Marcela Denniston is the Vice President of Field Engineering at ShieldX Networks; a San Francisco-based company that focuses on protecting organizations against cyber threats. Marcela’s cyber security career began at Hawai’i Pacific University (HPU), where she joined their U.S. Navy program immediately out of high school. Marcela worked in the Navy for seven years, then moved into the commercial sector. She said cyber security is about protecting information systems and networks connected to the internet, including computers, servers, cell phones and vehicles.

What kind of people thrive in cyber security?

People who are analytically minded, who like to figure out how or why something happened. Anyone driven toward data, as well as people who are engineering-minded and like to put things together. Maybe they enjoyed playing with LEGOs or electronics growing up. 

Why did you choose this career?

I actually didn’t choose this career, it chose me. I was college-bound after high school, but didn’t come from a wealthy family. To avoid student loans I decided to go into the Navy at HPU. This was also shortly after 9/11. I grew up right outside of New York City and saw all of that happen live, so I had a desire to serve. 

The military gives you an aptitude test to see areas you might fit into. Mine said I fit a technical field, and I chose advanced electronics. This was just as cyber security was becoming more relevant in the government sector. So they were picking and choosing people sporadically to attend cyber schools, and I was one of the people who got chosen. 

It’s not one of those careers you just drop out of because you put a lot of time and energy into learning. Once I got out of the military, I started to find some niches that I really enjoyed in cyber security, and I ended up making a fulfilling career out of it. 

What does a typical day at work look like for you?

My department at ShieldX runs all of the technical resale and post-sale deployments of our product — an agentless technology that provides “cloud” security.  We’re the bridge between sales and engineering, speaking to the functions and value of the product while also getting into the technical details.

A typical day for me involves calls with current and prospective clients, making sure they understand the importance of the product and how it works, helping them find the proper uses of our product in their environment and helping them to get it deployed successfully. 

What are some of the most rewarding aspects of this career?

Because of the rate at which technology is developing, cyber security is ever-changing. There’s no room to allow yourself to go stale, you constantly have to be on your toes. That is great because it pushes me to learn new things and stay in touch. 

The field is never going away at this rate. There is an extreme shortage of people, so employees are in demand. I get requests from recruiters looking to fill positions daily. 

The pay is pretty significant, too. I don’t know anyone that makes less than six figures.

What should people interested in the career do in school to prepare?

Look into getting an internship at a cyber company, even if it’s with the marketing team, sales team, or front desk. What you major in is dependent on what you want to do within the field. If you want to take a more technical stance, schools like University of Maryland now offer actual cyber security degrees and Eastern Michigan University offers a Master’s in offensive security.

However, there are plenty of people who don’t have cyber security degrees. If you want to do something generalized, I would suggest computer science. 

I got my Bachelor’s in business administration of computer information systems, which is basically the project management of software engineering. Half of my classes were business focused, and the other half were computer focused. If you want to be on the business side, I would suggest a hybrid like I did.

Outside of college, there are a lot of certifications and specialized training programs. The SANS Institute offers a Master’s program. (ISC)2 offers Certified Information Systems Security Professional (CISSP) and Certified Informations Systems Security Manager (CISSM) certification. There are also free resources like Simplilearn that you can use before deciding to go into a degree program.
 
What kind of organizations can someone in cyber security work for?

Any big company like NIKE or Coca-Cola has a massive cyber security team, as do the Big Five accounting firms. The military and government also have tons of roles in cyber security. Then someone can also go into a start-up company, places that are building products or offering services. 

Any other advice on getting your foot in the door?

Networking and gaining experience are huge, as nobody wants to hire a cyber security professional that doesn’t have experience. This isn’t one of those fields that allows you to take a chance in hiring someone very junior if your organization cannot support that. Start networking through internships and meet-ups. It would be beneficial to attend any kind of training or conference that’s tied to cyber security and mingle with the people in the field.