Well…..the last year has been …unique to say the least. Besides covid, my life has been a bit crazy which atleast partially resulted in my absence from my blog post.
First let me give an update. I attempted the OSCE a second time and unfortunately did not pass. My second attempt was after completing the my SLAE 32 certification which gave me a firm foundation of assembly programing including socket calls, hand creating reverse shells and basic malware reverse engineering. This attempt came after mastering the Vulnserver server, mastering fuzzing and blindly recreating exploits from exploitdb. While I enjoyed my journey to what was ultimately failure… if I am honest I disliked the destination. Without giving away any trade secrets I felt as though the original OSCE exam was disconnected from the course material. Key concepts were not covered and the material was dated to Windows Vista. My attempt was in late 2019 and so I am specifically referring to the now deprecated version of the OSCE not the OSCE3 which I’m sure is much better. It was annoying not passing and very demotivating. I took a break, focused on work and mapped out my next steps as far as a professional development.
Then came covid! As with most of the professional world, I found my self working from home. Stuck at home(all the time), working more than ever with no boundaries between worktime and personal time… I was determined to figure out something to do to stay same. Having acquired my CISSP,CCNP,OSCP and SLAE32 I was looking for something security focused and complementary…something that would be interesting! For several months I couldn’t find anything! While SANS had a lot of interesting certifications they were all expensive! Also having acquired 4 certifications I wondered to myself to what end would I acquire an additional certification. I’ve seen plenty of technology professionals contiune to accumulate certifications with some folks having double digit quanities. I wanted something different, something more permanent than a ceritifcation that would expire in a few years or no longer be relavent in 10.
After some linkedin stalking and some Google-KungFu I came to the conclusion that a PhD made sense. A doctorate degree in cyber security would be more permanent than a certification. Academic research always interested me since my Master’s Thesis and a Doctorate would provide that opportunity. I began to do some research and found a couple programs that I could do online, was regionally accredited, could be completed without giving my day job and ultimately landed on Marymount University’s Doctorate of Science in Cyber Security. The program seemed to check all my boxes. It seemed like a credible program and was also recognized by the NSA as an NSA Academic Center of Excellence in Cyber Defense Education.
I’m 18 units into a 36 unit post master degree program…and its awesome. Doctoral programs are opportunities to take subject matter expertise and meld that with academic process. I’ve learned concepts in Machine Learning, Cyber Threat Intelligence, Cyber Security Public Policy, Malware Analysis, and so much more! As of the writing this blog post I’ve published an academic paper to a journal.