Preparing for Everything: Succeeding in Cybersecurity

 

Cybersecurity professional and former U.S. Army signal support systems specialist Angel Hueca ‘11 has to stay one step ahead of would-be hackers in his career.

As a senior computer information security analyst with the Software Engineering Institute (SEI) at Carnegie Mellon University, his success depends on it. After all, government entities come to the SEI for assistance when they are facing cyber threats. The SEI supports the U.S. Department of Defense and the private sector through cybersecurity, software- and systems-engineering research and other computing areas.

“If there’s something that the government can’t figure out on its own, they will call in the SEI,” says Hueca. The SEI then works to apply private-sector innovations to any cyber challenges the government is facing.

Developing cybersecurity solutions
Hueca and his team will analyze any anomalies that have been identified through the intrusion detection system—called indicators in the trade—and then develop a strategy to deal with them.

“The biggest threat that affects not only federal agencies but industry in general is phishing scams—and malware delivered that way—or malicious actors trying to take advantage of users,” he explains. “It typically revolves around the users not knowing how to react to something.”

For instance, perhaps someone receives an email saying a package on the way to their home or office. The only problem is they never ordered anything. “You have this email. Then what do you do?” asks Hueca. “Do you automatically click on the link, or do you already know that this is something you should question?”

He and his team members create cybersecurity policies and user behavior protocols to help protect government entities from cybercrimes. These efforts include training users about proper internet etiquette so they don’t make themselves—and their organizations—vulnerable to attack.

“One of the things I enjoy most about my job is that because we are senior members of the technical staff, we touch many different projects,” he notes. “It’s not mundane. It’s not the same thing over and over—it changes daily, and it’s very interesting.”

Hueca has found that his well-rounded background is an asset at the SEI. He worked for 15 years in systems administration before earning his Master of Science in Cybersecurity from UMUC in 2011. His prior experience coupled with his advanced degree prepared him for the challenge of facing ever-changing cyber threats.

A proactive approach 
Hueca contends that one of the most important things cybersecurity professionals must do is remain current so they are armed with the tools and information they need to protect the organizations for which they work.

“The different types of cybersecurity threats change daily, and the environment and the cybersecurity landscape change daily. It’s [important to understand] how threats evolve and how they may impact what you are working on or the organization that you’re working with so you can present or install the proper security solutions.”

Hueca began enhancing his own knowledge on the subject while earning his master’s degree. He knew that many employers would required special IT certifications in order for him to qualify for a position, so he prepared himself in advance.

“One of the things I did while I was in school at UMUC was I went ahead and looked at what some of those certifications were,” he says. “[Along] with studying for my coursework, I studied for certifications, as well.”

Because he was so proactive, he left UMUC not only with a master’s degree but also with his Certified Information Systems Security Professional (CISSP) certification, a widely respected standard of achievement in the IT industry.

He advises prospective cybersecurity professionals to do the same if they want to become more marketable to employers in this growing field. “It might be a role where you’re coming in as an assistant administrator or network administrator,” says Hueca. “But, your organization also wants you to have an understanding about how institutional systems work because they want you to go ahead and manage their entire environment or implement security rules and a firewall and those types of things.”

After that, Hueca recommends that cybersecurity job seekers work to gain an understanding of security information and event management (SIEM) systems to further enhance their knowledge of security frameworks and security solutions.

For those who are properly prepared to face rapidly evolving cybersecurity challenges, Hueca believes this to be true: “The roles are out there.”

Watch Angel Hueca’s interview.

Read more UMUC alumni news.