{"id":66368,"date":"2022-12-15T20:30:11","date_gmt":"2022-12-15T19:30:11","guid":{"rendered":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/?p=66368"},"modified":"2022-12-15T20:30:14","modified_gmt":"2022-12-15T19:30:14","slug":"career-pivot-endpoint-management-to-security","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/12\/15\/career-pivot-endpoint-management-to-security\/","title":{"rendered":"Career Pivot: Endpoint Management to Security"},"content":{"rendered":"
\"A<\/figure>\n\n\n\n

These days, security is a hot topic area for sure. As more and more colleagues talk about their exciting cyber stories over lunch and share them over TikTok, it becomes increasingly clear for many of the listeners that their old, mundane professional existence could possibly be stoked by a career change.<\/p>\n\n\n\n

But, as many stories are told and as fascinating as they may be, here\u2019s the rub \u2013 more security folks are needed. There\u2019s a verified shortage.<\/p>\n\n\n\n

There are many resources available to get started. Take, for example, a recent post from Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management at Microsoft. The post, titled \u201cThe door is open for anyone to become a cyber defender<\/a>\u201d, relays a valuable list of resources for promoting learning and awareness of these opportunities including Microsoft\u2019s cybersecurity jobs campaign, the Microsoft Cybersecurity Scholarship Program, Microsoft DigiGirlz, the Microsoft Learn for Educators program, LinkedIn Learning, Microsoft Learn, and more.<\/p>\n\n\n\n

And this is just part of our efforts. There\u2019s more from us, but there\u2019s also a long list of other providers delivering content, workshops, college classes and others. An Internet search will expose all of these \u2013 the good and the bad.<\/p>\n\n\n\n

The resources are endless, but it can be daunting learning something new \u2013 particularly if you\u2019ve been employed in the same exact area for a long time.<\/p>\n\n\n\n

I\u2019ve been fortunate. My career has spanned over 2 decades and over half of that time was spent being deeply embedded in managing endpoints. I started working in Systems Management Server (SMS), then on to System Center Configuration Manager (SCCM), then Microsoft Endpoint Manager and Intune. Through all of this I\u2019ve been a very public, very community-focused person. That led to me being known fairly well by people in that realm. It also afforded me the ability to share my expertise and knowledge through books, articles, blogs, and lots and lots of conferences (both virtual and in-person).<\/p>\n\n\n\n

Many of those that have tracked my career have seen my evolution from endpoint manager to security person. So, when I\u2019m recognised at conferences and during virtual events, I\u2019m regularly asked about how I made my conversion. My answer is pretty clear, because for me it was a very easy transition.<\/p>\n\n\n\n

If you\u2019ve spent any time managing devices and users over your career, you are a very good prospect for a career in security. In fact, you are more likely to succeed than most. It\u2019s a logical move. In the remainder of this article, allow me to substantiate this claim.<\/p>\n\n\n\n

Same Old, Same Old<\/h2>\n\n\n\n

The same log files you use to verify compliance, identify troubled users, and use to troubleshoot bad applications, bad drivers, and bad devices are some of the same log files that are used to expose security threats. Same logs, different uses. Instead of finding that warning about a driver conflict, look for what that newly installed driver may have tried to accomplish after installation. That driver may not have been a driver at all. It could have been a uniquely disguised piece of malware.<\/p>\n\n\n\n

Of course, there are tools to sift through and expose those security warnings for you, but your experience and knowledge of log structure and data research is key to making sure the correct data is highlighted. Understanding how logs work and how they flow gives you unique insights into how data creates a storyline of how an event takes place. This is important. In a modern security world, we are striving to work with storylines and timelines instead of just a series of seemingly unconnected occurrences. As an endpoint management person, you are regularly tasked with tying together disparate events for troubleshooting purposes.<\/p>\n\n\n\n

Vast and Diverse Capability<\/h2>\n\n\n\n

I also know that those that have worked with endpoint and user management and monitoring for any length of time have some mad skills because they have to general knowledge over a lot of different things. Securing the workplace and the organisation\u2019s electronic assets involves all the things.<\/p>\n\n\n\n

I don\u2019t know a single person that has ever worked with SCCM that doesn\u2019t have vast knowledge in areas like:<\/p>\n\n\n

    \n
  1. Driver management<\/li>\n
  2. Networking<\/span><\/li>\n
  3. Software deployment and installation<\/span><\/li>\n
  4. Windows events<\/span><\/li>\n
  5. Windows workstation and Windows server<\/span><\/li>\n
  6. Security updates<\/span><\/li>\n
  7. Devices (Android and iOS)<\/span><\/li>\n
  8. SQL Server<\/span><\/li>\n
  9. User profiles and identity<\/span><\/li>\n
  10. Device compliance<\/span><\/li>\n<\/ol>\n\n\n

    And this list represents just the first ten I could think of – there\u2019s plenty more. Think about what you do every single day. Consider that each of those areas \u2013 each of those things you\u2019re skilled in \u2013 are part of a larger security story and it\u2019s this type and level of knowledge that makes you a top candidate for a career in security.<\/p>\n\n\n\n

    Learn Here, Apply There<\/h2>\n\n\n\n

    I don\u2019t want to discount the resources provided in Vasu\u2019s blog post; in fact, I\u2019d like to bolster them. As someone interested in that next big thing, these resources are a great way to get started. Security (and cybersecurity) can be a whole new avenue to take what you already know and apply it somewhere else \u2013 possibly in an area that can reinvigorate you for the next half or more of your career.<\/p>\n\n\n\n

    It would make me so happy to hear from you at the next conference or webinar on how you rebooted and energised your career.<\/p>\n\n\n\n

    Learn more<\/h3>\n\n\n\n