Name: John Kent
Title: Manager IT, DevSecOps
Location: Irving, Texas
Education: BAAS Computer Science, MS Cybersecurity
Years in IT: 37
Years in cybersecurity and/or privacy: 13
Cybersecurity certifications: CSSLP, CEH, CHFI
How did you decide upon a career in security software development?
My passion for software development began in 1981 and launched my career in 1987. It wasn’t until my first exposure to pen test results in 2005 that I understood software design, development, test and operations from a much wider perspective. There was so much more to programming than creating working software — it had to be resilient to malicious actors and preserve confidentiality, integrity, and availability. I was hooked! Later, when I discovered that the University of Dallas had a top cybersecurity graduate program, I switched schools and discovered the fascinating depths of information assurance.
Why did you decide to pursue your CSSLP®?
Earning the (ISC)² CSSLP certification was important to me because it augmented the value of my formal education by proving that I knew how to apply what I had had learned, paired with my extensive experience to practical business needs for secure software. The combination of (ISC)²’s reputation for high standards establishing trust and validity and the body of knowledge covered by the certification, makes the CSSLP a great choice.
In cybersecurity, no two days are the same – what is your main role in your organization?
My main objective is focused on building security, and all aspects of quality, into the software we create by leveraging automation to minimize risk and maximize speed to value for the business and our customers. I’m helping to lead and participate in the people, process, and technology transformation that an agile culture embodying DevSecOps principles demands. It’s a great opportunity to contribute knowledge as well as learn new things through daily practice and a relentless pursuit of continuous improvement.
Tell us about a project that you were particularly proud of …
My wife and I developed a highly customized website for the North Texas InfraGard Alliance as volunteers. I had served as that chapter’s IT Sector Chief early in that program. Unfortunately, I had to stop and have been looking for a way to give back to InfraGard for its support in my interest to help protect the critical infrastructure of the United States ever since. This was a great opportunity to apply CSSLP principles in the hostile Internet environment. We continued this volunteer effort by also creating the Dallas FBI Citizens Academy Alumni Association and North Texas ISSA websites. This work has led me to serve as the InfraGard National Members Alliance Technology Committee Vice Chairman and the CTO of the Cyber Law Consortium.
What impact has the CSSLP had on your career?
Credentials can open doors and create opportunities. The CSSLP certification has helped my career by demonstrating my commitment to learn the key tenets of a SSDLC to my leadership, peers, and customers. This fostered trust in circumstances where I had no relationship or history to build upon when brokering collaboration between Information Security, Operations, and Development. I frequently leverage the knowledge I gained and reinforced by preparing for the certification exam.
What advice would you give to those who are thinking about pursuing cybersecurity as a career?
Incredible opportunities await you! Embrace all aspects of the builder, breaker, and defender mindsets to learn how to be successful in each of those focus areas. Aggressively pursue and create opportunities to learn from actually doing things — don’t just read about them (but don’t do anything illegal). As a hiring Manager, I highly value what you’ve done — your ability to struggle through learning curves and diverse challenges and persevere — as much or more than formal education. Commit to learning as a lifelong pursuit.
For more information on the certification, download our free Ultimate Guide to the CSSLP.