'm looking at Twitter and like, how are so
many incredible people doing so many incredible things?
(26:56):
I have no chance. I have no shot.
I can't do this anymore. But give yourself some time to
relax. Give yourself a couple days a
week, whatever it takes to recharge.
And then you'd be like, Oh yeah,this is fun.
I remember why I love doing this.
I got to keep doing it. Yep.
No, I hit. One of those walls this week,
like Wednesday, it was just likeone of those days.
(27:16):
I'm like, you know, I'm pretty good.
You know, I have my day job. I come home, have dinner with
the family, spend some time, andthen I come out to my studio and
do stuff. And Wednesday I was just like,
Nope, I'm going to bed. Like I just want to go watch
some TV just yeah, you know, just soak into the couch type of
thing. Like I don't want to do it
anymore. And then I came back at, you
(27:37):
know, then the very next day andit's like, man, all right, time
to get back at it. I was like re energized and
pumped to go again. And that's one thing I've
noticed as my career's evolved, is those burnouts start kind of
happening less and you Start learning ways to manage them
yourself because everyone deals with this differently, you know,
and you got to figure out what works for you.
(27:59):
You know, in the beginning, I would go through these like
month cycles where like, I wouldjust be burned out and not want
to do anything for like months on end, you know, quit posting
YouTube, quit doing anything extra.
And then I would come back and run at it again.
And you start to kind of learn how to keep it going a little
bit easier, I feel like. So agreed.
(28:22):
But I'll admit that is totally some of that trial and error.
It's still kind of like navigating it.
I think I've done the very same.We're like, all right, I'll go
all in super hard, go crazy, have fun, and then it'll be
mutts just as you mentioned of like now I need to recover and
get back the motivation and ambition that I had, you know,
1. Thing we keep coming back to is
(28:44):
where your time actually goes ina security or IT career.
It's not the fun stuff that burns you out, it's the glue
work. Chasing ISPs, babysitting Wi-Fi,
juggling 5 different dashboards when something blips 2:00 AM.
That's why I'm a fan of what meter is building instead of
having to stitch together a bunch of different vendors.
(29:04):
It is a full stack networking infrastructure, wired, wireless,
and even cellular in one integrated solution built for
performance and scale. And this isn't a reseller story.
Alongside their partners, Meter designs the hardware, writes the
firmware, builds the software, managers deployments and run
support from the first site survey all the way through
(29:26):
ongoing operations. It's 1 standard, one playbook.
The result is fewer seams to manage and more time back for
the work that actually moves theneedle.
Practically speaking, it covers the whole stack.
We're talking ISP procurement, security, routing, switching,
wireless firewall, cellular power, DNS security, VPNSD, Wan,
(29:49):
and multi site workflows. And it scales from branch
offices and warehouses to large campuses and even data centers.
So as your foot pint grows, you're not reinventing the
network at every site. From a security minded lens,
that means fast, secure, scalable connectivity without
(30:10):
the complexity of managing multiple providers or tools.
Plus a stack designed to give you deep control and visibility,
which is exactly what you want during incidents and audits, and
frankly, what keeps you sane in the day-to-day operations.
If you're the one person people call when the Internet is going
slow or you're trying to build acareer with fewer 2:00 AM
(30:32):
headaches and more meaningful impact, check out Meter.
Thanks to Meter for sponsoring this episode.
Go to meter.com/IT Career to book a demo.
Now that is METE r.com/IT Careerto book your demo.
Now back to this week's episode.It's those silly.
Things when folks say, yo, it's a marathon, not a Sprint, life
(30:56):
is long, you got time, blah, blah, blah.
Just, I don't know, whatever youcan do to remind yourself like,
hey, you're going to have the opportunities if you just keep
building at them, but you can goat your own pace.
One thing I want to make sure. We don't ignore is you
mentioned, you know, the imposter syndrome side and how
that can play into it because I got really hit hard with that
(31:19):
when I went to DEFCON for the first time this year.
Just being among all these incredible people.
Like DEFCON is just such a such an event and it's totally
different than any other like meet up conference I've ever
attended. There was just so many smart
people there. And man, did I kind of feel dumb
(31:40):
to be out of percent honest. And then I like, I was trying to
keep up and like I did a couple CTFS and stuff like that.
I was like, oh, I can do this. And then I was like, how are
these people doing this? Like, how did how can they have
so much knowledge on this? But I mean, that hits you at
other points in your career, especially when you're starting
out. I think there's, at least for
me, there was a lot of imposter syndrome in the beginning
(32:02):
because I, I made a different transition.
You know, I didn't go the traditional education.
I didn't go through college. I didn't like even have
certifications when I first started out.
And for like the first year, I kept on like looking over my
shoulder and theoretically, you know, metaphorically, whatever,
thinking, gosh, is today, the day they're going to figure out,
I don't know what they think. I know, are they going to fire
(32:23):
me? You know, and it's really rough.
And that can lead to burnout. I feel as well because you feel
like you can't stop. You have to keep going.
Otherwise, you know, you're not going to be good enough.
You know, I don't know how you've dealt with that in your
career or if you have, you know,maybe maybe you're just one of
the unicorns. That's so amazing, John.
(32:45):
No, you should know. But yeah, I mean, how how have
you kind of what are some thingsthat you've done to kind of help
get over that imposter syndrome?I guess there are two way, two
things that I would try to sprinkle in because I'm, I get
(33:05):
the imposter syndrome a lot all the time.
And I, I hope I try, I really want to just still be as like
genuine and authentic as I can be when I'm all out and about on
the interwebs making a silly YouTube video or just, I don't
know, being on social media. I, I try to keep it real, trying
(33:26):
to be myself. And with that, I feel like I try
to be super forthcoming and transparent of look, I don't
know everything. I can't.
There's no way for me to. There is just too much out
there. I don't even, I don't, I don't
want to call myself an expert and I hate when folks call folks
other folks expert because thereare no experts in the industry.
But I, I'll. Fall on my sword like I've I've
(33:48):
never truly been a sock analyst.I've never truly been a pen
tester. I fell into a researcher thing,
which is very fluffy and very flexible.
It's like, oh, go do what is neat and cool and I'm I
appreciate that. I love that.
But I always try to remind, justbe totally true upfront with
(34:10):
folks. I'm still learning.
I have a lot to learn, but I want to learn along with you.
I want to be here side by side to explore and play and figure
things out and learn. So I tried to, if anything, keep
charging along and charging away.
And I almost want to ignore the imposter syndrome because it
(34:32):
gets in the way, because I know the way that we kind of
accomplish our goals is to just keep doing it, to keep working
at it. And imposter syndrome is just a
nuisance. Well.
And so I I. Put it away Absolutely.
And with the. Tools that are available to us
nowadays, it, it is really easy.I find it a lot easier for me to
(34:54):
try to get over that imposter syndrome because if you truly
want to be successful or you want to figure something out,
you know, not only is there likeGoogle, but you know, there's AI
helping you now and there's so much out there.
People have documented, there's people like you creating YouTube
videos that are helping people. And it, I feel like it's a lot
(35:16):
easier if you know how to use the tools to get over that.
So it's, it definitely is coming, becoming easier with
time, But you know, that's everyone's journey is different
now. I I am curious though, what is
something, if you could change one thing in your career
journey, what would you absolutely do differently if you
(35:38):
had the chance getting deep here?
I don't know if folks are going to like that.
My answer I, I wish I spent moretime on or in or just had more
(36:00):
of the understanding of kind of regular IT sys admin work and
truly help desk trouble work tickets in that whole world.
Normally folks, oh, try to line out this road map of a career
and they say go through these stepping stones and 01 rung on
(36:22):
the ladder and then the next blah, blah, blah.
And if you had that in that super procedural, linear, linear
fashion, I don't know if I wouldhave hop skipped or jumped
around a couple of those. But I always know I can tell.
I'd feel myself like I don't have the knowledge to get a
printer set up within Active Directory environment so that
(36:44):
folks can use the workstations as they should amongst an
environment that is like a regular office, like a corporate
environment. I went straight into CV ES and
exploits and POP and shells and that silly stuff.
And I never really got the, I don't want to say traditional,
but like the pure information technology, network architecture
(37:07):
thing, help desk information here and there.
And I feel bad, like I feel likeI missed the knowledge base that
I should have. Because when you have it, you
know, you understand and you seethings in a different way, in a
better way because you know how the rest of the world functions.
(37:28):
Yeah, in a business, yeah. An environment, yeah.
When you have individuals that are asking for help with their
computer or tech support, blah, blah, blah, that stuff is
undervalued, I think. But it needs to have so much
more on the spotlight and value because that's the majority of
the work that happens in the real world, I think.
Am I wrong, Dakota, what do you think?
(37:50):
No, you. You are 100%.
You know, I do career coaching with people and people always
ask me how can I break into cybersecurity?
You know, that's the most popular question I get all the
time, especially in the comments.
And I tell everyone, the everyone has their own journey.
There is bazillion ways and there's really no wrong way.
The easiest way I see for peopleis to start with like help desk,
(38:15):
doing some of the basic stuff. Because while both journeys will
probably take you about the sametime in the long run, whether
you're going through the help desk, networking and stuff and
then breaking into cybersecurity, that might take
you a little bit longer, but it's going to be a little bit
easier path. And you're going to have all
that previous knowledge to keep building like a strong
(38:35):
foundation. It's like building a house.
You know, if you have a good foundation on how everything
works, you know, you know, a good foundation to build your
house upon, you're just going tobuild a better house, a stronger
house that can stand the time and you're going to have more
opportunities to do different things.
And I'm not saying that you can't just go from nothing at
(38:57):
all straight into cyber security.
That is a path. There is people out there doing
that. You're proof of it.
But that jump is a lot harder ofa jump, I feel like than taking
the incremental steps to get there.
But I don't think I can ever tell anyone what is right for
(39:18):
them. They have to figure that out on
their their own. It's kind of you kind of learn
the hard way really. And if it really also depends on
their determination, I feel likeif you are super adamant, like
no, my first job is going to be a sock analyst, good for you.
Do it, make it happen. Understand that's going to be a
(39:40):
lot harder of a job, your first job to land than just getting a
help desk job. But getting help this job,
you're gonna have to do like a year or two in the help desk and
then you're gonna have to level up to your next position and
then you're gonna go into a sockanalyst role.
Those steps are gonna be easier each little stepping stone
instead of just taking this big giant leap.
But it's still possible you can do.
(40:02):
And that's what's so great aboutthis industry.
You can do whatever you want to get to your end goal.
But also one thing I see happen too is when they go that easier
route, some people get lost. They also get very comfortable
and like, oh, this is a good job.
And you know, they just kind of sit at that help desk for 710
years. So again, nothing wrong with
(40:26):
that. I know people who absolutely
love their jobs. Doing that really boils down to
is do what makes you happy, follow that passion.
You know, if you have to get into a job tomorrow, understand
you're probably not going to make that big jump.
You're going to have to take those baby steps.
If you have the time to study and learn and network and put
(40:49):
yourself out there and do all those things, yeah, you can make
that big jump. But if you're in a spot where
you just need to get started, just start working, start
building that experience becauseit's going to pay off in the
long run. Eventually you're going to get
there. And that experience, I mean,
experience, let's be honest, is huge in the cyber security
world. Back in the day, it could be
like, you know, you need experience to get a job, but how
(41:11):
can you get a job without experience?
But there's so many new opportunities to get experience
now. You know, you have these CTFS,
you have, you know, the hack, the boxes, the Tri hackneys out
there, just build experience. You can build your home labs.
It is so much easier to build experience.
And I've kind of gone off on a rant here, but you know, again,
(41:33):
it all comes back to everyone has their own way into the
industry. You have to find out what works
for you. No, I agree.
I'm all about sorry I I went offthe.
Deep end there. I get so passionate about these
things is you know, because so many people are like, how do you
do this? You can't you can't break in.
I'm like, there is plenty of ways you can break in, it just
(41:53):
depends on how you want to breakin.
You got to find out what works for you, what interests you.
I mean, because let's be honest,no one wants to go to a job they
absolutely hate, they absolutelydread.
So, and that's super important because I think in the early
days, we've all got that like passion, that fire, a lot of
ambition. But that's why you absolutely
(42:15):
need to find, yeah, the work that you love and the work that
is fun and you're willing to do,you're willing to get out of
bed, of bed and do every day because there will come a time
that it starts to feel like work.
And that might happen in a year,maybe five years, maybe 10,
maybe 20, I don't know. But it's, it's gonna happen.
(42:37):
So gosh darn it, make sure you're doing something you love
and you're obsessed with and youcan't stop thinking about it
because you want to prolong thatexpiration date as long as you
can make it 20 or 30 years when you're like, now, this feels
like work before. I got into tech.
I got called out on that. Oh yeah.
Because it was that very much for me.
(42:59):
A lot of my jobs before tech, I would only stay around for like
a year or two and then I would hop because I would absolutely
hate the job I was buying. I mean, it was boring or
whatever reason. Someone once called me out on
that. And like, you notice you've
never stayed in a job for more than two years.
I'm like, yeah, you get bored when you go to the next one.
And then when I got into tech, Inoticed like that quit
(43:21):
happening, you know, especially when I got into networking
because my passion is always networking.
It's always been networking. Yeah.
I've been at my my job going on five years now and I just love
it. People ask when are you going to
go to YouTube full time? I'm like, I don't know if I
really want to. I really like my job.
So it's really special. And the way I got there is
(43:44):
because I just focused on, I always wanted to be a networking
administrator, network engineer.That was my end goal.
And I became a director of network operations.
I think I kind of got there, butI kept on focusing on that while
I was on the help desk, while I was doing that job that I knew
was just gonna be a stepping stone.
I was like, this is happening for a reason, because I'm going
(44:06):
to get there. Absolutely.
I want to be really. Respectful of your time.
I know we're, we're coming up here on some time here and I got
a few more questions I want to make sure and ask.
You know, a lot of people listening to this are just
trying to break in, you know, and I think we've given some
really good advice. Is there one thing in particular
though, that you wish someone would have told you to help you
(44:30):
when you are very first startingout?
Yeah, we got a. Lot of really good Nuggets
already I think. Covering hey, making it a
passion, trying to fend off whenit feels like work.
The imposter syndrome, the burnout, the mental health
shenanigans. I know the path could be totally
different for everybody so you got to choose your own.
(44:50):
I know I fell in through capturethe flag, but suggest if anyone
hasn't played with that, if thisis going to be a boring bad
answer. But I hope it is still one that
maybe folks will understand because we've covered a lot of
ground already. But I don't think we have talked
about or at least kind of sprinkled in while you show your
(45:12):
work, while you document, while you, I don't know, try to again,
build out your resume and portfolio.
Make sure you're taking notes for yourself.
Boring, bad, stupid answer, but I do genuinely feel like build
out your own second brain, your own reference, your own
checklist, your own order of operations and your notes
(45:37):
because that is the best tool that you'll have for the next
thing that you run into, for thenext strange shenanigans issue
stuff that you stumble across. Make one designated home base
for your notes and keep tending to that garden.
So I did that for. Myself about six years ago and
it was, it was something huge. I, I mean, I use Notion for
(46:01):
everything. And so I just, you know, I
watched some videos on how to easily document because for me,
if the barrier to entry on something like that is too high,
if it takes too much work, I'm not going to do it.
I'm not going to continue following through.
So I had to figure out a way where I could just quickly jot
down the notes and then like, deal with it later or just have
a system in place. And that database for me has
(46:25):
just grown and grown. And yeah, a lot of times I don't
look back on some of the things.But I mean, when I do need to,
it's so awesome to look those things up because again, there's
just so much going on in the industry.
It's evolving so quickly. It's easy to just forget what
you did yesterday. I feel like it will be a.
(46:46):
Lifesaver only when you least expect it.
So just totally prepare for thatand don't ever forget hey, Oh
yeah, let me jot that down. Let me keep note of that.
Like that will save you. Absolutely.
And. Speaking of just things evolving
so quickly, where do you see just the cybersecurity industry
as a whole heading? Do you see jobs changing?
(47:08):
I mean, let's be honest, AI is here.
We're not putting that toothpaste back in the tube.
But do you think it's gonna be super impactful in the world of
cybersecurity and how people arethe jobs that are available?
That's a really broad. Question.
(47:28):
I don't know yet. No, it's, it's so tough to
answer, 'cause I, I don't have acrystal ball, right?
Can't see the future. Not Nostradamus, but yes,
without a doubt it's cool, it's neat, it's innovative.
It is genuinely solving a lot ofproblems, but I still I've drank
(47:50):
the AI kool-aid. Personally, I have, but I I
don't think I've had the whole pitcher like the whole jug and
maybe like halfway through because I use it, I vibe code.
I'm always in ChatGPT. I'm digging cursor having a lot
of fun. I don't know.
I don't think I think it it willtake jobs it already has.
(48:11):
It is going to continue to, but so far that has been not to say
low tier. I don't want to say I don't, I
don't mean that with any ill will or shade by any means, but
it's just some of the more easily automated,
unsophisticated work when it gets to the absolute expertise
(48:31):
that needs this masterful mind to really make decisions and
contexts and have all that experience that's still left up
to a human to do the right way. And so there's a a element of
trust and accountability. You can't hold a computer
responsible for destroying your database or any other mistakes
that it might make. So it's super hard to answer the
(48:57):
question. I think it is already taking
jobs and it will. But if you make yourself above
it, you will still be valued andnecessary and needed in the
industry without a doubt. I think that's just.
The nature of the working environment in general, you
know, totally. Things change, they evolve.
(49:17):
I mean, we don't have switchboard operators for
telephones anymore, you know what I mean?
That system was off, you know, automated infinite switchboard.
Operator, the key to everything we do, Things change.
And the way I'm seeing it is, yeah, AI is absolutely taking
jobs. It is definitely taking some of
those maybe easier to automate jobs, but it's also creating a
(49:38):
bazillion jobs. And it's lowering the barrier to
entry for hackers now too. And yeah, they're, they're the
attacks are just coming like crazy.
Not, you know, just in the cybersecurity world.
But let's talk about like the whole tech industry.
It is absolutely changing everything.
So it is, it is here. It's here to stay.
(50:00):
And if you're able to evolve with it, I think you have
absolutely nothing to worry about.
If you're just the guy that say I I've taken my job, no, no
point in working anymore. You know, you're going to get
left behind with that. Do you think it's getting harder
to find jobs or is it, what do you think the job market's like
(50:20):
lately? Is it easier to find jobs, you
know, compared to like when you started out, or is it getting a
little bit harder? I.
Would not truthfully be a good individual to answer just
because I I haven't been out andabout looking for a job lately.
What I hear from folks, what I see on the outside looking in
(50:41):
not knowing without having any authority there is that it is
hard is is that it's tough and I'm sorry, I don't, I don't
know. I don't have a a better answer,
truth be told, but I think it is, if anything, more of that
incentive, more of that reason, more of the motivation and fuel
to do all of the things that we keep trying to tell you about
(51:02):
the portfolio. Resume, take notes, network,
communicate, be present in the industry.
Put yourself out there. I know I don't want to sound
like a broken record when we keep shouting and screaming from
the rooftops, but gosh darn it, that's the right answer.
That's the best thing you can do.
No, I absolutely and you know, John, I, I really appreciate you
(51:22):
taking all this wonderful time to just to really kind of go
deep and you know, into your journey and give you just gave
so much advice in this interview.
I really appreciate it. I want to give you a check a
second to, you know, talk about the resources you do for the
community and where people can find you if they have other
questions and things like that. Sweet.
Well, thank you. So much, yeah.
(51:44):
Hey, you can track me down online, hopefully pretty easy to
find. It's just my name, John Hammond
on on YouTube, on LinkedIn, on Twitter, blah blah blah.
You'll see my ugly mug, the silly red hair and that is
hopefully a whole lot of hands on keyboard practical
educational videos and value foryou to follow along.
Another extra venture we've beentrying to spin up.
(52:06):
Is this just hacking training? I feel bad.
I'm sorry I'm wearing the shirt.I didn't want to be a billboard
by any means, but I don't know. That has been another incredible
opportunity that we've had to kind of join forces with other
incredible people in the industry that have their
incredible expertise and they'rewilling to share in courses and
training and hack along videos or write ups and upskill
(52:29):
challenges and blog posts. It's it's just so much fun to be
able to be and work as a team tohey, help take on the industry
and teach people elevate and upskill their own up their
upskill, theirs, whatever they're up to.
So well, John again. Thank you for coming on the
channel. I think this is like the 4th or
5th time you've came on the channel.
I really appreciate. It's always a pleasure to have
(52:51):
you and I hope to have you againsometime.
Thank you so much. Awesome everyone.
I really hope you enjoyed this video and until next time, keep
learning.
I don't know everything. I can't.
There's no way for me to. There is just too much out
there. I don't even, I don't, I don't
want to call myself an expert and I hate when folks call folks
other folks expert because thereare no experts in the industry.
Today I'm sitting down with someone who needs no
(00:20):
introduction in the world of cybersecurity, John Hammond.
You've probably seen his YouTubevideos, his CTF challenges, or
maybe you've just heard the namefloating around in the
community. But what I want to gain today is
how did John break in? What's troubles did he face?
What advice does he have for people trying to land a role in
cybersecurity? And maybe most importantly, what
would he have done differently if he had to start all over it
(00:43):
again today? This is just going to be a real
conversation about his journeys,the winds along the way and the
lessons learned. And if you've ever wondered how
someone like John Hammond actually got to where he is,
this is an episode you're not going to want to miss.
John, welcome back to the CHANNEL.
Hey, thank you so much. It's great to be here.
Happy to be hanging out for a bit.
(01:04):
Absolutely. It's it's always a pleasure to
have you. You've got such an amazing
journey and you've done so much for the community.
Every time I get on YouTube, there's something you're out
there doing like just literally an hour before we recorded this,
I saw you on a live stream doingsome amazing work.
So. Well, hey, very flattered.
It's always a ton of fun. I think that's, you know, just
part of it. It's part of the passion.
(01:25):
It's part of the fun. Absolutely.
Well, for maybe the few people who haven't heard about you, do
you mind just giving us a quick who you are and what you do?
Totally. Well, Hi, Hey, hello.
My name is John Hammond. For my day job, I guess I run
around over with Huntress, a company that is a managed
security platform. So think EDR, think seem
(01:46):
solution, think security awareness training and a lot of
ITDR, some of the identity threat detection response.
That's a whole lot of fun. I'm part of their adversary
tactics team, so I get to chase hackers and malware and all the
stuff kind of beaten up the industry.
I've been hopefully getting to some of the defense and how can
we protect against that When I can fit it in.
I try to do some other YouTube work on the side and that is
(02:09):
just a really labor of love. Getting more education out the
door, some content, some training, some hands on keyboard
and practical stuff. You, you sound so humble.
I mean, are you up to like 2 million subscribers or something
now on your channel? I.
Guess so. I mean, it's really awesome the
amount you do to give back to the community and bring, you
know, just trying to help peopleon the journey.
(02:30):
But Speaking of the journey, do you mind like taking us back to
like the very beginning, like what really pulled you into tech
or specifically cybersecurity? OK, I'll do my darkness.
It is a, it is a long story. So if I'm rambling, hey, please
don't hesitate to stop me. But if we go, if we go way back,
way, way back, I think I kind ofgrew up like maybe any kiddo
(02:53):
thinking, oh, I want to make video games 'cause I, I like
playing video games as a kid andI want to learn how to, how to
make my own. And with that, I don't know,
that was a little bit of who trying to play with Game Maker,
yo-yo games back when they ownedthat and all Adventure Maker
were some super old tools and utilities that could kind of
help play with different languages and things to
(03:15):
experiment in that world. And then, I don't know, some
point I thought, like all these Hollywood movies and media are
cool for becoming a hacker. How does someone become a
hacker? Curse of the World unite more of
the cyber security and rather than the strict software
development or like game development world.
(03:35):
And I feel like I googled at some point, I literally probably
how to become a hacker and I hadfound an old blog post or write
up an article from a gentleman, Eric S Raymond.
I think he's one of the free andopen source software kind of, I
don't know pioneers in that front, but he had this blog post
literally titled how to become ahacker.
(03:57):
And the first kind of like action items were to learn some
programming, learn some scripting.
And at the time it said, hey, learn Python like the Python
scripting language. They said, look, you got to
learn how to be able to cut up code, be able to write some code
if you want to be a hacker. So I followed through with that.
(04:18):
Try to look on YouTube, really found a lot of tutorials for
getting started with the Python language, just being able to
practice and play with the syntax.
And that was just so much fun, so cool.
It opened up the whole world of Linux.
And I asked my dad at a young age, he, he's usually like a
network engineer, kind of a sys admin style.
And he said, look, John, you want a website here, you can
(04:42):
learn HTML and and CSS. And he said, if you want to host
the website, you're going to need a server and that's going
to need to run Linux. And you need a little, a little
bit of some of the know how in that world.
So that opened the floodgates really of OK, understanding what
is Linux made-up of? What are these other languages
like Python play a part in that?And that was fun for kind of the
(05:04):
high school days. It wasn't until I got to college
or university really, OK, an undergraduate education.
I'd attended the US Coast Guard Academy, so one of the United
States like military institutions, like a West Point
U.S. military Academy or Annapolis, the Naval Academy
here and there. I found myself at the Coast
(05:24):
Guard Academy and the Coast Guard Academy at the time did
not have a computer science degree or a major program of
study or even anything kind of in the cybersecurity realm.
So if we wanted to dig more intoit, you kind of had to be self
reliant, like going to find, go look at resources and go see how
(05:45):
could we learn this on our own. There was a sort of perfect
storm, though that was around the same time where there was
this really cool event and competition coming together with
a lot of the other service academies that they called Cyber
stakes. And I didn't know at the time, I
had no idea. I didn't realize, no one told me
that that was in essence a capture the flag or CTF, hey,
(06:10):
whole game cybersecurity sport to be able to interact and get
on keyboard and hack along and all these things.
And truth be told, we were the underdogs.
We we didn't really know what wewere doing because we didn't
have a lot of that training ahead of time because we didn't
have a program of study in that world.
But then it birthed really what became the cyber team, kind of
(06:32):
like, oh, some after school clubextracurricular activity kind of
thing. But at the military
institutions, you have to have adedicated and allotted like
sports period or sports time from 1600 to 1800 or like 4:00
to 6:00 PM every day. You would go to football or you
would go practice soccer. You would you would do your
(06:53):
sport. And some way, somehow this all
kind of got enough momentum thatcybersecurity and hacking along
in a bunch of different capture the flag competitions, We, we
swindled whatever Admirals and generals and we told them that's
a sport too. So we got to practice every day.
We get 2 hours of time before dinner to, yeah, dive into war
(07:16):
games, look into some these practice ranges, these online
labs. And that is really where I
started to cut my teeth on all those cybersecurity things.
Learning about vulnerabilities, learning about exploits,
learning what makes up all thosedifferent CTF categories.
And that is the snowball just kept rolling, you know?
That's crazy. It's a interesting path that,
(07:37):
you know, not a lot of people would think of getting into the
industry, I think. Was there a moment during all
this? You're like, this is what I was
meant to do. Like, this is for me, you know?
Is there something that sticks out in your mind?
Yes, and it's it's maybe a little bit silly, sorry, but you
know, over at the Coast Guard Academy or any of these other
(07:58):
sort of service academies duringyour first year when you're a
freshman or they will either call like a plebe or swab or 4th
class cadet. You kind of have to be super
militant the whole time. You always have to stand in the
position of attention. You have to be at the center of
the P way or the hallway every time you walk and you square
your your corners whenever you go down the stairs or the
(08:21):
ladder. Well, you have to walk the
absolute edge and square every single angle and turn that you'd
make. So this cyber stakes competition
thing that I was kind of alluding to that was live in
person. It was with all these other
service academies and we were going to make the drive or go to
it, but it was like an early morning take off before Reveley
(08:42):
or the start of the morning thatoh, they play the silly trumpet
to wake everyone up. This is like at two or three in
the morning. And I remember groggy eyed still
like, oh, but it instilled discipline and all to OK be
regimented. No matter.
No one's watching, no one's there to tell.
(09:03):
But I wanted to you square down the stairs to be able to exit
the building. And I have this very visceral
memory, this very vivid thing that stuck with me for some
reason because I was just so excited and so pumped to go to
this event with a bunch of othercadets and midshipmen and folks
in the Army, Navy, Air Force, etcetera.
It's like, I'm going to go do cybersecurity.
(09:25):
And it felt like doing this withthese people and being a part of
that community just felt like this is this is national
security in its own way, that this is important.
This is what we should be doing.And I felt like this is what I'm
going to do. This is it.
I'm going to go all in. And cybersecurity is just,
(09:45):
that's me, you know? That's really cool.
And so you got into it, you know, sounds like very early on,
you know, you kind of have that fire, you know, back in the high
school and what happened after you started, you know, like
you're there in the Coast Guard Academy.
How did you transition that intoyou know your your actual what
(10:06):
you do as a living? Super good question and I know
again, it long winding story, soforgive me.
While I was there at college, university, undergraduate, Coast
Guard Academy, YouTube had kind of been like a concurrent
thread. That was still something that
I'd even done during the high school days and through that
(10:27):
time period because while I was watching people and their
tutorials online and on YouTube.So I thought I could I could
try. I'll do that too.
And that had been a budding, growing seed and and flower kind
of throughout that. And I'd still try to squeeze it
in while I was at the Academy. And it didn't particularly take
(10:48):
off or anything by any means, but it gave me kind of the
outlet to learn for myself and then to try and teach other
people to like prove my own understanding, mastery,
knowledge, comprehension, etcetera.
So while I was there at school, at the Academy, this cyber team
sport I got to, when it came around to be my senior year, I
(11:12):
got to be, oh, the team captain or like the club president
equivalent or whatever. And I would spend a whole lot of
time teaching and trying to train the underclassmen and give
them new lessons, give them material, try to prepare or
create the CTF challenges for them to try their hand at.
So it was this cool little feedback loop, but some stuff
(11:35):
sort of fell away. I got myself on the naughty list
and the Coast Guard was not too happy with me.
So I I did not graduate. And they said, hey, John, no,
no, no Commission, no degree foryou or you're kind of castaway
off to the streets. And then I was figuring it out.
I was feeling, how do I put my life back together now, what I
(11:56):
thought I had on a silver platter, just kind of stripped
away from hey, my own mistakes or whatever silly stuff.
But I knew that when a lot of cadets graduated and if they
were to go to Coast Guard Cyber Command or some other cyber
endeavor, they normally go through a training program.
This is DC3 or the Department ofDefense Cyber Crime Center in
(12:16):
their cyber training Academy. So there was a strange
opportunity when my friends thatgraduated went through that
training program. They got to meet and understand,
interact with some of the instructors.
And turns out those instructors are looking for more
instructors. They're hiring.
(12:37):
So strange pivot points now, kind of a springboard I get to
jump from. Yeah.
OK. Coast Guard Department of
Homeland Security to now go teach as an instructor for my
first job with the DoD and Department of Defense and
teaching the other classmates and friends that I had made
there, which was neat and hysterical and cool, but also
(13:02):
very wild that, uh, my first jobis a teacher.
Well, I mean, it seems like it suits you really well, and it
kind of sounds like everything kind of came full circle.
You know, I hate to say everything happens for a reason,
but it sounded like, you know, it really did in that scenario.
Yes, a blessing in disguise because yeah, that I think threw
(13:22):
me into the industry and that made a whole lot of new
connections that were more in the government contracting and
kind of military world for a long while.
But it seems that, hey, a lot ofthe folks that are now doing
cool and incredible things in the industry came from that
background or something very, very similar.
While I was at DC3 and CTA as aninstructor, I pivoted over to
(13:49):
another agency to do some red teamwork on the keyboard.
But that it was slow moving, youknow, you find a lot of
government red tape here and there and we would just kind of
sit around waiting for some doctrine or memo or something to
kind of go through the formalityin process that just never
(14:09):
happens. It's slow, it's slow moving.
So all I'm now shifting around trying to go uncover my career,
the individuals and friends thatI had made while I was in that
sort of scrappy back against thewall scenario of how do I put my
life in order? One of the individuals was a
gentleman named Kyle or Kyle Hansloven.
(14:30):
And for folks that aren't aware,that is Kyle Hansloven, like the
CEO of Huntress, the one of the founders or Co founders there.
And this is way back years ago, maybe almost a decade now, where
I had said in a cold DM on Twitter, like I messaged him out
of the blue, said, hey, I'm one of the Coast Guard security
(14:51):
testers. I do this stuff on YouTube.
Would you like to take a look atsome of the videos that I put
out, like capture the flag tutorials, programming things.
And way back when this guy had said, like, hey, John, this is
cool, man. Hey, don't put yourself down.
I know you're in a weird transition spot, but like,
you're making all the right moves.
(15:12):
So we had that interaction wherehe, I don't know, we were
willing to meet in person. He wanted to show me the
Huntress office. That was like working out of a
closet in Baltimore at some point, but just made a friend,
made an Internet friend. That kind of was able to grow
into the real world for a career.
Because sometime later, once Huntress had landed their next
(15:33):
round of funding or Series A, Kyle comes back 2020 or so, and
he says, hey, John, I think we can afford you now.
Do you want to come join the party at Huntress?
And I was like, absolutely, without a doubt that that sounds
incredible. And it was a whole different
jumping off point from government contracting and one
(15:54):
of that military world, but it was now for the whole rest of
the world. We said cybersecurity for all
companies. And that means more in the
industry, more about for privatesector stuff.
But it was so cool because everything that I had kind of
learned, offensive and defensive, culminated in a sweet
(16:16):
way to bring defense, knowing and understanding what bad
actors and threat actors are up to, and then still kind of chase
some of the malware, some of thestuff that they're doing.
So I'm sorry, I know I'm rambling.
No, no, no. It it's a great story and it's
I, I love hearing these stories.But I do have a question.
So like, looking back, what do you think made you stand out
(16:39):
among the rest of the people? You know, because again, you,
you do things that's not typical.
You know, most people in the industry haven't had the level
of success I feel like you have.Is there something that made you
stand out enough where you, you,you know, for your first job,
you're able to become an instructor and then be able to
do what you're doing now? I think if I were to try and
(17:04):
pinpoint it, we, we tell everybody and you hear everyone
kind of say, you know, oh, show your work, document everything
that you're up to. Whenever you're working through
a a hack the box or try hack me room or whatever, share your
solution, share your write up, share what you're learning.
Like make that so known. I think something that I had
(17:26):
done was I I had put myself out there with reckless abandoned of
the mistakes that I'll make of the commands that I got wrong
trying to type on the keyboard of oh, figuring out the process,
falling down a rabbit hole, beating my head up against the
wall and then finding figuring out the solution.
(17:46):
And I know I was really strange at a right time, right place
kind of thing. But I put those things out on
YouTube. So there was like video evidence
of merit and competency and whatI could do and how I would do it
and all of those things. So it's, you're building your
resume, you're building your portfolio.
(18:07):
But I wanted to prove it. And I had a catalog of not only,
OK, me testing myself, but also the material that I would create
for others to learn. Like when I got to help teach
some of the other cadets at the Academy, I basically had a
textbook that, hey, here are thelabs, here are the exercises,
here's the material. And we'd give that to when I was
(18:30):
at DC3, like, hey, look at this work that I've done.
And I, I hope, I think that's really, you know, what, what
sells an interview of like, lookat all this.
Look what I could give to you. What?
What could I bring to the table here?
100% you know, I literally earlier this week I put out a
video about, you know, tips to breaking into cybersecurity and
one of the tips was to document your work.
(18:51):
And that can be something different for every person.
You know, not every person can turn on the camera and you know,
put themselves out there. I understand that 100% it is not
an easy thing to do, but if thatworks for you, if you enjoy
that, do that. Create a YouTube channel
documenting your journey. If you're more the keyboard
(19:11):
warrior type and want to just start a blog, do that.
Form a newsletter. You know, people are interested
in this stuff. You know, it can be as simple as
just regularly posting your journey and your mishaps to
LinkedIn. Another thing to remember is
everyone's like, I have to be perfect online.
I can't look, I can't show my flaws.
And The thing is, it is perfectly fine to show your
(19:33):
flaws. We are all human.
We all have to learn at some point and I think it's almost
better to show not always perfect work because it shows
the evolution of you learning. And when an employer goes and
looks at that, I mean, I know I'm a hiring manager at my job
and the people who include LinkedIn profiles where their
own personal websites and stuff and I can see their journey
(19:56):
always really intrigues me because you kind of get an extra
look into that person more than what the resume would show.
To be honest with you. A lot of people who do that,
half the time I don't even look at their resume.
I just go straight to their websites or their blog posts or
I've yet to have someone includea YouTube channel.
I'm really interested to see if someone when someone does that
(20:16):
but. Other than you, I know several
individuals who've gotten hired and gotten to where they are
because of their YouTube channel, because they're
documenting the journey. Because you're not only helping
yourself, let's be honest, you're not only helping yourself
exceed and excel in the career field.
You don't know how many countless thousands of other
peoples or in your case millionsof people that you are helping
(20:38):
along the way. It's.
Crazy. And it it's surreal, it's
fulfilling, but I think there are a whole lot of other maybe
parts or pieces of that story that are still worth maybe
getting some attention on. Like the way that I had landed
at Huntress was from Pure networking.
In all reality, that's just hate.
Chatting with folks, trying to see what I could explore, dig
(21:02):
into and meeting new people thatare doing cool things and
wanting to learn what I understand.
Wanting to see how how did they do what they did and then more
opportunities open up and more doors open for you.
So I know people again, they'll kind of beat a dead horses.
They network network with people.
But no, genuinely, seriously, you will find new things that
(21:23):
come your way, all thanks to theconnections you make and I, I.
Can I also relate to that story?When I started out in tech
industry, you know, I had less experience than you did, you
know, and I've told this story and actually again last week to
put it up on my channel, but I was a bulldozer operator.
I, I had no experience. I didn't have certifications.
(21:44):
And I mean, someone called me onthis last week because I had, I
took with the CCNA back in high school, but then ten years later
I went and got into the tech industry that CCNA doesn't count
no more. It has expired.
You know what I mean? I had an interest, I had that
passion. But the very first thing I
started doing besides like goingto YouTube and watching what I
need to do is I started going toin person networking events,
(22:07):
like where you can actually go and have drinks with people or
talk and meet people you could, and then reaching out to people
on LinkedIn or Twitter or whatever the platform is, start
networking with people. Because this is one thing I
learned very early on. And I, I, I personally, I really
(22:27):
hate it, but it's the truth. And I don't think it's ever gone
away 'cause sometime in the techindustry, it's not necessarily
what you know, it's who you know.
And those connections can reallyhelp you excel in this industry.
And you never know when you might, when they might pay off.
You know, you might meet someoneand form, you know, some sort of
relationship with them. And 10 years down the road, you
(22:49):
know, you might be ready to change the job.
And they're like, hey, I think you'd be perfect for this role.
You know, you never know when those might pay off.
So it is huge. And I think it's important once
you get into the industry, not to stop networking.
All's well because the industry is constantly evolving and
changing. You know, we're seeing it a lot
(23:10):
with AI and things evolving withthat.
And you know, it's if you have to be able to evolve with it, I
guess is what I'm saying. If I could dance with that a
little bit. I one thing I think is super
important because just as you mentioned, there is so much
non-stop stuff all the time. New changes, new innovation, new
(23:35):
evolution, new progress, new, Ohyeah, new technologies.
And I got to admit that is a little overwhelming, especially,
yes, for OK, new folks that are super interested and want to
dive into the scene and be part of the industry.
But even the folks in the industry are like, what the
heck, there's too much stuff. This is all the time, non-stop.
(23:59):
I I do want to dance a little bit of with that, just like
mental health and imposter syndrome and burnouts and just
fatigue. I felt like I ran hard and fast
for the start of OK career industry time and work.
And that I think did lead to, yeah, OK, where I'm at now, but
(24:21):
where I'm at now is really, really different.
I, I am married, you know, I, I want to spend time with the
family. I want to be able to relax and
take it easy. So for the folks that are at the
young age or diving in and interested and want to be a part
of this thing, like you've got the opportunity, you've got the
chance and time now to run hard and fast and make it awesome and
(24:45):
make it the best that you can be.
But no, you might hit a wall or you might start to slow down a
little bit just cause life gets in the way.
And that's not a bad thing, but it's something you got to, you
got to keep in mind, you got to be aware of.
So stockpile and accumulate the best you can because someday
there's more to it than just that hard work, that fun, that
(25:07):
hack the blocks, etcetera. You got a balance.
You got to find the balance. I mean, I've hit that.
Several times in my career I've been in the industry, gosh, I
don't know, 7-8 years now, whichis crazy to think, but I've,
I've hit that wall several times.
And there was even a point whereI'm like, you know, I don't know
if I want to continue doing tech.
There's more to it than that. I was in a really toxic, working
(25:30):
for a toxic employer at the time.
You got to balance that work life balance.
I am, I, I'm curious, like it's not talked about enough, but
have you faced burnout? I'm sure you have.
I mean, like I said, almost everyone has, you know, how, how
did you deal with that? You know, and is it something
that comes back from time to time?
(25:50):
Some, some time ago, I feel likeI made light of it.
I, I said aloud jokingly, you know, for fun, because I was
still in that like cannonball mentality.
Dive in, do everything, be a sponge until the ball got too
big for the cannon. And I said, I like to eat
burnout for breakfast because it's like not a, it's not a
concern. I'm just going to keep going.
(26:13):
And I think you, you put yourself in two different modes
where sometimes you want to be that all in 1000 miles an hour,
breakneck speed cannonball. I eat burnout for breakfast.
But then there is the like, OK, I got to slow down.
I need to chill out. I, I can't keep up with everyone
(26:34):
else because there's so much. And that's totally OK to take a
break, take a breather. So to answer your question,
really without a doubt, yes, 1000% I, I feel the burnout.
It's normally when I'm doom scrolling on social media.
It's normally when I'm looking at Twitter and like, how are so
many incredible people doing so many incredible things?
(26:56):
I have no chance. I have no shot.
I can't do this anymore. But give yourself some time to
relax. Give yourself a couple days a
week, whatever it takes to recharge.
And then you'd be like, Oh yeah,this is fun.
I remember why I love doing this.
I got to keep doing it. Yep.
No, I hit. One of those walls this week,
like Wednesday, it was just likeone of those days.
(27:16):
I'm like, you know, I'm pretty good.
You know, I have my day job. I come home, have dinner with
the family, spend some time, andthen I come out to my studio and
do stuff. And Wednesday I was just like,
Nope, I'm going to bed. Like I just want to go watch
some TV just yeah, you know, just soak into the couch type of
thing. Like I don't want to do it
anymore. And then I came back at, you
(27:37):
know, then the very next day andit's like, man, all right, time
to get back at it. I was like re energized and
pumped to go again. And that's one thing I've
noticed as my career's evolved, is those burnouts start kind of
happening less and you Start learning ways to manage them
yourself because everyone deals with this differently, you know,
and you got to figure out what works for you.
(27:59):
You know, in the beginning, I would go through these like
month cycles where like, I wouldjust be burned out and not want
to do anything for like months on end, you know, quit posting
YouTube, quit doing anything extra.
And then I would come back and run at it again.
And you start to kind of learn how to keep it going a little
bit easier, I feel like. So agreed.
(28:22):
But I'll admit that is totally some of that trial and error.
It's still kind of like navigating it.
I think I've done the very same.We're like, all right, I'll go
all in super hard, go crazy, have fun, and then it'll be
mutts just as you mentioned of like now I need to recover and
get back the motivation and ambition that I had, you know,
1. Thing we keep coming back to is
(28:44):
where your time actually goes ina security or IT career.
It's not the fun stuff that burns you out, it's the glue
work. Chasing ISPs, babysitting Wi-Fi,
juggling 5 different dashboards when something blips 2:00 AM.
That's why I'm a fan of what meter is building instead of
having to stitch together a bunch of different vendors.
(29:04):
It is a full stack networking infrastructure, wired, wireless,
and even cellular in one integrated solution built for
performance and scale. And this isn't a reseller story.
Alongside their partners, Meter designs the hardware, writes the
firmware, builds the software, managers deployments and run
support from the first site survey all the way through
(29:26):
ongoing operations. It's 1 standard, one playbook.
The result is fewer seams to manage and more time back for
the work that actually moves theneedle.
Practically speaking, it covers the whole stack.
We're talking ISP procurement, security, routing, switching,
wireless firewall, cellular power, DNS security, VPNSD, Wan,
(29:49):
and multi site workflows. And it scales from branch
offices and warehouses to large campuses and even data centers.
So as your foot pint grows, you're not reinventing the
network at every site. From a security minded lens,
that means fast, secure, scalable connectivity without
(30:10):
the complexity of managing multiple providers or tools.
Plus a stack designed to give you deep control and visibility,
which is exactly what you want during incidents and audits, and
frankly, what keeps you sane in the day-to-day operations.
If you're the one person people call when the Internet is going
slow or you're trying to build acareer with fewer 2:00 AM
(30:32):
headaches and more meaningful impact, check out Meter.
Thanks to Meter for sponsoring this episode.
Go to meter.com/IT Career to book a demo.
Now that is METE r.com/IT Careerto book your demo.
Now back to this week's episode.It's those silly.
Things when folks say, yo, it's a marathon, not a Sprint, life
(30:56):
is long, you got time, blah, blah, blah.
Just, I don't know, whatever youcan do to remind yourself like,
hey, you're going to have the opportunities if you just keep
building at them, but you can goat your own pace.
One thing I want to make sure. We don't ignore is you
mentioned, you know, the imposter syndrome side and how
that can play into it because I got really hit hard with that
(31:19):
when I went to DEFCON for the first time this year.
Just being among all these incredible people.
Like DEFCON is just such a such an event and it's totally
different than any other like meet up conference I've ever
attended. There was just so many smart
people there. And man, did I kind of feel dumb
(31:40):
to be out of percent honest. And then I like, I was trying to
keep up and like I did a couple CTFS and stuff like that.
I was like, oh, I can do this. And then I was like, how are
these people doing this? Like, how did how can they have
so much knowledge on this? But I mean, that hits you at
other points in your career, especially when you're starting
out. I think there's, at least for
me, there was a lot of imposter syndrome in the beginning
(32:02):
because I, I made a different transition.
You know, I didn't go the traditional education.
I didn't go through college. I didn't like even have
certifications when I first started out.
And for like the first year, I kept on like looking over my
shoulder and theoretically, you know, metaphorically, whatever,
thinking, gosh, is today, the day they're going to figure out,
I don't know what they think. I know, are they going to fire
(32:23):
me? You know, and it's really rough.
And that can lead to burnout. I feel as well because you feel
like you can't stop. You have to keep going.
Otherwise, you know, you're not going to be good enough.
You know, I don't know how you've dealt with that in your
career or if you have, you know,maybe maybe you're just one of
the unicorns. That's so amazing, John.
(32:45):
No, you should know. But yeah, I mean, how how have
you kind of what are some thingsthat you've done to kind of help
get over that imposter syndrome?I guess there are two way, two
things that I would try to sprinkle in because I'm, I get
(33:05):
the imposter syndrome a lot all the time.
And I, I hope I try, I really want to just still be as like
genuine and authentic as I can be when I'm all out and about on
the interwebs making a silly YouTube video or just, I don't
know, being on social media. I, I try to keep it real, trying
(33:26):
to be myself. And with that, I feel like I try
to be super forthcoming and transparent of look, I don't
know everything. I can't.
There's no way for me to. There is just too much out
there. I don't even, I don't, I don't
want to call myself an expert and I hate when folks call folks
other folks expert because thereare no experts in the industry.
But I, I'll. Fall on my sword like I've I've
(33:48):
never truly been a sock analyst.I've never truly been a pen
tester. I fell into a researcher thing,
which is very fluffy and very flexible.
It's like, oh, go do what is neat and cool and I'm I
appreciate that. I love that.
But I always try to remind, justbe totally true upfront with
(34:10):
folks. I'm still learning.
I have a lot to learn, but I want to learn along with you.
I want to be here side by side to explore and play and figure
things out and learn. So I tried to, if anything, keep
charging along and charging away.
And I almost want to ignore the imposter syndrome because it
(34:32):
gets in the way, because I know the way that we kind of
accomplish our goals is to just keep doing it, to keep working
at it. And imposter syndrome is just a
nuisance. Well.
And so I I. Put it away Absolutely.
And with the. Tools that are available to us
nowadays, it, it is really easy.I find it a lot easier for me to
(34:54):
try to get over that imposter syndrome because if you truly
want to be successful or you want to figure something out,
you know, not only is there likeGoogle, but you know, there's AI
helping you now and there's so much out there.
People have documented, there's people like you creating YouTube
videos that are helping people. And it, I feel like it's a lot
(35:16):
easier if you know how to use the tools to get over that.
So it's, it definitely is coming, becoming easier with
time, But you know, that's everyone's journey is different
now. I I am curious though, what is
something, if you could change one thing in your career
journey, what would you absolutely do differently if you
(35:38):
had the chance getting deep here?
I don't know if folks are going to like that.
My answer I, I wish I spent moretime on or in or just had more
(36:00):
of the understanding of kind of regular IT sys admin work and
truly help desk trouble work tickets in that whole world.
Normally folks, oh, try to line out this road map of a career
and they say go through these stepping stones and 01 rung on
(36:22):
the ladder and then the next blah, blah, blah.
And if you had that in that super procedural, linear, linear
fashion, I don't know if I wouldhave hop skipped or jumped
around a couple of those. But I always know I can tell.
I'd feel myself like I don't have the knowledge to get a
printer set up within Active Directory environment so that
(36:44):
folks can use the workstations as they should amongst an
environment that is like a regular office, like a corporate
environment. I went straight into CV ES and
exploits and POP and shells and that silly stuff.
And I never really got the, I don't want to say traditional,
but like the pure information technology, network architecture
(37:07):
thing, help desk information here and there.
And I feel bad, like I feel likeI missed the knowledge base that
I should have. Because when you have it, you
know, you understand and you seethings in a different way, in a
better way because you know how the rest of the world functions.
(37:28):
Yeah, in a business, yeah. An environment, yeah.
When you have individuals that are asking for help with their
computer or tech support, blah, blah, blah, that stuff is
undervalued, I think. But it needs to have so much
more on the spotlight and value because that's the majority of
the work that happens in the real world, I think.
Am I wrong, Dakota, what do you think?
(37:50):
No, you. You are 100%.
You know, I do career coaching with people and people always
ask me how can I break into cybersecurity?
You know, that's the most popular question I get all the
time, especially in the comments.
And I tell everyone, the everyone has their own journey.
There is bazillion ways and there's really no wrong way.
The easiest way I see for peopleis to start with like help desk,
(38:15):
doing some of the basic stuff. Because while both journeys will
probably take you about the sametime in the long run, whether
you're going through the help desk, networking and stuff and
then breaking into cybersecurity, that might take
you a little bit longer, but it's going to be a little bit
easier path. And you're going to have all
that previous knowledge to keep building like a strong
(38:35):
foundation. It's like building a house.
You know, if you have a good foundation on how everything
works, you know, you know, a good foundation to build your
house upon, you're just going tobuild a better house, a stronger
house that can stand the time and you're going to have more
opportunities to do different things.
And I'm not saying that you can't just go from nothing at
(38:57):
all straight into cyber security.
That is a path. There is people out there doing
that. You're proof of it.
But that jump is a lot harder ofa jump, I feel like than taking
the incremental steps to get there.
But I don't think I can ever tell anyone what is right for
(39:18):
them. They have to figure that out on
their their own. It's kind of you kind of learn
the hard way really. And if it really also depends on
their determination, I feel likeif you are super adamant, like
no, my first job is going to be a sock analyst, good for you.
Do it, make it happen. Understand that's going to be a
(39:40):
lot harder of a job, your first job to land than just getting a
help desk job. But getting help this job,
you're gonna have to do like a year or two in the help desk and
then you're gonna have to level up to your next position and
then you're gonna go into a sockanalyst role.
Those steps are gonna be easier each little stepping stone
instead of just taking this big giant leap.
But it's still possible you can do.
(40:02):
And that's what's so great aboutthis industry.
You can do whatever you want to get to your end goal.
But also one thing I see happen too is when they go that easier
route, some people get lost. They also get very comfortable
and like, oh, this is a good job.
And you know, they just kind of sit at that help desk for 710
years. So again, nothing wrong with
(40:26):
that. I know people who absolutely
love their jobs. Doing that really boils down to
is do what makes you happy, follow that passion.
You know, if you have to get into a job tomorrow, understand
you're probably not going to make that big jump.
You're going to have to take those baby steps.
If you have the time to study and learn and network and put
(40:49):
yourself out there and do all those things, yeah, you can make
that big jump. But if you're in a spot where
you just need to get started, just start working, start
building that experience becauseit's going to pay off in the
long run. Eventually you're going to get
there. And that experience, I mean,
experience, let's be honest, is huge in the cyber security
world. Back in the day, it could be
like, you know, you need experience to get a job, but how
(41:11):
can you get a job without experience?
But there's so many new opportunities to get experience
now. You know, you have these CTFS,
you have, you know, the hack, the boxes, the Tri hackneys out
there, just build experience. You can build your home labs.
It is so much easier to build experience.
And I've kind of gone off on a rant here, but you know, again,
(41:33):
it all comes back to everyone has their own way into the
industry. You have to find out what works
for you. No, I agree.
I'm all about sorry I I went offthe.
Deep end there. I get so passionate about these
things is you know, because so many people are like, how do you
do this? You can't you can't break in.
I'm like, there is plenty of ways you can break in, it just
(41:53):
depends on how you want to breakin.
You got to find out what works for you, what interests you.
I mean, because let's be honest,no one wants to go to a job they
absolutely hate, they absolutelydread.
So, and that's super important because I think in the early
days, we've all got that like passion, that fire, a lot of
ambition. But that's why you absolutely
(42:15):
need to find, yeah, the work that you love and the work that
is fun and you're willing to do,you're willing to get out of
bed, of bed and do every day because there will come a time
that it starts to feel like work.
And that might happen in a year,maybe five years, maybe 10,
maybe 20, I don't know. But it's, it's gonna happen.
(42:37):
So gosh darn it, make sure you're doing something you love
and you're obsessed with and youcan't stop thinking about it
because you want to prolong thatexpiration date as long as you
can make it 20 or 30 years when you're like, now, this feels
like work before. I got into tech.
I got called out on that. Oh yeah.
Because it was that very much for me.
(42:59):
A lot of my jobs before tech, I would only stay around for like
a year or two and then I would hop because I would absolutely
hate the job I was buying. I mean, it was boring or
whatever reason. Someone once called me out on
that. And like, you notice you've
never stayed in a job for more than two years.
I'm like, yeah, you get bored when you go to the next one.
And then when I got into tech, Inoticed like that quit
(43:21):
happening, you know, especially when I got into networking
because my passion is always networking.
It's always been networking. Yeah.
I've been at my my job going on five years now and I just love
it. People ask when are you going to
go to YouTube full time? I'm like, I don't know if I
really want to. I really like my job.
So it's really special. And the way I got there is
(43:44):
because I just focused on, I always wanted to be a networking
administrator, network engineer.That was my end goal.
And I became a director of network operations.
I think I kind of got there, butI kept on focusing on that while
I was on the help desk, while I was doing that job that I knew
was just gonna be a stepping stone.
I was like, this is happening for a reason, because I'm going
(44:06):
to get there. Absolutely.
I want to be really. Respectful of your time.
I know we're, we're coming up here on some time here and I got
a few more questions I want to make sure and ask.
You know, a lot of people listening to this are just
trying to break in, you know, and I think we've given some
really good advice. Is there one thing in particular
though, that you wish someone would have told you to help you
(44:30):
when you are very first startingout?
Yeah, we got a. Lot of really good Nuggets
already I think. Covering hey, making it a
passion, trying to fend off whenit feels like work.
The imposter syndrome, the burnout, the mental health
shenanigans. I know the path could be totally
different for everybody so you got to choose your own.
(44:50):
I know I fell in through capturethe flag, but suggest if anyone
hasn't played with that, if thisis going to be a boring bad
answer. But I hope it is still one that
maybe folks will understand because we've covered a lot of
ground already. But I don't think we have talked
about or at least kind of sprinkled in while you show your
(45:12):
work, while you document, while you, I don't know, try to again,
build out your resume and portfolio.
Make sure you're taking notes for yourself.
Boring, bad, stupid answer, but I do genuinely feel like build
out your own second brain, your own reference, your own
checklist, your own order of operations and your notes
(45:37):
because that is the best tool that you'll have for the next
thing that you run into, for thenext strange shenanigans issue
stuff that you stumble across. Make one designated home base
for your notes and keep tending to that garden.
So I did that for. Myself about six years ago and
it was, it was something huge. I, I mean, I use Notion for
(46:01):
everything. And so I just, you know, I
watched some videos on how to easily document because for me,
if the barrier to entry on something like that is too high,
if it takes too much work, I'm not going to do it.
I'm not going to continue following through.
So I had to figure out a way where I could just quickly jot
down the notes and then like, deal with it later or just have
a system in place. And that database for me has
(46:25):
just grown and grown. And yeah, a lot of times I don't
look back on some of the things.But I mean, when I do need to,
it's so awesome to look those things up because again, there's
just so much going on in the industry.
It's evolving so quickly. It's easy to just forget what
you did yesterday. I feel like it will be a.
(46:46):
Lifesaver only when you least expect it.
So just totally prepare for thatand don't ever forget hey, Oh
yeah, let me jot that down. Let me keep note of that.
Like that will save you. Absolutely.
And. Speaking of just things evolving
so quickly, where do you see just the cybersecurity industry
as a whole heading? Do you see jobs changing?
(47:08):
I mean, let's be honest, AI is here.
We're not putting that toothpaste back in the tube.
But do you think it's gonna be super impactful in the world of
cybersecurity and how people arethe jobs that are available?
That's a really broad. Question.
(47:28):
I don't know yet. No, it's, it's so tough to
answer, 'cause I, I don't have acrystal ball, right?
Can't see the future. Not Nostradamus, but yes,
without a doubt it's cool, it's neat, it's innovative.
It is genuinely solving a lot ofproblems, but I still I've drank
(47:50):
the AI kool-aid. Personally, I have, but I I
don't think I've had the whole pitcher like the whole jug and
maybe like halfway through because I use it, I vibe code.
I'm always in ChatGPT. I'm digging cursor having a lot
of fun. I don't know.
I don't think I think it it willtake jobs it already has.
(48:11):
It is going to continue to, but so far that has been not to say
low tier. I don't want to say I don't, I
don't mean that with any ill will or shade by any means, but
it's just some of the more easily automated,
unsophisticated work when it gets to the absolute expertise
(48:31):
that needs this masterful mind to really make decisions and
contexts and have all that experience that's still left up
to a human to do the right way. And so there's a a element of
trust and accountability. You can't hold a computer
responsible for destroying your database or any other mistakes
that it might make. So it's super hard to answer the
(48:57):
question. I think it is already taking
jobs and it will. But if you make yourself above
it, you will still be valued andnecessary and needed in the
industry without a doubt. I think that's just.
The nature of the working environment in general, you
know, totally. Things change, they evolve.
(49:17):
I mean, we don't have switchboard operators for
telephones anymore, you know what I mean?
That system was off, you know, automated infinite switchboard.
Operator, the key to everything we do, Things change.
And the way I'm seeing it is, yeah, AI is absolutely taking
jobs. It is definitely taking some of
those maybe easier to automate jobs, but it's also creating a
(49:38):
bazillion jobs. And it's lowering the barrier to
entry for hackers now too. And yeah, they're, they're the
attacks are just coming like crazy.
Not, you know, just in the cybersecurity world.
But let's talk about like the whole tech industry.
It is absolutely changing everything.
So it is, it is here. It's here to stay.
(50:00):
And if you're able to evolve with it, I think you have
absolutely nothing to worry about.
If you're just the guy that say I I've taken my job, no, no
point in working anymore. You know, you're going to get
left behind with that. Do you think it's getting harder
to find jobs or is it, what do you think the job market's like
(50:20):
lately? Is it easier to find jobs, you
know, compared to like when you started out, or is it getting a
little bit harder? I.
Would not truthfully be a good individual to answer just
because I I haven't been out andabout looking for a job lately.
What I hear from folks, what I see on the outside looking in
(50:41):
not knowing without having any authority there is that it is
hard is is that it's tough and I'm sorry, I don't, I don't
know. I don't have a a better answer,
truth be told, but I think it is, if anything, more of that
incentive, more of that reason, more of the motivation and fuel
to do all of the things that we keep trying to tell you about
(51:02):
the portfolio. Resume, take notes, network,
communicate, be present in the industry.
Put yourself out there. I know I don't want to sound
like a broken record when we keep shouting and screaming from
the rooftops, but gosh darn it, that's the right answer.
That's the best thing you can do.
No, I absolutely and you know, John, I, I really appreciate you
(51:22):
taking all this wonderful time to just to really kind of go
deep and you know, into your journey and give you just gave
so much advice in this interview.
I really appreciate it. I want to give you a check a
second to, you know, talk about the resources you do for the
community and where people can find you if they have other
questions and things like that. Sweet.
Well, thank you. So much, yeah.
(51:44):
Hey, you can track me down online, hopefully pretty easy to
find. It's just my name, John Hammond
on on YouTube, on LinkedIn, on Twitter, blah blah blah.
You'll see my ugly mug, the silly red hair and that is
hopefully a whole lot of hands on keyboard practical
educational videos and value foryou to follow along.
Another extra venture we've beentrying to spin up.
(52:06):
Is this just hacking training? I feel bad.
I'm sorry I'm wearing the shirt.I didn't want to be a billboard
by any means, but I don't know. That has been another incredible
opportunity that we've had to kind of join forces with other
incredible people in the industry that have their
incredible expertise and they'rewilling to share in courses and
training and hack along videos or write ups and upskill
(52:29):
challenges and blog posts. It's it's just so much fun to be
able to be and work as a team tohey, help take on the industry
and teach people elevate and upskill their own up their
upskill, theirs, whatever they're up to.
So well, John again. Thank you for coming on the
channel. I think this is like the 4th or
5th time you've came on the channel.
I really appreciate. It's always a pleasure to have
(52:51):
you and I hope to have you againsometime.
Thank you so much. Awesome everyone.
I really hope you enjoyed this video and until next time, keep
learning.
Popular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!