A self-made journey into cybersecurity
It wasn’t long after starting her career as an application developer that Jasmine realized her real passion was for cybersecurity. “My curiosity for cybersecurity was sparked after stumbling across a cryptography Yahoo! Group when I was 16,” said Jasmine. “Years later, even when I was working as a developer, I always had security in mind.”
Jasmine gained her first professional cybersecurity experience at the intersection of application development and vulnerability scanning. “I was working for Vanguard as a full stack developer when my manager asked me to help with a special project,” said Jasmine. “I spent about a year finding and repairing vulnerabilities in Java-based applications, and was later asked to take over the project in an official capacity after my manager transitioned out. One year later I moved into the Vanguard security department as a security automation engineer.”
Jasmine was a natural when it came to application security. Her affinity for software testing and vulnerability scanning not only helped her employer secure their applications, but also helped level up her colleagues’ skills as well. “My use cases were always out of the box,” said Jasmine. “I looked for vulnerabilities in areas others would skip. And I would always find our bugs.”
Building this expertise didn’t come easy. Jasmine took it upon herself to be disciplined and truly hone her craft. When asked of support and mentorship, she explained, “For the most part, I was on my own. I’m an inquisitive and assertive person, so I would just look on Google and teach myself what I needed to know to get the job done.”
Cultivating the ultimate passion for pentesting
Like many aspiring cybersecurity professionals, Jasmine had to overcome several obstacles as she sought out opportunities in the industry. “I would apply for jobs but get rejected because I had no certifications or tangible experience,” explained Jasmine.
However, that rejection fueled innovation, and Jasmine started looking for her own path into the industry. “Out of frustration, I created the blog, Passion for Pentesting. I didn’t have experience and certs but I did have passion, and that was all I needed to start learning,” said Jasmine.
It was at that time Jasmine started solving capture the flag (CTF) challenges, writing up solutions and sharing this information on her blog so even beginners could follow her journey. The blog not only allowed Jasmine to build her own pentesting skills, it also enabled her to gain hands-on experience that she could use on her resume while educating others in the process. “I wanted to provide write-ups for the absolute beginner because that’s what I was at the time,” said Jasmine. “I wanted to write as if another Jasmine was reading it and focus on the topics that person would want to learn.”
I didn’t have experience and certs but I did have passion, and that was all I needed to start learning.
A lifelong student turned cybersecurity instructor
Working within the cybersecurity industry means that change is constant. There is always a new attack method, a new vulnerability and an expanding threat landscape. This makes continuous learning critical for cyber professionals, and Jasmine fits the part. She is the epitome of continuing education, from completing training with Infosec to earning several cybersecurity certifications — even after earning a graduate degree.
However, what’s most impressive is Jasmine’s commitment to helping develop others. From delivering speeches at local conferences in the United States to hitting the international stage in Argentina, her dedication to sharing her knowledge is commendable. She also serves as a SANS mentor instructor and Cybrary trainer, amongst other teaching engagements.
From pentesting and biohacking to voice radio
Jasmine hasn’t slowed down since landing her first cybersecurity position at Vanguard. She left Vanguard in 2017 for a penetration testing role at Wells Fargo, and today works as an application security engineer at AvidXChange where she focuses on security code review and cloud architecture.
Jasmine has big dreams for her future, from biohacking and more advanced bug bounty action to teaching courses and speaking at more conferences. Perhaps one of the most unique and intriguing visions that Jasmine has for herself is a career in the voice industry. “Everyone loves my voice,” Jasmine explains. “Sometimes I don’t like it, but I’m going to flip the negative for a positive. I would love to try voiceover work in the future.”
Professionally, Jasmine sees a future of continued professional growth; however, she is adamant about remaining very technical and hands-on in the cybersecurity space. “I want to stay technical, stay in the weeds and get my hands dirty.”
It’s Jasmine’s passion, persistence and resilience that make Infosec proud to name her a member of the 2020 Infosec Hall of Fame.