Reflection 3

There has not been much going on over the past week. This is due to the fact that we are waiting for the AWS Snowcone to be delivered to the office so that we can begin the migration of our Network Attached Storage to the cloud. I have a couple smaller projects I am working on to keep myself busy. I was tasked with finding a replacement solution for using .pst files. These files can take up a lot of hard drive space and can be a pain to manage. I found that enabling the online archive on user’s exchange accounts would solve the issue by allowing important emails to be archived, while also not storing them locally on the machine so that hard drive space is not wasted. I also have been getting a better understanding of the organization’s group policy so that I can be of some use when during the migration to Intune. Over the last couple weeks, we have been paying more attention to the maintenance tasks that have been divvied up due to it being the end of the year. I was able to go in and verify that the VEEAM backup/restore process is still working correctly. The team will work together to update all servers before the new year. These updates usually take place after hours which is not ideal, but is the only way we can get everything updated without creating a stoppage in workflow. It also gives us the opportunity to bond a little bit.

Final Paper

Although my current role as a system administrator is not an internship, I chose the role because it is part of my career path to cloud security. As you know, it is very rare to land a cybersecurity role after finishing school without the proven, on-the-job experience because cybersecurity is not an entry-level IT role. Most people, like myself, start at the help desk level. Here is where you see and use a lot of the technologies and tools that we learned about in school in real-world scenarios for the first time. My first help desk experience came from working for a company called SAIC on the Norfolk Naval Base. I chose this role because I was staying in my off-campus apartment located on the edge of the ODU campus and it was within a good driving distance considering how hard the traffic hits in that area. I also had continued my online education after the Covid outbreak so that I could work and support myself. It just so happened that SAIC was hiring for IT roles that required little to no experience in the field, which was a win for me because I had no IT experience up until this point, aside from a few labs that I had completed on my own time.

Throughout my time working for SAIC, I gained valuable skills such as hardware/software troubleshooting, networking, and I was able to meet a ton a great people and made awesome connections. Much like then, when I started my current role I had no idea what to expect. The next role I had accepted after working for SAIC was a Junior System admin role for a company called PRA Group. However, I did not have many system administrator tasks. The job mainly consisted of imaging new machines and preparing them to be distributed to new hires. There were some thing that I did with Active Directory and such but it had not lived up to my expectations. However, within the first few days of starting my current role, I knew that I would be fully emersed into system administration. Since then, I have gained so much experience with server management, vulnerability management, and AWS cloud and Microsoft Azure. The IT is only made up of about ten to twelve people, so this was the perfect opportunity for me to come in and get to touch and experience a bunch of different technologies as I get pulled to help out on different projects.

The company is an IT company that competes for DoD contracts to fill government roles. In fact, most of the employees of the company do not work directly with DDC, there are on those fulfilled contracts. Dine Development Corporation is an organization ran by the Navajo nation, and its aim is to give back to the Navajo community. It is a for-profit organization and most, if not all, of the proceeds go to help the Navajo people. I sort of identified with the company’s mission statement, with me being a minority, and liked their cause. DDC, the parent company, has about six subsidiary companies that work under it to fill the contracts, which bring in most of the revenue that the organization sees. I, however, work for the parent company DDC. Upon being hired, I kind of took the name for what it was worth. I planned to come in and develop my skillset so that I could transition into an on-contract role as I have a security clearance that would allow me to work on government contracts. As you can imagine, that is where the “big bucks” is at as the United States government literally overpays for everything. I was a little nervous upon starting but, luckily, my first week on the job was the IT team’s teambuilding week. Our IT team has people scattered across many locations in the United States and once a year, we all convene to get the in-person contact with one another. Getting to know each other a little more personally than talking over Microsoft Teams meetings works wonders when it comes time to assemble and work on a group project.

During my first week, we went to an AWS summit in Washington DC to look at the newest technologies that Amazon had to offer. It also reminded me of the Stark expos that Tony Stark held in the Iron Man movies to kind of flex his muscles and show new products that had never been seen. It was pretty cool to witness. There was on exhibit where they had built a robot that resembled the robots in iRobot that starred Will Smith, that was built on Amazon’s AI and was able to tell the difference between objects in real time and could even take over small house tasks such as watering house plants. I am sure the exhibit was a lot more enjoyable for others in attendance because all I kept thinking about was that movie and we all know how what happened in the movie. It was still a pretty cool experience. People came to the summit from all over and I was able to meet some pretty nice people as well. My company also took us to eat at an expensive restaurant called Fogo da Chao which is located in downtown Baltimore. The food was amazing. They bring all different kinds of meats out on skewers, almost as if we were Vikings having a celebrations feast. There were so many kinds of foods, desserts, and drinks to try. I needed to hit the gym after all the food that I ate that day. I think that its safe to say I would highly recommend that Fogo de Chao. The rest of my week was spent in the office since this just so happened to be the same weekend that the Canada forests were burning, which brought a ton of smoke down to the DC area. I have mad asthma and could not go down to see the monuments and tour the downtown area. My first week was great, the team made me feel very welcomed and I knew that there would be a great working environment. Over the next couple weeks, those on the IT team made sure that I had access to all the systems that I needed to have access to and began training me on how to use the variety of IT tools that I would use in my normal workflow.

One thing that I like about management is that they do not micromanage me when they give me tasks. I pretty much have free range to work on projects at my pace as long as I am following soft deadlines and I have something impressive to present at the weekly check-in meetings. So, there is Patrick, who is the IT director and the boss of my bosses. Beth whose title is IT solutions. She is the one I directly report to and who Patrick tasks with finding solutions to issues that exist in our infrastructure. There is Ted who is the Network Administrator. Ted has been a great help to me coming up to speed with the organization’s IT processes as well as understanding technologies that I am being exposed to for the first time. There is Ayanna, who is around the same age as me. She was a Junior Solutions Architect in her previous role. Her previous company had gone public on the stock market and lost a lot of money. Eventually, this led to her being let go as the company was forced to downsize. She is also a system administrator by title, by leads a lot of the AWS related tasks that are associated with our ongoing migration to a fully cloud infrastructure. There is Dennis, is our Cybersecurity Manager. As you could guess, there was an instant connection once I told him that I am currently majoring in Cybersecurity. He is more concerned with writing IT policy so and is looking to offboard a lot of the technical cybersecurity tasks to me so that he can focus on more important work. This where I kind of fit in, in my role at the organization. Since I have my AWS Solutions Architect certification, by way of a class that I took at ODU, I help with a lot of the AWS tasks that are associated with the cloud migration. I also lead the vulnerability management side of things. As the scans are completed in Tenable, I format them and being working on the remediations that are on the network. Beth also gives me other projects to work on which includes finding solutions to issues to our already existing infrastructure. For example, it is not a native feature in Exchange that notifies users when their passwords are set to expire. Most Sys. Admins solve this issue with PowerShell scripts that can be ran in a scheduled manner to notify users. I have been working on a project to do something similar on our infrastructure. Michelle is another member of the team who is our Sharepoint Developer. She works closely with Jusitin who handles the more financial side of things to ensure that the companny’s internal sites are up to date and working in tip top shape. The other two member of the IT team are Shaun and Corey, who work in tandem to handle end user support. Those two do a great job at holding down the fort as tickets are constantly coming in throughout the day as users are hit with issues that interrupt their workflow. The team does a great job of letting everyone know their importance to the overall goal which is to keep the company afloat. I absolutely love the people I work with.

Up until this point, I have not used much of the cybersecurity skills that I have learned in school, simply because I am being pulled in so many directions. Some days are more AWS cloud heavy, while others consist of me helping out the help desk if they have a barrage of tickets that come into the queue. That is one thing that I do like about my current role is that there is the opportunity to do something different every day. Some IT roles can become monotonous as you pretty much do the same few tasks every day aside from new projects that may be presented. Not only does my current role allow me to learn and grow as I continue to get my hands on new technologies, but it keeps things interesting. In all, at Dine Development Corporation, I am able to develop a well-rounded skillset that would allow me to go in any direction in IT that I choose. This is something that is very rare in this industry as it encourages specialization over being a jack of all trades. I am very grateful and will be leveraging my experiences here to propel me in my career.

A few of the skills acquired at ODU that I do use on the job are the critical thinking and time management skills that I think every successful college grad develops. I also use people skills to my advantage at work to maintain healthy working relationships. I find that it not always what you know, but who you know or connect with. I can say being a friendly person who is always willing to help out has gotten me out of trouble a couple times when I may have done something the wrong way. These skills also come in handy when you come in consideration for bonuses and promotions. People are more likely to promote who they get along with. As you can see, these skills are not just useful in customer facing roles. A few technical skills that I use at the job are Active Directory skills that I learned from my server management class. I use the principle of least privilege when assigning IAM roles to services that need to use resources on our network. Being a Cybersecurity major, I do everything with security at the forefront of my mind, which I am sure has kept me out of a lot of trouble. Some of the skills that I learned on the job are PowerShell scripting, which I mentioned above with the password expiry project. I also have a better understanding of group policy management and how it works hand in hand with security.

Group policy is simply a way to baseline the machines on your network. It pushes a consistent set of base settings to each machine in an automated way. Things like wifi settings, sleep & power settings, and drive mappings are all pushed through group policy. In fact, I have been tasked with understanding our organization’s group policy framework end-to-end so that I can help out with our shift to Microsoft Intune. Microsoft Intune is Microsoft’s endpoint management tool that we will use to push things like software and settings to endpoint devices, very similar to group policy. However, Intune uses conditional access instead of role based access so that it is easier to blacklist or quarantine machines that do not meet specified criteria, such as having the latest security patch. Intune also makes it easier for organizations to enforce multifactor authentication to add a level of security to our network. As I continue to learn, the more projects I will be placed on, which will give me more opportunities to learn and grown my skillset. I am even able to sit in a participate in some of the higher-level cybersecurity meetings as they discuss CMCC and NIST compliance, not that I am much of a resource yet, but being a fly on the wall allows me to soak up a wealth of knowledge. I would say ODU has prepared my mind for the rigors of working in a corporate environment. As mentioned before, me being pulled in a bunch of directions forces me to lean on my time management skills to make sure that I give each task or project the attention it needs as each task is important to the overall scope of our IT.

ODU also has given me a basic understanding of infrastructure so that I can articulate processes well enough to speak intelligently on them. This will help you land the job as you are expected to have some basic level of knowledge, even in an entry-level role. This will also help you out once you start working. Although you are not expected to hit the ground running, from experience, bosses will test your knowledge when you first start working to kind of feel you out and to judge if you are a good hire. Believe it or not, there are people who lie on their resumes about their experience and can not back it up when they start working. I am sure they see a lot of this and often times, the first few months on the job are your trial period where they are constantly judging your knowledge and character when deciding where to place you in an IT team. In all, the goal is to build the most efficient team their standards, not to place you where you would like to be. So shout out to ODU for preparing me to be successful in this regard.

In conclusion, though this is an internship paper, I was fortunate enough to be in position to be working in the IT field before completing my degree so that I could start chipping at the dreaded five years of experience that is the barrier to entry to so many of the desirable IT roles. Throughout my experience working in IT, I would say my current role has been the best situation where I could both use and grow my skillset. I would say that ODU has helped me develop not only my technical skills, but my soft skills so that I can be fully successful in my career. I plan on using all experiences up until this point to help me get to my end goal of working in cloud security. As I continue to experience new technologies, I honestly feel that I would be best suited for a role as an IAM Engineer. IAM Engineers work with identity and access management technologies to apply the principle of least privilege to users or services that need access to network resources. This plays a major part in an organization’s security posture and protecting its assets. It is a more laid-back role and not customer facing, which allows the opportunity for remote work, which is what everyone is looking for these days. This job experience has made me want to go back and get my master’s degree as it is only a one year program at ODU. I have been told that in the master’s program is where you choose where you will specialize in the field. One piece of advice that I would give anyone trying to break into cybersecurity would be to accept as many challenges as possible early on. Whether that be a new project that you may not feel that you would be extremely helpful on or going up and starting a conversation with the Director of IT. The more exposure the better as your first role, your second role, etc. will likely not be your last role. We all have an end goal, and it would be beneficial to use all of your resources to get there.