From Business to Cybersecurity Analyst with Code Fellows

When Courtney Hans was laid-off from a marketing job she loved due to COVID-19 cutbacks, she found a silver lining by enrolling at Code Fellows. Code Fellows’ discounted tuition for those affected by recent layoffs ensured that Courtney could fully commit to her career change. Courtney breaks down what she learned in Code Fellows’ remote cybersecurity program, and how they prepared her for technical interviews. Plus, Courtney explains why someone with a business and marketing background can be an asset to a cybersecurity team. 

What inspired you to break into cybersecurity in 2020?

After I received my bachelor’s degree in English Literature, I went into the adventure travel space as a whitewater raft guide and worldwide adventurer travel guide for almost a decade. I had a lot of transferable skills but didn't know how to translate them to an unfamiliar environment, so I got my MBA to put the vocabulary to my skill set for the business world. After that, I spent seven years at REI headquarters, working in the adventure travel team, new business strategies and adventures entrepreneurial unit, and a marketing unit in local brand engagement. 

Like many people, I was impacted by COVID-19 in the spring of 2020, and I was laid off by REI. I had been on the Code Fellows' email list for a long time, and I had always been interested in the tech field. I decided to hop into a Code Fellows' 101 class for Software Development with a friend to see if I liked it. My friend ended up going to their 102 class and loved it so much that I signed up for 102, too. I was actually offered a new job while in the 102 class, but I declined it in order to pursue my education with Code Fellows. I made it through the 201 course and was prepping to take the 301 course when I became interested in their cybersecurity track. I decided to take the Cybersecurity 101 course and began considering switching tracks.

What inspired you to pivot from Code Fellows’ Software Development courses to enrolling in their Cybersecurity track?

There is enormous demand for cybersecurity in the marketplace and a shortage of talent for the opportunities out there. After being laid off, having job security was important to me. I didn’t want to be the Software Developer who doesn't know what's going on under the hood of my computer. I knew Code Fellows’ cybersecurity course would help me get my computer networking and cybersecurity fundamentals down. Even if I didn’t go into a cybersecurity career, the knowledge would help me round out my skills as a developer. But the more I got into the cybersecurity course, the more I was excited about it, and the more I saw the need for cybersecurity professionals who can speak both business and tech. 

How much programming did you need to know in order to apply to Code Fellows’ cybersecurity program?

You don’t need to know how to code to enroll in their cybersecurity sequence. They have courses designed to meet students where they are at, so depending on your experience you can either start at the 101 level or test into a higher level (201-401). Half of my cohort knew little to no coding, and the other half had a coding background. For me, understanding how to learn code from my early Software Development classes at Code Fellows ended up being really helpful in the cybersecurity classes. 

Did you receive any COVID-19 scholarships from Code Fellows?

Code Fellows was offering 50% off for anyone whose job status was affected by COVID-19, and this tuition discount was a huge deal for me. Code Fellows’ tuition is worth every penny, but so many of us have to be careful with our finances right now. I was a recipient of a full scholarship for the cybersecurity program, and it made a tremendous difference. I paid it forward by offering as much feedback as possible on the cybersecurity program, and I am currently a TA for the day and night cybersecurity programs.

I also appreciate the Code Fellows’ commitment to their scholarships, especially for diversity. My cohort was diverse, and it's one of the reasons I advocate Code Fellows and wanted to be a part of their teaching staff. 

Why is it important that the cybersecurity industry diversify its workforce now?

The more diverse the workforce is, the more well-rounded it is. In cybersecurity, it’s beneficial to have a diverse mindset and experience in order to think critically and creatively around how to harden your systems and mitigate risks of cyberattacks. Right now, the workforce needs more education about how to stay secure, and to find the solution to that problem requires a diverse understanding of how people work and move around in the world. 

What was a typical day like in Code Fellows’ remote cybersecurity program? 

We had intense lectures from 9am to 12pm, followed by lab time with available support staff. Since everyone is learning how to work remotely and stay connected, Code Fellows gave us lots of communication channels. I felt connected to the instructional staff and my cohort using Slack and the other tools we had.

What did you actually learn in the cybersecurity curriculum?

The cybersecurity curriculum teaches you Bash scripting, PowerShell scripting, and Python scripting to execute a lot of the functions and automations you might need in security or a DevSecOps role. 

• In Cybersecurity 102, Code Fellows gave us an intro to computer operations where we literally took computers apart, broke down the tower, examined the motherboard, and removed and replaced the RAM. They wanted us to get familiar with exactly what was under the hood.
• In Cybersecurity 201, we covered the foundations of computer operation where we learned to use the terminal, native programs, and different operating systems like Linux, Windows, and Mac. Code Fellows taught us how to connect things, shell in, and perform basic computer functions. The skillset would help us apply our knowledge to land a help desk service technician job — a common, entry-level position for people who get into network and security. 
• In Cybersecurity 301, we covered networking, network architecture, and systems administration. This prepared us for setting up local area networks, cloud solutions,  firewalls, and virtual private network connections. It also taught us how to work on the cloud to set up virtual private cloud networks. You need to know networking inside and out before you can start learning how to plug up those gaps in security and safety. 
• In Cybersecurity 401, we moved into true cybersecurity. It was a longer course where we covered malware analysis, threat detection, pen-testing and ethical hacking.

Were there any benefits to taking Code Fellows’ Cybersecurity courses online instead of in-person?

I loved taking the Cybersecurity courses remotely! Learning cybersecurity remotely worked out well because I didn't have to commute. I could see everything on my computer, and I could grab snapshots to use as a reference later. Even if I could attend the course on campus or online, I would have still chosen to learn remotely.

What kinds of projects did you work on?

The projects varied depending on which course we were in:

• In 201, we set up a presentation as if we were pitching to a company to be their managed service provider. We discussed how we would support IT tickets, create policies, and the like. 
• In 301, we had a capstone project that moved a theoretical company from an all-on premise network solution to a hybrid solution where some of their tech was on premises and some of it was hosted in the cloud. We had a choice to work with Amazon Web Services, Microsoft Azure, or Google Cloud Platform, and set up the architecture there. We had to explain how it would be a win for the company and what the benefits were. 
• In 401, we had both a midterm project and a final project. The midterm project was a tabletop demonstration and exercise of what happened during a well-known cyber breach. My team presented on the 2013 Target breach, and we gave a quick demo scenario of that, talking about mitigation going forward. Many people who get into cybersecurity want to be ethical hackers or pentesters, so our final capstone project was a pen testing engagement. Code Fellows put us into teams of four and gave us 48 hours to break into a black box system. We knew nothing about it besides that it was from a guy named Ben who worked in accounting. We did our best to hack the system, and our instructional staff set up an environment in Amazon Web Services to test against. For two days, we tried to break in, do privilege escalation, and afterward, they gave us full access to the system so that we could talk about how we would shore up those gaps and mitigate the risk of a breach. We wrote up a full pen-testing report of what we found and did mitigation solutions.

Do Code Fellows’ cybersecurity students build a portfolio?

In cybersecurity, there is a lot of theoretical education and certification, but we also have hands-on labs, documentation, proof, evidence, and projects that we can show employers to demonstrate our skills and knowledge of different tools. All of my cohort has a full portfolio of work on either our GitHub profiles or accessible via Google Drive links we can share with potential employers. 

How did Code Fellows prepare you for the job hunt?

Code Fellows has an entire career curriculum that supports folks who are breaking into cybersecurity. It involves career coaching, workshops, and breakouts — an exercise in 401 where fellow students give each other technical interviews. Code Fellows makes sure to cover both field-specific career information as well as general career advice. In 201 and 301 there was an occasional career assignment, but every Friday in 401, we had a career workshop where we focused on resume review, working on your personal pitch, negotiating your job offer, how to conduct targeted job searches, how to prepare for your interview with research, and technical interviews. In order to pass 401, we had a technical interview with an instructor followed by a 10 question, technical quiz. 

The campus director at Code Fellows also focuses full-time on supporting students and helping them in the job search. During the program, we had an interview with the campus director to discuss our job search. The campus director coached us more wherever we needed it before we entered the Code Fellows' alumni network. Before I accepted my current job at CareRev, I had a technical interview with another company and Code Fellows' coaching and training was an immense help for preparing for that interview. 

What roles did you feel qualified to apply for once you finished the 401 class?

I felt like I could confidently land a role as an IT technician, Level 1 SOC analyst, or junior pen-tester. I was lucky enough to get a job in cybersecurity right after the program, but I am still working towards getting my CISSP certification, which is a multiple-year process. Ultimately, I want to target a Chief Information Security Officer (CISO). I'm continuously working to develop my skills in cybersecurity and expanding my resume with experience in the tech space.

Did you receive any cybersecurity certifications after graduating from Code Fellows?

Code Fellows designs the courses to meet cybersecurity exam objectives. The 201 course is geared towards preparing you for the CompTIA A+ exam. The 301 course prepares students for the CompTIA Network+ and 401 prepares you to tackle Security+. 

If you can, I recommend taking the exams right after you finish a course. I had intended to take the exams during our one-week break between courses, but I didn't. I'm now actively studying for my Security+ because the 401 class is freshest in my mind. 

Congratulations on your new cybersecurity role at CareRev! How did you get the job? 

CareRev is a tech company that offers nurses an extra stream of income and creates flexible staffing for the healthcare systems — it’s like Uber for medical staffing! It really does help efficiently and effectively address staffing gaps in our healthcare system. I found this cybersecurity and compliance analyst role at CareRev through networking. The CTO at CareRev knew I went through Code Fellows’ cybersecurity program, and his team is working to have a more formal role in security. This position started as a contract role that then became permanent. 

Did you feel prepared to work remotely after graduating from a remote program?

Yes, absolutely!

What kinds of projects are you currently working on at CareRev?

I am only a month in, so I'm becoming familiar with our system and figuring out the opportunities to create new risk policies and audits to tighten up our organization. CareRev is very secure, but there is always a potential threat for hackers. 

One of my main tasks right now is talking to potential partners and addressing any of their concerns about the platform. It's becoming more common for software and service providers to maintain SOC 2 compliance and have a knowledgeable team that can speak to the security protocol and posture of a company to potential partners so that they know their data is being protected. My role at CareRev is a great opportunity to see how security protocol and posture integrate with business needs and continuity. 

How does your previous experience in business inform your new career in cybersecurity?

I have a broader appreciation for cybersecurity because of my business background. I'm helping my current team close deals because security is a growth strategy. If we can't speak to our potential partners' concerns about the safety and security of their data, we cannot close that sale or protect their data (which is more important). Coming from a business background, I am familiar with the business team’s concern about the placement of controls that may hinder meeting objectives and the needs of the team and customers. I can understand what the pain points are, and now I have enough context to connect it to my new career in security to meet people where they are.  

Now that you’re working in cybersecurity in the real world, are you using everything you learned at Code Fellows? 

I am using so much of what I learned from Code Fellows and also my previous experience in the business world. My current cybersecurity role isn't very technical. It’s more focused on government risk and compliance. I complete around 100 Google searches a day learning new things, and I'm leveling up my Google Workspace Admin Skills. 

What has been your biggest challenge in this journey to becoming a cybersecurity professional?

When I'm not careful, I get overwhelmed by how much more there is to learn. I will have 42 tabs open on my browser, and I feel lost. What do I do first? Luckily, I have fantastic mentors on LinkedIn who are always there to help. 

Are you happy that you went down this route and got into cybersecurity?

100%! Completing the Code Fellows' cybersecurity program opened up a whole new world to me. Even though cybersecurity can be difficult to break into, the community is super welcoming. There are so many Discord channels, Slack channels, organizations, webinars, and affordable education. The cybersecurity field encourages and rewards constant learning and curiosity. I feel empowered to continue learning and doing the research. 

That said, I still want to finish Code Fellows’ software development program because I love Code Fellows and I think coding is fun. Additional knowledge of coding will only help me in my cybersecurity career. 

As a Code Fellows' TA and recent program grad, what is your advice to incoming cybersecurity students?

Code Fellows is a firehose of information. It's hard, but it’s also so rewarding. Figure out what interests you and start pursuing that. Nobody is going to learn everything about cybersecurity, but there is a niche for everyone! I recommend that everyone first get a good understanding of networking. If you are into pen-testing, start experimenting with tools. If you want to be a malware analyst or move into government risk and compliance, bring in a strong writing background and practice. 

Document everything for your own reference. When you can't remember your steps, you can then go back and look at your own reference material. Technical documentation is usually not fun to read through, so the more you get used to that and get better at it, the better the whole tech space will be.

Find out more and read Coding Fellows reviews on Course Report. This article was produced by the Course Report team in partnership with Coding Fellows.