Career Pivot: Endpoint Management to Security

These days, security is a hot topic area for sure. As more and more colleagues talk about their exciting cyber stories over lunch and share them over TikTok, it becomes increasingly clear for many of the listeners that their old, mundane professional existence could possibly be stoked by a career change.

But, as many stories are told and as fascinating as they may be, here’s the rub – more security folks are needed. There’s a verified shortage.

There are many resources available to get started. Take, for example, a recent post from Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management at Microsoft. The post, titled “The door is open for anyone to become a cyber defender”, relays a valuable list of resources for promoting learning and awareness of these opportunities including Microsoft’s cybersecurity jobs campaign, the Microsoft Cybersecurity Scholarship Program, Microsoft DigiGirlz, the Microsoft Learn for Educators program, LinkedIn Learning, Microsoft Learn, and more.

And this is just part of our efforts. There’s more from us, but there’s also a long list of other providers delivering content, workshops, college classes and others. An Internet search will expose all of these – the good and the bad.

The resources are endless, but it can be daunting learning something new – particularly if you’ve been employed in the same exact area for a long time.

I’ve been fortunate. My career has spanned over 2 decades and over half of that time was spent being deeply embedded in managing endpoints. I started working in Systems Management Server (SMS), then on to System Center Configuration Manager (SCCM), then Microsoft Endpoint Manager and Intune. Through all of this I’ve been a very public, very community-focused person. That led to me being known fairly well by people in that realm. It also afforded me the ability to share my expertise and knowledge through books, articles, blogs, and lots and lots of conferences (both virtual and in-person).

Many of those that have tracked my career have seen my evolution from endpoint manager to security person. So, when I’m recognised at conferences and during virtual events, I’m regularly asked about how I made my conversion. My answer is pretty clear, because for me it was a very easy transition.

If you’ve spent any time managing devices and users over your career, you are a very good prospect for a career in security. In fact, you are more likely to succeed than most. It’s a logical move. In the remainder of this article, allow me to substantiate this claim.

Same Old, Same Old

The same log files you use to verify compliance, identify troubled users, and use to troubleshoot bad applications, bad drivers, and bad devices are some of the same log files that are used to expose security threats. Same logs, different uses. Instead of finding that warning about a driver conflict, look for what that newly installed driver may have tried to accomplish after installation. That driver may not have been a driver at all. It could have been a uniquely disguised piece of malware.

Of course, there are tools to sift through and expose those security warnings for you, but your experience and knowledge of log structure and data research is key to making sure the correct data is highlighted. Understanding how logs work and how they flow gives you unique insights into how data creates a storyline of how an event takes place. This is important. In a modern security world, we are striving to work with storylines and timelines instead of just a series of seemingly unconnected occurrences. As an endpoint management person, you are regularly tasked with tying together disparate events for troubleshooting purposes.

Vast and Diverse Capability

I also know that those that have worked with endpoint and user management and monitoring for any length of time have some mad skills because they have to general knowledge over a lot of different things. Securing the workplace and the organisation’s electronic assets involves all the things.

I don’t know a single person that has ever worked with SCCM that doesn’t have vast knowledge in areas like:

1. Driver management
2. Networking
3. Software deployment and installation
4. Windows events
5. Windows workstation and Windows server
6. Security updates
7. Devices (Android and iOS)
8. SQL Server
9. User profiles and identity
10. Device compliance

And this list represents just the first ten I could think of – there’s plenty more. Think about what you do every single day. Consider that each of those areas – each of those things you’re skilled in – are part of a larger security story and it’s this type and level of knowledge that makes you a top candidate for a career in security.

Learn Here, Apply There

I don’t want to discount the resources provided in Vasu’s blog post; in fact, I’d like to bolster them. As someone interested in that next big thing, these resources are a great way to get started. Security (and cybersecurity) can be a whole new avenue to take what you already know and apply it somewhere else – possibly in an area that can reinvigorate you for the next half or more of your career.

It would make me so happy to hear from you at the next conference or webinar on how you rebooted and energised your career.

Learn more

• This article was written for the Monthly TechNet UK IT Pro Newsletter – sign up today!
• Digging into the security announcements from Microsoft Ignite
• New Azure features and functionality for November​ 2022