Back to Blog

Meet the Mentor // Wesley Lee

Posted by Flatiron School on December 1, 2025

Welcome to the eighth episode in our “Meet the Mentor” series where we get to know Flatiron School mentors in an interview-style conversation. Whether you’re just starting out or looking to level up, these stories are packed with practical advice, encouragement, and insights to help you navigate your own path in tech. Each article includes a mentor snapshot + links to follow their work, their video interview, and their Q&A transcript with links to any references.

Follow along and discover the people shaping the future of tech, one student at a time!

Meet Wesley Lee

From mass communication to cybersecurity professional, Wesley’s journey reflects exploration and lifelong learning. Now working in ICS/OT security at Accenture, he helps protect the critical infrastructure that supports everyday life, from clean water and food safety to electricity and transportation.

In his Meet the Mentor interview, he encourages others to stay curious, embrace mistakes, and keep learning. He reminds aspiring professionals that success doesn’t require taking on heavy student debt; what matters most is gaining practical skills and real-world experience. Through his mentorship, he continues to inspire the next generation of cybersecurity professionals to grow with purpose and confidence.

Snapshot

Current Job Title: ICS/OT Security Manager and Flatiron School Facilitator

Current Employer: Accenture

Past Employers: Protiviti, Leidos

Experience: 15 years in Cybersecurity

LinkedIn: https://www.linkedin.com/in/wl293/

Technical/Professional Skills: Penetration Testing, Vulnerability Assessments, Incident Response, Threat Hunting, Network Security Monitoring, Red Teaming, Vulnerability Management, Cloud Security, OT/ICS Security

Teaching/Mentoring Experience: He has an experience working as a Cybersecurity Consultant.

Words of Wisdom: “A smart person learn from their mistake. A wise person learn from other people’s mistake. So be the wise person.”

Favorite Part of Your Job: “Being creative in defending a lot of different things.”

Meet the Mentor Interview with Wesley Lee

Q&A Transcript

Introduction: Who are you and what do you do now?

  • Can you tell us a bit about yourself and what you’re working on these days?
    • My name is Wesley. I’ve been doing cybersecurity for about 15 years. When I think about it, time is really flying. A little bit about me: I’m a facilitator here at Flatiron, and I mentor many of the cybersecurity courses. I come from a vast amount of experience, much of it in the government space. I’m actually from the Washington, DC area. If you’ve ever lived there, you know that one way or another, you either work for the government or do work for the government as a contractor. How I got my start is a bit of a long story. I graduated from school with a mass communications degree and worked in television for a little while, specifically in news broadcasting. They told me I had a lazy tongue, which I didn’t know what that was. In broadcasting, it meant I could work on it, but I realized that wasn’t for me. I wasn’t going to be on CNN at that point in my life. But what happened was it’s a cliche story. I was sitting on the couch. A commercial came on and said, “Hey, cybersecurity is big. This is big in the field. It’s the next generation of things.” They had all the marketing around it, and I needed a job. What better way to get a job than to find a niche where there was a need and start on the same playing field with everybody else? I went to another school to get my Master’s at the University of Maryland University. I got my Masters in cybersecurity and pretty much my career started from there. I got a couple of certifications as well and my career shot off from there. I started with the Department of Defense, working with all the military installations, such as the Navy, Army, Marine Corps, and Air Force. But I started there doing a lot of security operations there, moved to instant response, digital forensics, penetration testing, assessment and auditing, and governance, risk, and compliance. I did it all in the military space. I never was in the military; it wasn’t my thing, but I got the skills and networking and moved on in that field. So essentially what I did, I moved out from the DC area to Atlanta, Georgia. Life brought me down here. And so I’m currently in the Atlanta, Georgia area. A lot of what I do now, going back a little bit. Transitioning out of the government space, I moved into the private sector space, actually doing Operational Technology (OT) and Industrial Control Systems (ICS) security. What OT and ICS security is, I call them the things that’s not IT. We look at things like Walmart, Amazon and things. They have all these websites, DNS and everything between. OT security is a lot of the under-deserved IT infrastructure that we take for granted, but we use everyday so think of things like public transportation water, electricity, and telecommunications. Biomedical getting food manufacturing farms, and these really do allow a lot of the IT systems that we use it everyday in our world. I work a lot more in OT and ICS. It’s just really everything outside of more to the traditional IT. Oil and gas is one of the things I work in as well. But yes, that’s what I do. I’ve done it for consulting companies. I’ve done it for just big corporations as well. But right now, what I do, I do OT and ICS security for Accenture. What I do is pretty much help people protect their critical infrastructure, make sure we have clean water, safe food, safe public railways, the street lights are working. I know traffic still happens, but that’s one of the things I do, along with some other infrastructure and IT things. But that’s a little bit about me.
  • What’s your role at your company?
    • A lot of OT and ICS security, it’s a lot of assessments and we’re defending things. So in OT and ICS, that industry is really behind the eight ball when it comes to technology. Microsoft is out with the latest and greatest of operating systems. So I think Windows, well, Windows is the latest operating system out right now. A lot of our OT and ICS operating system runs on Windows 3.1, really old technology and operating systems. Think of it like this: when you buy a house or you buy a big unit, something like a heated HVAC heating and ventilation system. You don’t kind of buy it to replace it every 3-5 years. And computers really have a short lifespan, like 3-5 years. You buy that for like maybe 25 years, maybe probably 30 now, depending on what you’re getting. So we really are trying to defend things that are over 30, 40, 60, sometimes 80 years old, putting in new technologies and trying to defend certain landscapes. So a lot of things we do, we go in there, we assess, see, go in to try to understand the business: “What did you do? How do you actually make money and how to protect you from modern adversaries and what they’re doing now?” After assessments, we go in and say, “Hey, these are the defense things we need to put in place.” I call it cyber hygiene. Cyber hygiene is just the basic things you need to do to just be defendable. Things like having correct firewalls, caching where you can, segmenting things off from that standpoint. OT and ICS is almost like a different industry in the sense where it uses a different context. One of the things that it covers is the Purdue Model. The Purdue Model is just really a reference architect of how OT and ICS should be set, not really should be segmented, but more so how we reference this layer versus this layer versus this layer. It’s just one of those things in networking we may hear things like OSI Model (Open System Interconnection Model) and how we talk about networking from physical to application layer. But then again, we also talk about the TCP/IP layer, which is pretty much the same thing. But one is more reference in how we talk. The other one is more so how we work. So we use the Purdue model and more so talk about it. But it works a little bit differently in every different environment. We go in and do an instant response, actually implementing solution implementation. So people want to put in vulnerability management. We’ll take the nesters and make it work for that organization. We do things such as configuration hardening. So configuration hardening is something such as just going in and hardening the machines, like taking things off like, “Hey, this is something that use clear text. And maybe that’s something that we’re okay with or we want this to be encrypted traffic.” Now, in OT and ICS, there are little caveats here. And I’m talking about encrypted traffic. Encrypted traffic may not be as important to some places as they are to others. When we think about maybe banks and everything, encrypted traffic is very important. But we’re thinking about electricity. We’re not really thinking about encryption because it adds a little bit of overhead. So we have to have discussions about things like that because do we want electricity to get from here to here as fast as possible? Or do we want electricity to get here to here in an encrypted fashion? And we sometimes say, “Hey, encryption is not an important thing here.” We have to balance those needs based on what the company does and what the organization does. But that’s pretty much most of what it is. And we pretty much wash, rinse, repeat.
  • Has your role changed in the last few years because of AI?
    • So the answer is yes and no. So somebody who’s been in technology for a while, and AI is not really to a place, personally speaking, AI is not really to a place where people fear that it is. We have a lot of marketing and hype about AI does this, AI does that. This is not the iRobot phase in our lifetime. I don’t particularly think we’re at that phase. AI has come a long way from when it was studied, which was back in the eighties. AI has been studied way back in the 80s by IBM. That’s one of the things that we can look up. But AI has shaped the way we’re pretty much understanding or deciphering information. AI is really good at looking at a lot of information and making determinations. So yes, it has shaped the way how we look at things. We have spreadsheets and mountains of data that we’re looking at day in and day out versus what we looked at about not even just 5 years ago but 10 years ago or 20 years ago. We just have mountains of data, and AI has really just shaped in how we process and read that “Hey, we have this data. Tell me the interesting things I need to know, especially in OT and ICS.” Now, I will say this: OT and ICS is very slow to move with technology. When I say that, we’re just now getting people to kind of really convert over to cloud because it’s not really a reliable thing. As we notice, there’s been some outages recently. I think Amazon went down 2 days ago. And Microsoft just went down yesterday with a lot of their stuff. So there’s a lot of hesitation where it’s like we still have to get clean water or get electricity from one place to another. Because like I said, electricity makes a bad day for everybody. And so OT and IC is very slow to adopt a lot of technology for good reason. And AI is going to be one of those things. We’ll see AI being used in some places on some cutting edge, but it’s going to be very few places. It has changed dramatically in how we read data and how we look at things. But in OT and ICS, there’s still the traditional things like, “Hey, no, we’re going to do it this way because it works.” And we’re more so making it work versus using the latest and greatest. The safety reliability is the two foremost things that you want to do when working in OT and ICS, not really the latest and greatest and everything. AI may come after your electricity bill to kind of say what you used, what you didn’t use, and things like that. From a business perspective, if you look at your company, they’re using AI to kind of say, “Hey, this is how much you used, this is how much you didn’t use.” And they can look at these data readings. So what used to happen, and it still happens to this day, you have people to go out and read your meters and say, “Okay, cool, your meter has this, your meter has that.” And it was math that’s done between. AI is definitely great at doing that. But as far as just taking over the whole section of like, “Hey, how are we moving electricity from this place to this place?” Or how are we getting, I won’t say tainted water, but like we’re making clean water from here to here. No, that’s not the thing. We still rely on manual processes, manual technology, older technology because it still works. So AI is great in certain places, but it’s not there to replace any human yet. They can replace certain tasks, that’s repeatable tasks. But as far as just replacing humans, I personally don’t believe that we’re there yet. Maybe we’ll get there at one point. It has made leaps and bounds for where it’s going and what we can do and the things that have done. But no, I don’t think it’s coming for, especially OT and ICS yet.
  • Are there any ways that you’re using AI personally for your role?
    • One thing I definitely teach in all the mentor classes is that AI is really good at helping you find and narrow pinpoint information. The one thing you’re going to realize when working in pretty much any tech, especially cybersecurity, you’re not going to know everything. You’re going to see things that’s very uncommon, very not normal to you. You’re going to learn how things work from a very grand scale, but then, when you get down to the micro scale of things you’re really going to see while I have no clue what this is. I have no clue what this process is. This looks weird. Why is this working this way? And AI really can help pinpoint that thing. So I use AI personally, and more so when I see something that’s not really familiar. Let’s say a file path directory. I use a file path directory and say, “Hey, see programs, see users program, whatever the file path is. What is this application, what is this?” and like just having that information, it can go research “Hey listen, it’s this application. This is where it usually belongs” and it helps me understand “Okay cool, I know what I’m looking at now.” I know what application I’m looking at, and now I can go see actually how this works and really just using it to build upon that knowledge so it really does help find that information because you’re not going to know everything and this is what anybody whether you’re in traditional IT, OT, and ICS web or any type of tech, you’re not going to know everything. Definitely leverage AI to pretty much understand things. It’ll tell you how to do a lot of the basic and simple stuff. I’m a fan of it as far as just using it in your everyday learning and your everyday, even usage for the most part, even learning as your usage. I know some people when they come into class, this is their first time using Linux. Linux is just a different operating system. In a sense, it’s not Windows where it’s very user-friendly, but sometimes they’re using a terminal where I don’t know what this command means, or I don’t know what this error means. “Okay, cool. Take that error, put it in ChatGPT or Copilot and let it display what it is.” Great at definitely learning, “Hey, this is what this means. This is how you can fix it. This is how you can go about it.” So definitely using it for troubleshooting and really gathering information and pinpointing information. But beforehand, we actually just had to go to Google. And it sounds so Stone Age when you say it, but it’s still sometimes the way I do it. We had to actually put things in Google and actually go read the websites to find the information we needed. And they didn’t really tell you. We had to look at the top three websites. And maybe we had to go to page 3 or 4. Sounds so Stone Age now, but no, this is how we’re doing things. So that’s absolutely how I use AI in my everyday career.
  • What are the key skills crucial to the workplace now?
    • I think the biggest crucial skill is really understanding the underlying technology. The one thing I definitely say, and it doesn’t matter what any tool or anything that you’re working with, understanding how it works in the sense of just any tool, technology really does help you understand any tool better. I do this a lot with SIEM (Security Information and Event Management). It’s where people just put all their logs in their systems and computer logs into, and it spits out results. You can filter and spit out results. Now, essentially, all a SIM does is really aggregates information, takes pretty much information from everywhere. And it comes in very dirty. When I say dirty, it’s sometimes just one long string. Sometimes it comes in like JSON, where it’s actually very structured. Sometimes this come in as just XML. You get these things, and your SIM comes in, and it normalizes it. It says, “Okay, cool. This is a time field. We’re going to put this in a time field.” This is kind of the message. We’re going to put this in a message. It’s taking that from all these different types of logs and just normalizing it. After that, you’re more so like filtering it. Once you get it in and then normalize it, you’re filtering. Tell me what happened between this time to this time and maybe this event code or this computer name or this website, this domain you’re filtering it. And after that, you’re really just visualizing it. It doesn’t matter what SIEM you use. You can pick the best ones, which is Splunk, QRadar, Elastic, or anything. And even the worst ones that you don’t know, they all work the same. Understanding how that works is pretty much the key cornerstone on all this. What makes them different are very minute differences behind it. I say it like this. It’s like understanding high definition TVs. You have all these different versions. QLED, OLED, whatever LED, this, that, and the third. They all give you a great picture. Some are better at gaming. They vary minute differences. The biggest difference in all of these are pretty much the remote. It’s not really how you turn it on, how you power it on. You still plug it up and power on, but the power button may be at the bottom, maybe at the top right. The volume may be on the side of the control versus the bottom. The key crucial skill is pretty much just trying to understand the technology to the underlying degree. Now, you don’t have to understand every line of code, every software, or every line of code or everything that the software does, but understanding how the technology works will definitely take you really far in your career. I think the other thing that you want to do as far as crucial skills, just be able to be ready to learn, be ready to research. One biggest thing I’d say, and I mentioned this before, is that you’re going to run into things that you have no clue about what they are. Being able to research and find things because I still do this to the day. I run into things even at the same company. I run into things that I’ve never seen before. The engineer who worked on a development moved on or they moved on to life one way or another and “Hey, the person who wrote this document is no longer here and we have no way to understand what this is.” Being able to research and have those research skills and being able to really take those things and learn. Based on what I’m seeing, we could kind of refer, this is what the developer was doing, or this is what the person who designed this was able to do. Having those research skills really does go a long way to being very successful in this field. Because like I said, you’re going to see things, computers do a lot of interesting things. Some is very weird. It’s like, I have no explanation for it. It’s just did it this way. And sometimes it’s just the way your computer works versus like, “Hey, it works exactly how it’s supposed to work, but it’s bad. It’s exactly how you read it’s supposed to work, but this is bad in how it works.” So being able to understand the fundamental technology of how it works and really being able to just research it because that’s pretty much what security is. Security is pretty much understanding what normal is and what’s abnormal. Once you understand what normal is as far as certain aspects like, “Oh, this is how DNS works, this is how ports work, so this is how I get to the Internet.” Once you understand how it works normally and like most computers will work. Abnormal becomes very obvious and you’ll see it. And that’s pretty much the biggest thing which we’re doing as cybersecurity. We’re understanding what normal is. So when abnormal happens, “That’s not how it’s supposed to work. Let me understand why.” And this is where those understanding those underlying computer, how technology works and how being able to research really comes into play to become a great security analyst, engineer, CISO, anything in between.

Career Journey: How did you get here?

  • What inspired you to pursue a career in tech?
    • We go through different phases in our lives. Younger me, I needed the money. That was the biggest thing. I’m not going to sit here, lie, and say it wasn’t a thing. At some point when we graduate school, we want to make money to sustain ourselves, live a life that we want, and that was the biggest motivation at that point. The whole goal when I graduated was like, “Hey, let me get a job. Let met me make some money right now.” I think that’s OK. I tell people, “Hey, wherever you’re at in that point, especially in your younger years, if money is the thing you lack, then fine, do it.” At some point, I started to really look at what am I doing, what I actually wanted to do. And it was actually in my third job. I had a boss who asked me exactly what do you want to do? And I didn’t have an answer. I knew how to do stuff, but I didn’t have an answer. And so I went back and thought about it. One of the things I did in school, I did travel abroad. I like traveling abroad because I like learning culture, learning things, especially things that are different from me. It helped me expand my mind and expand my horizon in a lot of things, a lot of understanding. One of the things that I did like doing, I like traveling. I like international affairs. I like the conflict that goes with it, but it’s interesting to me. For whatever reason, it was one of those things. I looked at BBC, CNN International, International News, whatever, picked them. I looked at it. Even if I didn’t understand what was going on, I liked it because it was interesting to me. So essentially when I came back and went, I came back down to the route of saying, “Hey, okay, I want to do international affairs. I don’t think I have enough money to go to like American University or Georgetown.” I was still living in D.C. at the time. Those schools are very expensive. But what’s the best way to get there? Okay, let me find a global problem. And so a global problem with cybersecurity. I have a route and I’m doing a little bit of this and so it’s still finding a global problem and really working on that to get more to international affairs. That’s pretty much my goal. That’s still always been my goal. It just seems that life takes you certain ways and everything in between. I do like what I do. I like that, especially the OT and ICS. I will say this. At some point in my career, I got bored with the traditional side of it. Why? Because a lot of it is very mature in a sense. There’s a lot of things to tell you what to do, like the CIS Critical Security Controls. You have security hardening guys. There’s a lot of resources out there that really tells you how to do great cybersecurity. Then this document standards, the ISO 27 standards. There’s really a lot of documentation. So essentially, at one point I was repeating myself on a lot of things and referencing these things and it became very repeatable. I will say OT and ICS made the complete shift in what I really liked about this. The thing with OT, ICS, everything is different. How you look at it, what are you doing, how do you secure it. And it’s one of these things where you really do have to be creative in defending a lot of these things. I call it the “left twix, right twix.” I don’t know if you’ve ever seen that commercial, but you have right twix makes it one way, the left twix makes it another way. And essentially, that’s exactly how OT and ICS is. You can be in the same organization, the same building, but if you go next door, they do something completely different because that’s how it works there. You have to get creative in OT and ICS because you actually are dealing with life, death, and livelihood with a lot of things. In traditional IT, email don’t come in within a minute. Okay, let me go get a coffee and things like that. You don’t get a packet from one end to another that really causes this generator to explode. Like I said, it’s a bad day for everybody. There’s livelihood really impacted here. So I found that being really creative in OT and ICS, really resparked that passion and just being in that security field. It’s different. What does that mean, different? Different can mean sometimes to say, “Hey, and this has happened before multiple times, is that we’re looking at something and say, “Hey, we’re responding to an incident.” And say, “Hey, there’s malware on here. Okay, great. There’s malware.” “Hey, we should clean it up. What do you mean we don’t clean? Is it reaching out? Is it doing anything malicious? Like, no, it’s dormant. I mean, it can’t reach out to anything because it doesn’t connect to anything. All right, cool. Listen, this is a $50M operation. We’ll clean it up next time.” And you have to live with that. You have to live like, “Okay, so we’re just going to keep malware on here?” Yes. That’s the thing. We’re not hurting anybody. It’s not killing anybody. It’s not reaching out to anything. We isolated it. That’s what it is. We’ll live with it until we get to that maintenance cycle. And that’s the thing you have to live with being creative. I’m looking at this the first time around. I’m saying, “Hey, this is bad. I don’t like this. It shouldn’t be like this. But when you get into it and you understand, like, “No, you have to realize we can take this down, but we’re losing $50M a minute. Are you going to explain to the CEO that we’re losing $50M/month because you want to get this off?” And, you know, it takes an hour to get off. You now become down to this risk versus reward. So looking at a little bit differently and being creative and how things work, because things do have impact to people live, society in the place we live in, the places we go to, the place we work, the things that we use every day. This actually impacts the drinking water of my children, my kids, my mom, my grandma, your pets, this impacts all that. And it’s another way of thinking about it.
  • Did your education play a big role in your journey?
    • It may be a little bit controversial in how I look at it now. When I was growing up and raised, we were always taught, “You go to school, get good grades, you go to college, get a good job” and everything like that. And that still is true to some degree in some fields. I think now the cybersecurity landscape has changed. And I think a lot of people are recognizing that you don’t necessarily need a college degree to kind of be in cybersecurity. So I went to go get a Master’s degree. I’m not going to say it didn’t help me or it didn’t hurt me or help me. If I did it again, I probably wouldn’t have done it. I will say that just to get a cyber. One of the biggest thing is that you have places like Flatiron School, you have all the bootcamps and places like that, whereas a quarter of the calls or a tenth of the calls, they get the same skills. Then, most of the same skills that I’ve learned just more so on the job. So, it did help in a sense of like maybe schooling, but that was the old way of thinking. And I think that’s probably one of the things that why Flatiron School is successful and why a lot of these bootcamps and a lot of these certification programs are very successful. I don’t need to know general English one-on-one or two-on-one to really be able to kind of fix your DNS and go forward. Like, yes, I do need to communicate and speak English and know the math and everything like that. Yes, I do need general education courses or need to know how to do that. But as far as the education, I think it’s changed for the most part. It’s definitely shifted. And I think a lot of people have understood how much education does play a big role. I don’t think you need to go to a $40-$70K school to be very successful in cybersecurity. Definitely take the route that helps you get the skills that you need. I think coming to places like Flatiron and these bootcamps, it’s more like a trade school. It’s just like how you become an engineer, HVAC (Heating, Ventilation, Air Conditioning) technician, a plumber. It’s the same thing as a trade school. It’s a tenth of the price. You get the skills, you gain the skills, you get the experience, and you go live a successful life with very little minimal debt versus taking out these loans at big schools. Education did play a big role because of where I came in. That was pretty much the story of how you went. Do I tell people go the same route I do? No, I definitely tell them skip the Masters. You don’t have to do it now. I will say this. If somebody is paying for you, have an employer paying for it, absolutely go for it. I mean, it’s all free school and free money. It’s always something that I encourage everybody to do. But that’s pretty much kind of more so how education played a big role. I would say if I had to do it again, I probably wouldn’t have done a Master’s. Now, the Bachelor’s did help because I was able to kind of study abroad and everything, transition from communications to cybersecurity. But understanding what I knew, if I just would have saw a commercial and kind of knew what I knew now, I probably would have just took that money that I spent on a Master’s and really just say, “Hey, let me get a couple of certifications, let me practice these skills, or let me come to place such as Flatiron to get these skills, to really understand these skills, apply them and then go apply.” Would it have made a difference in my career? Who knows? I’m not sure. If I knew the future, I’ll probably be winning the lottery four times in a row. So that’s where we’re at. But that’s probably, I would say it did play a role. I think just understanding return on investment at this point is the biggest thing. Student loans are with you forever. There’s something that I want to say I preach, but especially people I mentor, it’s like, “Hey, if you don’t have to take student loans to learn something that really doesn’t require student loans, please don’t do it. Spend just how much money, the Flatiron money or whatever, a tenth of the price of the money for a manageable price. Learn the skills and when you get the job and go back, apply these things and really be as less in debt as you can be especially with student loans.”

Lessons Learned: What have you learned along the way?

  • What’s one lesson or insight from your career that’s stuck with you? Was there a moment where you faced a major challenge or failure, and how did you grow from it?
    • I face failures everyday of my life. I’ll tell you that. It is a failure everyday. I remember this one thing. This was a tweet a while ago. I think Sony had an outage. They had an outage for something. Something went down, and it was the intern who did. It was great, it was a great marketing but it was one of those things where this is the thing about this thing, which is a lesson I learned. If you don’t mess it up, you don’t break it, you didn’t learn anything. I know it sounds really bad. I mean, obviously, you don’t want to be testing electricity, but, you know, like, okay, email went down and whatever. Okay, cool, email went out, life went on. But there was a tweet that came out from Sony that was like, “Yeah, hey, the intern messed up, pushed this out, and we’re fixing it.” The community rallied behind this person, and they told all their stories like, “Hey, I’m going to tell you, one time I took down a whole email server. I took down a whole website. I took down a whole company. Hey, I messed up and migrated over things and deleted stuff.” Everybody has these stories who work in tech. Everybody does. And it’s one of those lessons that you’re going to mess up, you’re going to do things, and these are the biggest lessons you’re going to learn. One of the things I take from that—I wish I could find it—but I knew it came up during my career. It was just a thing where it’s like, hey, all the great people, people who’ve done it before, they’ll tell you the same stories like, “Hey, yeah, the intern did it. Hey, you messed up. OK, great. We can fix it.” The biggest thing is we can fix it. You know, we learned a lesson. We learned what we should do. We learned what not to do. That’s something that’s have been like a lesson and something that stuck me through my whole career. You’re going to mess up. You’re going to take things down. You’re going to mess up. It’s Okay. All right. It’s part of it. It’s part of the journey. It’s part of the lesson. You know, as I said, it’s better to lose $500 than $50,000. That’s all I like to say to this. I’m okay with losing $500; $50,000, I’m kind of, you know, I’m going to cry a little bit, maybe a lot. I’m going to cry a lot. So that’s probably one of the biggest things. I’ll go back to that tweet that came out where, like I said, Sony went down. They said, “Hey, it was the intern,” but we talked about it and we fixed it. And the community really did rally behind and say, “Hey, let me tell you my story.” They had full-blown stories like, “Hey, I took my whole system down,” or, “I took the whole ER down. They had to do everything manually,” or, “Hey, the buses had to actually write tickets,” or, “Hey, nobody could get email for 24 hours.” And these are some of the things you’re going to learn. It’s going to stick with you. Take them as war scars, battle scars. And it’s in every career. Take them with you. You learn something. Go through the hard stuff and do it. So that’s probably the biggest lesson that I’ve taken with me is that you’re going to mess up. You’re going if you haven’t messed up. If you haven’t messed up, I don’t think you’ve learned. I don’t want to say I think you’ve learned enough if you haven’t messed up. Then, you know, you don’t have the battle scars. Then, you know, go get some, let’s go find some. Not purposely, not purposely, but, you know, let’s figure out what happened and why. It sounds like you have to have thick skin in cybersecurity. It’s not that. Yeah. No, it depends on where you’re at. It depends on where you’re at. I don’t want to say thick skin. It’s one of those things that we’re not going to say take risks, but I’m not going to say don’t take risks either. Obviously, you know, there are things that really do matter, like you said, when AWS goes down or Azure goes down, where a lot of people depend on them. Yes, they do have an impact, but life still goes on. The OT and ICS side is a little bit different. Like, hey, electricity goes out. No, we can’t really afford that. There are laws and fees behind it, like million-dollar fees for things like that. But take the time to learn. Like, hey, listen, I’m thinking about doing this, that, and the third. You’re going to mess up. You may put in a bad command. You may do this. All right, cool. Let’s figure it out. Let’s see what happens. Sometimes, as I say, you’re testing the incident response. If you mess up something, it’s like, “Hey, can we actually restore this?” Like, “Hey, now we know that we needed this and we couldn’t restore it, so we had to back it up somewhere else.” So it’s okay to kind of I don’t want to say it’s about having thick skin. You’re going to mess up. You’re going to do things. You’re going to not understand stuff. You’re going to fat-finger something. It’s okay. It’s all right. Usually, most of it is always fixable. Most of it is very fixable. You may have to bring in a senior guy and say, “Hey, yeah, I did this before. I know how to do this.” We’ll bring it back up and we’ll move on with life.

Mentorship: Why did you decide to become a mentor?

  • How did you first hear about Flatiron School and what drew you to the school? What inspired you to become a mentor?
    • Mentoring is, what inspired me to become a mentor is more so like, when I was working for a consulting firm, I always got mentees and people whose first job was pretty much, when I say first real job, I mean a job with a 401(k) and FICA. What that means when it comes out of your paycheck like, if you know, you know. If you don’t, then it’s a good Google question: what is FICA and everything like that. Knowing that a lot of people came in with the same big dreams that I did, I’m not here to shoot them down. I’m definitely not here to shoot them down. But really, just saying, okay, cool. Asking that question that my boss asked me that one time: what do you want to do? And a lot of them say, I don’t know. And honestly, that’s okay. I thought, that’s okay. Let me kind of introduce you to some things to say, hey, here’s something to think about. These are some growing things that maybe you can explore, see what you like, see what you do, go try things. A lot of people come into this field just learning stuff and kind of not knowing what they’re doing. Even like some of the people who do the Flatiron class, like, hey, we’re covering a lot of things. And I want to make sure that you understand, like, hey, this career, this is a career, this is a career, this is a career. We cover a lot of things where you can really just specialize in this. And this is where you’ll go, and this is the kind of job you get. A lot of people don’t know that because I try to be honest with people. Like, if you really come to Flatiron School and things like that, you’re coming for a career change, right? Most likely, you’re coming for a career. You’re coming to learn a skill because you want to change your career. And if you come to cybersecurity, more than likely you’re coming because you want to change your career. You want something maybe better or different from what your scenery is at that point. So being able to just pass on that guidance and everything, I take this lesson as far as a saying: a smart person learns from their mistakes, a wise person learns from other people’s mistakes. So be the wise person. Learn from my mistakes. Take notice of what this is. And if you ask questions, I’m honest. I like to share my stories. I like to share the journey I went through. When people say, “Hey, I want to go to this university to learn about this.” I don’t necessarily suggest that. I’m going to tell you why. And I explain why. And I think that’s a conversation that needs to be had because this is not political or anything controversial. Debt is a huge thing in the country. People have more debt than what you should do, and student loans shouldn’t be one of them if you can help it at that point. And so, “Hey, I want to get into cybersecurity. What’s the best way to come?” I mean, I’m going to be honest. I met people who came from, they were artillery specialist. They were a missile specialist. And it’s like, “Dude, what a transition from artillery to cybersecurity. How did you even come from there?” Like, somebody said something and I learned the rest. So yeah, that’s pretty much what helped me become a mentor. It’s having a passion to teach and seeing young people come in with bright eyes and big futures saying, hey, I want to do this, but I don’t quite know where to go. We all need guidance at some point. I needed guidance. And there were people who did a thankless job, where they sat down and took the time to say, hey, this is what you need to know, this is what you need to do. Like I said, that one boss said, “Hey, what do you want to do?” I didn’t quite know, and I didn’t even know there were options out here. There are still jobs I didn’t know existed. Oh my goodness, they pay you for that now? You’d be surprised. Some people are still very surprised that, yeah, you can get paid to really break into people’s systems. Really? Yeah, you can be a professional thief if you want to, and people will pay you. Didn’t know that. Not even just in the computer side, but there’s even a physical penetration test inside where you can actually, if you like these crime mystery things, like how people get into places, like be an almost real-life spy, there are places that you can do that. And people don’t know that. Some people come in, “Hey, I don’t like coding. I don’t like the technical thing.” Like, “Hey, do you know?” You know, it’s this thing called GRC (Governance, Risk, Compliance), where everything takes place and you just need to understand what’s going on. It’s these things and these avenues that people come in, they learn a lot of things, but they don’t know what’s out there as far as opportunity and why they learned it. I think the understanding of why you’re learning it and understand what career you can get out of it is the biggest impact that I can give as far as just seeing it and being somebody who’s done a majority of it, but not everything. I’ll tell you, there’s some things I haven’t done, like software engineering. I can’t tell you about it. Not my thing. I can’t do it. But that’s pretty much what inspired me to become a mentor, just people asking and having like, hey, here are some things. Don’t make the same mistakes I have done and probably still going to make as time comes along.
  • If you could give one piece of advice to someone just starting out in tech, what would it be?
    • The biggest thing I’d say is embrace the journey. I tell this to all the mentors, all the mentees and everybody I facilitate. This is not a journey that’s going to say, “Hey, I got my shiny sheet of paper and I got a job, like give me $80K a year.” No, this is not going to be one of those. Embrace the journey. The journey means that you’re learning stuff, but you still have to do a little, I don’t say go beyond. But learn how the technology works, learn what’s going on, understand what’s going on. Because when you’re out here, you are competing against a lot of people who do have experience and people who are coming through similar bootcamps as well, some of your peers and teammates. But embrace the journey. Learn the concepts. Understand the things that’s going on. Because that’s what makes the difference in the interview. Understanding a simple question I give just to people when we go through the networking session, like, “Hey, What port does DNS use? Or does DNS use TCP or UDP? It’s like, “Oh, UDP 53. It’s like, “Okay, when does it use TCP?” No clue. And it’s like, don’t get me wrong. And it’s a gotcha question more so like, “Hey, you have to understand the journey. And so to kind of answer that question for people who are looking at it, DNS TCP is used for one or two things, zone transfer or when a packet is more than food. 512 kilobytes is one of those numbers. But it’s embracing the journey. Take the time to learn the stuff. Understand what’s going on. Maybe go a little bit beyond. Absolutely embrace people. Do YouTube University. Use AI to really, “Hey, how does DNS really work? Hey, can DNS work over TCP?” And they’ll explain to things like that. Go along for the journey because you’re going to appreciate the results so much more. And I’m not saying from like a pride of ego standpoint. It’s one of those things where you’re going to be faced with a question and you’re going to know how to approach the answer. You may not know everything about it, but you will know how to approach it and to answer it. And you’re going to be looked upon as the hero of the things. Like, “How do you know that?” It’s like, “I just read about it. I use AI the proper way. I ask AI the proper questions to get the answer.” Understanding the technology and understanding like, “Hey, how to get certain answers out of AI as well.” So that’s probably the biggest piece of advice I can give. Embrace the journey. This is not something that’s going to happen overnight. There’s work that has to be put in. It’s with anything. We like to see the end results. Even me, a lot of people like to see the end results, “Oh man, you made it. You’re this, that.” Like, “Yeah, but it was a bunch of reading. There was a bunch of things that went into really understanding what I’m doing, how I’m doing it. A bunch of messing up where I did take down certain things to understand what worked and what didn’t work.” There’s a journey that goes with this. So now I’m going to ask questions like, “Yeah, I know exactly how this works because I’ve seen this here or done this here.” Embrace the journey, including the sucky parts. I know it’s not fun, but you have to still embrace the journey.

Lightening Round Questions

  • What’s something you’re listening to or reading right now?
    • I’m still in between books and things like that, but I do like dark academy books. Last book I read was An Academy for Liars. I’m more of a listener. I’m not more of a reader, but I think it’s the Academy of Liars, like dark academy. That’s what I like.
  • What’s one product or tool you’re into right now?
    • I know it’s a bad answer, but video games.
  • What date does your next cohort start?
    • Next week.
  • Where can listeners find you?
    • LinkedIn is probably the best place you can find me.
  • What made you smile this week?
    • This interview! We’re talking about pretty much the things that I’ve done and helping out people who listen to it.

About Flatiron School

More articles by Flatiron School

Related Resources

Young happy professional business woman online teacher or tutor sitting at work desk talking to student on video call teaching remote webinar or distance web meeting on laptop computer.
8
Dec
Online

Admissions Info Session

Mon, Dec 8 @ 4:00 pm
Flatiron School

A Decade of Impact, Sparked by a Learning Experience

In 2014, Karlie Kloss, Founder of Kode with Klossy, stepped into a Flatiron School coding class out of curiosity, hoping to understand the technology shaping the world around her. Learning to code gave her a sense of empowerment and creativity that she hadn’t expected. What began as personal curiosity quickly turned into a doorway to […]
A digital illustration showing a learning path made of stepping stones leading to a shield and padlock symbolizing cybersecurity. Each step is labeled with a foundational topic: “Computer Basics,” “How Networks Work,” “Basic Math,” “Programming Logic,” and “Operating Systems.” The design includes circuit patterns to represent technology.
Flatiron School

What Is Cybersecurity? Finding Your Path in a Growing Field

When I tell people I work in cybersecurity, I usually get one of two reactions: either their eyes light up because they think it sounds cool, or they immediately say, “Oh, I could never do that! I’m not technical enough.” I get it. Cybersecurity sounds intimidating. It feels like a field reserved for people who’ve […]