Name: Mario Damar Bardowell
Title: Security Analyst
Employer: Leidos
Location: Orlando, Florida, U.S.A.
Degree: B.S. in Network Systems Communications
Years in IT: 8
Years in information security: 2
Cybersecurity certifications: SSCP, CISSP, CompTIA’s CASP and Security +, CEH

 

How did you decide upon a career in cybersecurity?

The decision to pursue a career in cybersecurity was made due to the impression I received when I got a chance to work with an information security professional in my very first role as a help desk analyst. The man was sharp and always did things by the book. He didn’t cut corners and showed me why securing systems was critical to a business’s success. It was then that I knew I wanted to put my time and effort into becoming an information security professional. The impact and difference he made in his role is something that motivated me to pursue a career in cybersecurity.

Why did you get your SSCP^®?

As I gained experience as a IT professional I found myself with a great opportunity to be promoted to my current role as a security analyst, but was challenged by my manager to get the SSCP certification prior to starting the role. I was hungry for the chance to finally move into cybersecurity and bought books and registered for online classes to make sure I would pass the exam. I believe luck is when preparedness meets opportunity, and those two things came together for me as I cleared the exam and received my new title. It was the proudest day in my career.

What is a typical day like for you? 

My typical day starts with checking logs, approving or denying certain software to run in my environment, and researching new threats and how best to defend against them. Due to changes in my department, I have more influence and sit on the change advisory board that allows me to ask questions about the risk that may be associated with the requested changes. Upgrading systems and scanning for vulnerabilities is a part of our “plan-do-check-act” (PDCA) methodology that keeps myself and our system administrators busy. Building relationships with vendors is also important for future projects that require a proof of concept deployment before management signs off. This gives us the top down approach to expedite the security initiatives that are required for business success.

Can you tell us about a personal career highlight? 

A personal career highlight for me is my ability to create documentation that helps staff and the IT department personnel know how to use the security systems we have in place. I was told once that you don’t really know something unless you can teach it. In my line of work, I like to say “if you don’t document it, you can’t teach it or understand it.” I have had great success in my career because I have taken the time to document crucial steps for keeping systems running securely and keeping systems available for those who are authorized to use them.

How has the SSCP certification helped you in your career?

The SSCP certification has allowed my mangers to provide me with more complex work. It has helped me financially and gave me the confidence to go after the CISSP^® certification. I have a deeper understanding and commitment to information security because of my journey to becoming an SSCP. The certification has opened the door for me to lead projects like USB encryption, password self-service functionality, and Network Access Control. It has also placed me at the table for some of my firms most critical discussions where my ideas are valued and respected. 

 

What is the most useful advice you have for other information security professionals?

The best advice I have to offer to infosec professionals is this – always attach yourself to something bigger than yourself. Don’t ever be afraid to fail and when you want something as bad as I wanted the career that I have made for myself, understand that it’s about the journey and never about the destination. The journey is where you learn the skills necessary to keep you at the destination you may arrive.

 

For more information on the Systems Security Certified Practitioner certification, download our Ultimate Guide to the SSCP .