Ryan Gordan, a cybersecurity compliance specialist at the U.S. Department of Veteran Affairs, says his best piece of career advice would be that you cannot help but be inspired.
“Always accept more responsibility, even if you don’t think you can do it because you will learn how to do it,” encourages Gordan.
It’s a mindset and approach to one’s professional career and continuous development that makes Infosec proud to name Gordon one of the select few of 2021 Infosec Scholarship winners.
Always accept more responsibility, even if you don’t think you can do it because you will learn how to do it
Finding his second calling
“I served my country from June 2004 until September 2017, when my career came to an end suddenly, and I was medically retired,” Gordon shared with Infosec,” I thought that I had lost everything.”
It was then that Gordon found his second breath, becoming hooked on the cybersecurity field after learning more about ethical hacking and cyber threat intelligence. Gordon then found a position with the Department of Veteran Affairs (VA) and kicked his development into high gear, successfully acquiring the CompTIA Security+, Network+, and CySA+ certifications soon after.
These experiences solidified Gordon’s passion for his new field, and true to his career philosophy, he found himself on the VA’s cybersecurity team. Here, Gordon is responsible for managing the department’s compliance and vulnerability remediation platform.
“I really like that I work with a bunch of passionate people who are focused on cyber defense and are always looking to help each other out.”
In the meantime, Gordon utilized Infosec Institute Bootcamps to help him successfully achieve the PenTest+ and Certified Ethical Hacker certifications.
Bringing a unique blend of skills to bear
In addition to his formal training, Gordon can also bring a unique combination of what he refers to as soft and hard skills to his role in the cybersecurity field.
Gordon encourages others interested in the field to keep two things in mind, reflecting on his soft skills. “I believe that you have to have a thirst for knowledge, and you have to also be humble,” Gordon emphasizes, “Because you’re not going to know everything, especially on the regulatory side.”
To help him keep this course, Gordon is not shy to sign up for additional responsibilities and roles that will get him involved in new experiences and with new people. “And I found that even if I’m not good at it or end up not enjoying it, that I’ll know that sooner and then I can go and try something else new.”
Gordon also balances these soft skills and open minds, focusing on staying current with the latest skills, techniques and tools. For example, Gordon is working to stay ahead of the government’s accelerating shift to the cloud by diving into Microsoft Azure, Amazon AWS and the Google Cloud. He is also sharpening his home lab network skills, where he practices penetration testing skills and how they affect the risk management framework that shapes how network defenders protect critical systems.
The power of mentorship
Finally, you cannot talk about the arc of Gordon’s cybersecurity career without touching on mentorship’s role in his life.
In particular, Gordon speaks highly of his manager at the VA, who has allowed him to explore his professional interests in cybersecurity and motivated him to take on new roles.
“He’s really given me free rein; from taking advanced training to allowing me to have new opportunities,” notes Gordon, “And if I mess up, he’s always happy to help me out, so I don’t make the same mistake twice.”
On his side, Gordon hopes his path can be a model for others in the military looking to transition to a new focus.
“I believe military and veterans should pursue a career in cybersecurity because it is a natural transition as a career choice. Serving in the military provides opportunities to selflessly serve by putting the needs of others above your own while keeping others safe from harm.
“Veterans are arguably the best demographic to hire to work in cybersecurity roles,” emphasized Gordon. “They can handle exceptionally prolonged and stressful work environments, and they can use their unique skills to the fullest.”
Although they may not have the right technical skills, Gordon encourages others to use their time to seek education with organizations like Infosec Institute and their Skills-based labs.
A continued focus on growth
Looking ahead, Gordon is laser-focused on achieving his goal of obtaining the (ISC)² Certified Information Systems Security Professional (CISSP) credential with the help of his Infosec Scholarship.
“My goal is to become an Information Systems Security Officer (ISSO) with the Department of Veterans Affairs, and acquiring the CISSP certification will help me to qualify for this role.”
And although Gordon is well aware of the financial benefits that he could realize by shifting his career toward the private sector, he’s not ready to make the jump yet.
“I like being part of the team that protects sensitive information, and I am passionate about government compliance because I have been on the other side of it.”