people | Edmund's Infosec Blog

Edmund Hughes (@its_rad_io)

In 2017, I graduated from Virginia Tech with a degree in Mechanical Engineering. Throughout the next 7 years, I gained experience in mechanical, electrical, and civil engineering. Around 2022, I discovered the world of cybersecurity when I began reading about crypto heists, nation-state threats, and the crimes committed by various “coms”. Andy Greenberg’s books Sandworm and Tracers In The Dark were especially formative for me in making the decision to pursue cybersecurity. As I became more familiar with the field from an outside perspective, I couldn’t help but feel the desire to become an insider. Every time I read a book about information security, watched a DefCon talk on YouTube, or read an article about some new ransomware strain, I felt a palpable desire to be a part of that world. Then, one day I ran across Jack Rhysider’s The Art Of Solving Novel Problems in IT Security. He describes how in IT security, you’re not just solving problems, but solving novel problems, and that as an information security practitioner, that’s the skill that you’re really trying to hone: being able to solve problems that you–and maybe no one–has ever seen before. I knew right then, that’s what I wanted to do with my life.

After a good deal of planning and learning about IT and security alongside my full-time engineering job, I decided to take the plunge and go back to school. I quit my job and started a master’s program at Southern Utah University, which was conveniently located in the town I was living in at the time (though I have since moved out of the state). I graduated with a Masters degree in Cybersecurity in fall 2024, and since then I have been job hunting and figuring out what to do now that I have made this monumental shift.

The degree program was a great official introduction to the world of infosec on the theoretical side, but fairly light on any technical training. I had already self-taught some technical skills, but I wanted to be sure I’d measure up in the industry. Because of that I decided to get a technical certification.

I decided to go for the Hack The Box’s Certified Defensive Security Analyst (CDSA) because of its focus on practical, hands-on learning and testing. Each lesson includes live demos and problems that the students must solve before being eligible to take the exam. The exam consists of a 7-day-long simulated incident response in which the student must investigate and report on two separate security incidents. I loved this course, especially the exam. In my educational journey so far, the CDSA exam was the most interesting and engaging challenge I’ve encountered. Though the exam was only a week long, it truly gave me a sense of what it will be like to work in a SOC, and all I want now is more of that feeling.