Create A Pipeline of Cyber Talent

Create A Pipeline of Cyber Talent

The demand for cybertalent is sky high. It’s very competitive to get those people with key skills. What if you were to train your staff and give them the skills you want? Essentially, what if you were to grow your own unicorn?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our special guest, Jesse Whaley, CISO, Amtrak.

Got feedback? Join the conversation on LinkedIn.

Huge thanks to our sponsor, Opal

Opal is building the next generation of intelligent identity. Identity is one of the last great enterprise frontiers. It’s fragmented with legacy architecture. Opal’s mission is to empower teams to understand and calibrate access end to end, and to build identity security for scale. Learn more by at

Full Transcript



[David Spark] The demand for cyber talent is sky high. It’s very competitive to get those people with the skills you want. What if you were to train your staff and give them the skills you want? Essentially, what if you were to grow your own unicorn?

[Voiceover] You’re listening to Defense in Depth.

[David Spark] Welcome to Defense in Depth. I’m David Spark, producer of the CISO Series and joining me for this very episode is Geoff Belknap. He’s the CISO over at LinkedIn. Geoff, say hello to the audience.

[Geoff Belknap] David, how are you? And audience, a pleasure as always.

[David Spark] Our sponsor for today’s episode is Opal – secure the identity perimeter. That’s Opal. More about just that a little bit later in the show. But first, Geoff, wouldn’t it be nice to find security professionals with all the skills you want but finding those people is very difficult, yes? You’ve had that experience?

[Geoff Belknap] Boy howdy, is it ever. 

[David Spark] So, what often happens is when a person leaves an organization, the company wants to hire a new person for the skill level that person had when they left, not the skill level they had when they entered the organization. So, if it’s so hard to find people with the right skills on day one, the only other solution is to train people to have those skills.

In other words, create a pipeline of cyber talent, or as our guest, Jesse Whaley, CISO of Amtrak, calls it – grow your own unicorn. So, Geoff, have you done both hired people with all the talent and grown your own unicorn?

[Geoff Belknap] Yeah, absolutely. I am a large proponent of this approach, and I want to make one differentiation. I think about it as two pipelines – an external pipeline and an internal pipeline. You should have an external pipeline of people that you think might be good and people that might have skills and working on those things with your training programs, maybe apprenticeship programs, but you should also have an internal pipeline that is how do we grow people through the phases of their career internally so that the next person is ready to step up when somebody leaves instead of having to go out to the market and hire somebody that’s exceedingly talented, meets all the qualifications you have, and learning after about six months that you can’t find or afford that person.

[David Spark] Very, very good point. Well, I just mentioned our guest right now, thrilled to have him on, and I’m going to sort of tease this a little bit. Jesse did something kind of amazing and that’s why he’s so qualified for this discussion. He had a staff of only 3 people when he came in, and he now has a staff of 100, and he will talk about how exactly he created that.

So, it is the CISO of Amtrak, Jesse Whaley. Jesse, thank you so much for joining us.

[Jesse Whaley] Thanks for having me. It’s good to be here on Defense in Depth.

How do I start? 


[David Spark] Simone Petrella of N2K Networks said, “You don’t build a good team without knowing about all the positions on the field and putting the right plan in place to develop the players that will fit those roles. Figure out the right mix of talent and prioritize the hiring, training on the job, and other experiences to make them as successful as a team as possible.” And Jorge G.

Lopez of Zoom said, “You need to have unicorns already in your team to be able to create more of them. Training programs are good and even necessary. How much, like athletes, you need coaches to help ‘tune performance’ and create a shortcut to greatness.” So, very good points here of know what team you want to create and you’re going to need coaches along the way.

Geoff, do you adopt that philosophy?

[Geoff Belknap] Absolutely. I think one of the best things we can do to close the supposed talent gap is to fill it ourselves, right, fill it with training. And I think the way I like to think about this at LinkedIn is thinking about it as skills-first hiring, right? We can’t rely on a broken labor market to just give us endless amounts of people that have every skill we could ever hope for.

We have to find people that have the basic fundamental skills that we need to learn the ability to do the job, and then put them in either an apprenticeship or an entry-level role or just a role where you can teach them the skills that they are missing or improve and hone the experiences that they already have and get them fairly rapidly up to the skill level that you need.

Having these people around is fantastic, they love to do the work. If they’re in a career change, they’re excited, this is their dream job. It’s an amazing difference with people that are driven and motivated to improve themselves versus the frustrating experience it can be to find somebody who’s that one perfect person.

And so we spend a lot of time on that.

[David Spark] That is a very, very good point. Jesse, here’s what I want to know. When you came in at Amtrak with a very small staff, were you given a head count of get 97 more? And when did you realize, “I’m not going to be able to hire these people, I’m going to have to grow my own,” or did you know that right away?

What was the sort of understanding you had?

[Jesse Whaley] Well, I mean, I think the understanding and to get to the number of, say, 100, it certainly didn’t come overnight, and it really started with a team around 20 to 30. But I think with any CISO coming into a role, probably the most important thing that a CISO could learn is the business environment, to understand how the business functions, and what business you’re really in.

So, Amtrak is not just in the business of running trains, we’re owner/operator in three different critical infrastructure sectors – transportation, energy, emergency services. Then we’re also in the real estate business, we have a lot of property, and we’re a construction company, we build critical infrastructure – bridges, tunnels, all sorts of fun stuff.

And so kind of then understanding that the total business environment landscape, that helped me shape the capabilities that the cybersecurity team needed to have, which then I could align the people requirements that I needed for those capabilities.

How do we handle this? 


[David Spark] Umar aka Chris Carter of Optiv said, “Proscriptively offer this,” and by the way, I did a little editing here, I took out one of his tips, but, “One, identify internal interest, then develop a pipeline of interns, develop tailored training programs, knowledge sharing via mentorship and shadowing to create a pathway to certifications and continuing education.” And Michelle L.

said, “Train people on rotation like the Japanese method where everyone gets some experience and offer real accredited training and foster a culture of questions.” So, I’m going to go to you first, Jesse. You kind of did stuff like this, especially around interns, and there was also another pipeline that you went for.

Can you explain?

[Jesse Whaley] Yeah. So, there were actually three pipelines that I created to build the talent that I needed to get from, say, the 30 head count to the 100. The main pipeline there was our internship program where we brought on 36 interns and they rotated through all 16 job roles within the cybersecurity organization.

[David Spark] Wow. In what period of time? So, 16 job roles, what period of time?

[Jesse Whaley] Two semesters.

[David Spark] Two semesters, 16 job roles? That’s amazing.

[Jesse Whaley] Yeah. So, there was a lot of rotation. Every intern was aligned with an advisor which was a mid or senior cybersecurity staff member. And they worked individual projects within the teams that they were assigned during the rotation plus they worked on group projects as a cohort. So, within those 36 interns, there were 6 different cohorts of 6 interns working on cohort-specific projects.

And so it’s just amazing what can they do when you turn them loose. So, that was the main pipeline and then having a high conversion rate into FTEs when they graduate.

[David Spark] That’s great.

[Jesse Whaley] But the second pipeline that I mentioned was leveraging the military SkillBridge program, and that actually gives us an opportunity to bring on mid- to senior-level candidates through a fellowship that the military puts on for transitioning service members. Their last six months in the military, they can come to your corporation and serve on a fellowship at no cost to you or your company.

[David Spark] That’s amazing.

[Jesse Whaley] And if you have the role ready for them, you can place them directly into a role that they’re eligible for. And the third pipeline here is what Amtrak calls a Management Trainee Program. So, as you know, Amtrak has a lot of frontline workers, people that drive trains and conductors collect tickets and sell tickets at stations and all sorts of maintenance and mechanical staff.

So, Amtrak has long had a Management Trainee Program to provide opportunities for blue collar workers to become white collar workers, so there’s also a pathway here for railroad workers to become cybersecurity workers. 

[David Spark] And do you have a few of those on your staff?

[Jesse Whaley] We’ve got a few people on our staff now that came from the trenches of the railroad.

[David Spark] Very cool, all three of those pipelines. All right. Geoff, talk to me about your pipelines.

[Geoff Belknap] I was very impressed by our pipelines but now I feel like I have been one-upped by Jesse. This is fantastic work.

[David Spark] By the way, I haven’t heard… Jesse’s pipelines are impressive. They are cool.

[Geoff Belknap] These are very impressive. But you know what? They’re exactly what all of us should be doing. And I don’t think because Amtrak is a quasi-governmental body that they’re the only ones that can do this. LinkedIn has its own humble programs that we use. One is called Year Up which is a public program that we are a partner with that takes people that are fairly early career and that may have a nontraditional academic path and gets them ready and puts them in internships.

So, we take them frequently into internships, and those can develop into full-time roles. 

They can also develop into our other program that we have which is an apprenticeship program called the REACH Apprenticeship. Information is available about that on our website. And even if you are mid or senior level in your career but you might be transitioning careers, like you might be coming from the military where you did a different job or maybe you were a plumber, or even if you weren’t in tech, you were a cashier, you can now transition yourself to an apprenticeship program where you identify that you have the fundamental basic skills, some basic computer skills and some other slightly more advanced things than that.

And then we will take you into a program where over the course of up to five years, we will invest in you and develop you and partner you with mentors and have you rotate through different things. You will potentially transition into a full-time role from there. 

All of these things are basically doing the same thing, which I love, which is taking people that might not be in that role today, that have the skills and experiences needed to be successful and training them and giving them the rest of the skills they need to be fully performing in that job. Security is one of those places where we do best when people have differences of perspective and taking people from all of these different career tracks and walks of life do wonders for making the security program a much stronger place.

[David Spark] I want to talk about this switching career people. So, the people like you described, Jesse, who were in the trenches, or what you said, someone who could be conceivably a cashier. These are people who they go online and they’re eagerly wanting to advise like, “What do I do next? I’ll just do it, just tell me.

What’s the program I need? What do I do?” And unfortunately there’s, I think, a lot of misinformation out there and a lot of companies that say, “Get our certification, you’re guaranteed a job,” nonsense like that. What would your general advice be for that kind of person? I’ll start with you, Jesse.

[Jesse Whaley] So, I want to answer this by circling back to something Geoff said about Year Up internships, which is an excellent program. That is not directly involved in my pipeline; however, we do leverage Year Up here at Amtrak. And that is another recruiting vehicle for me because I will observe the Year Up interns that are providing tech support for the company, and most of them have an interest in cybersecurity, by the way.

If they’re doing tech support, they’re not doing tech support because they want to do tech support. Most of the time they’re doing tech support because they want to do cyber. I don’t know, that’s just kind of what I’ve found. 

And so they’ll ask me quite often, “Well, what do we need to do to get into cybersecurity? You guys have an amazing internship program, how do I get in?” Then I provide them access to resources that make it easy for them to apply for an internship, but too, our internship programs require them to be college students.

Then I’ll provide them access to scholarship links for both Amtrak and external scholarship opportunities so that they can go and study cybersecurity, whether it’s just individual courses or doing a full college workload. But the requirements to get into my internship programs are that you be a student, so sometimes it’s just taking some night classes and we’re able to get them into the program.

So, it’s a combination of getting them pointed to the right educational opportunities and creating the right learning opportunities, either within their current job, or creating that pathway to a future job but through an internship or job shadowing program or apprentices, anything like that.

[David Spark] You have it really well structured. Geoff, what do you say again to the person who’s looking to make the leap into cyber from somewhere else and they’re going to get bombarded with a lot of sales misinformation, things like that?

[Geoff Belknap] I think that’s a great point, and let’s just dwell on that for a second. There are, unfortunately, a lot of maybe well-meaning but less helpful or less reputable training programs out there where they’re looking to extract cash, right? These programs that Jesse and I are talking about are cost-free to most people.

They require you to apply, some of them have eligibility requirements. The real programs that will help you will not charge you for that. And there are some programs I’ll say, I’ll share someone I know very well without naming any names, was a musician, a studio musician for a while, enjoyed doing that quite a bit, but came to me and said, “I’d really like to settle down with somebody but you know what people my age like?

It’s not musicians. It’s people with healthcare. And I would really like a steady job that has healthcare that…”

[David Spark] I know this desire. Yes.

[Geoff Belknap] Yeah. And what this person did is they put themselves in a boot camp. They researched all this and they put themselves in a boot camp and now they’re a professional software engineer. And I think it’s that motivation, like if you have that feeling in you for whatever reason that the career you’re in, or if you have a lack of career, all you really need to do is, A, believe in yourself and, B, motivate yourself to go look for these opportunities.

They are out there. Now they’re not all easy to get into, but when you do get into them, if you treat it like it’s your job to learn this new profession, you will go very far. There is nothing that you can’t do if you put your mind to it and you decide that this is going to be your new career, and I have seen time and time again this be a successful path for people.

Sponsor – Opal 


[David Spark] Before we go on any further, I do want to mention our sponsor, and that’s Opal. Identity. Think identity when you think Opal. All right. Access can be hard to calibrate. The “who you are,” “what you do,” “why you need it,” it’s a complex set of relationships. When framed against the reality of work, it’s not just about implementing the best practices we know, but how to integrate them with the culture and habits of a particular organization.


So, for the teams responsible for nailing this balance, this can be a daunting task. The policies can be complex, and in sensitive systems the stakes are high. You know this. Too much access, and you give a bad actor an opening, at worst resulting in a company-ending breach. Yikes. And then on the opposite side, too little, and you put roadblocks between people and their work, thereby slowing the business down.

That’s not good either. Okay? So, you got to find that happy medium.

Opal is designed to give teams the building blocks for IAM – that’s identity access management – strategies and seamlessly apply intelligent policies that are built to grow with your organization. Whether that’s setting good rules for day one access or helping to clean up the rat’s nest of these long-lived access in the cloud with time controls.

So, Opal is used by best-in-class security teams today, such as, let me list a few off, Figma, Databricks, Blend, Marqeta, Scale AI, and lots more. There is no one-size-fits-all when it comes to access. Our audience knows that. But they’re here – that being Opal – they’re here to provide the guardrails every step of the way.

Check them out at

What must a security leader be able to do? 


[David Spark] T.J. Patterson of STAR Financial Bank said, “Demonstrate how to fail wisely and continuously show people how their work brings value to the organization. In an unplanned training opportunity, allow someone to watch you fail in the middle of a project or security event.” I don’t know how exactly you plan that, but he goes on, T.J.

says, “Let them see your thought process, any calculated risks, and lessons learned. When a security analyst can deliver bad news in a manner that is appreciated by the front staff, that’s value worth talking about. The security landscape will continue to evolve. Those who fail wisely and bring value consistently are well equipped to help organizations grow alongside it.” And Dan Desko of Echelon Risk + Cyber said, “At some point, you need to step back and let people run free a bit and either make mistakes they can learn from or succeed or both.” So, Jesse, I’m very interested with especially all the [Inaudible 00:19:05] green people there.

Is there a way you create a sandbox to allow them to make a few mistakes along the way?

[Jesse Whaley] Yeah. Well, I mean, first off, David, no one person should have the keys to the kingdom, so to speak, that could really do a lot of damage.

[David Spark] Right. Everything requires two keys at the same time.

[Jesse Whaley] Something like that, yes. But it’s also creating the environment where… I’ll just say that I have two pet peeves, and they’re kind of like one is don’t fail silently. Like, if you’re failing and you know that you are, I mean, speak up, tell somebody, stand on top of the desk and yell for help.

[David Spark] Yeah.

[Jesse Whaley] And creating an environment where that’s okay to do it, right? The second peeve I have, I’ll just share since we’re here, is that don’t be a self-licking ice cream cone. I don’t know, if you haven’t heard this…

[Geoff Belknap] Wait! Wait! Wait! A what?

[David Spark] Wait, hold on, a self-licking ice cream cone, all right. I’m absorbing this. Go ahead, Jesse. We’re going with your metaphor. Go for it.

[Jesse Whaley] There was actually a NASA paper written back in the ’90s and it was entitled On Self-Licking Ice Cream Cones. It was about the space station program and the space shuttle program, how they were two great programs, but they didn’t work together. So, they both ended becoming the self-licking ice cream cones where nobody was able to benefit from the other.

So, making sure that people understand the value and benefit of the work that they’re doing, and that everything that they do should translate into a value for either the rest of their team, another team, the rest of the company, and understanding how all that works. But getting back to the topic at hand here, it’s enabling an environment where people are not afraid to say that they’re failing and they need help and creating an environment where it’s okay to fail and to fail fast and figure out what you learned and try, try again.

[David Spark] All right. Geoff, I’m going to ask you. Do you have a failure ice cream cone at your office?

[Geoff Belknap] [Laughter] I don’t. And I don’t know how to come back from self-licking ice cream cones, but I’m going to do my best. I think the way I think about this particular problem is you have to create a culture, as a leader, you have to create a culture where it is safe to fail. And I think that happens in a bunch of different ways.

I think T.J. and Dan here are suggesting kind of the same thing, it’s in the same vein as this.

[David Spark] And by the way, let me ask both of you, and I’m going to just pause you, have you had an opportunity yourself, Geoff, to fail sort of publicly in front of your group and make that a learning lesson for people?

[Geoff Belknap] All day every day. 

[David Spark] And you still have your job.

[Geoff Belknap] I still have my job. And honestly, I think that’s part of it is we just need to convince people that, hey, InfoSec is not about never making a mistake. It’s about correcting that mistake as quickly as you can, and making a mistake is not the end of your career, it is just the beginning of a new lesson in life.

Jesse, have you had a similar experience?

[Jesse Whaley] Yes. Every day. Exactly. And there’s constantly… I’m actually looking for opportunities to let people know I messed up because it creates that culture where it’s okay to mess up and you’re not going to get fired as long as it doesn’t compromise the entire C-suite and burns down the moneymaker for the company.

Then we might have problems. But I think having a culture where even the seniormost leaders can say, “I screwed up. Can I get some help fixing my mistake?”

[Geoff Belknap] Yeah. The thing that we do at LinkedIn that’s really helpful here is we do something called a blameless postmortem. And even if we’re not doing a formal postmortem for something that didn’t go right, we frequently give each other feedback and make efforts to really talk about what went wrong, what we can learn from that in a way that’s not, “Hey, Jesse screwed this up, and this is why Jesse needs to do better next time.” We talk about like, “Hey, someone made this decision when they should have made this other decision and here’s how they could do better next time,” but it rarely, when something goes wrong, is just that a person did something wrong.

And I think building a culture where it’s safe is a place where you realize that you’re not going to get screamed at, you’re not going to get fired, you’re not going to get embarrassed and drummed out of the career path just because you made a mistake or because a security issue happened on your watch.

What’s the best way to grow your staff? 


[David Spark] Ashley W. of Practical Infosec said, “Set realistic tasks which require thinking and problem solving, then get out of the way. This is where the real learning comes in.” And Jesse Webb of Avalon Healthcare Solutions said, “It takes your willingness to invest your own personal time in personal development, and it takes development of safe space to learn, experiment, and make mistakes.

This will pay off in multi-skilled, loyal team members.” So, I want to talk about this sort of getting out of the way. There’s a certain amount you need to explain and there’s a certain amount you need to let them discover. I got to assume that’s a balance you learn over time. Can you describe that balance, Geoff?

[Geoff Belknap] The balance really is this – there is not one way to solve a problem. And if you take a step back and you teach somebody what they need to do and just let them do it without hovering over the shoulder – I mean, once they’re competent enough to do something on their own – what you’re going to learn is a new way to do something.

And that new way might not be efficient or effective or it might be a brand-new way that you had never thought of before that is a great way to solve this problem. And that’s what I mean by that diversity of perspective, right? It’s just strictly people have different ways of thinking about these problems, and when you let them solve it in their own way, a lot of times that’s generative and beneficial for everybody.

[David Spark] I’m going to quote Andy Ellis, the co-host of the other podcast, in his new book, which I read, which is great, that’s 1% Leadership, he says, “Often people are going to do things differently than the way you would do it and it’ll get done and that’s okay. Don’t sweat it.”

[Geoff Belknap] Precisely.

[David Spark] Jesse, I want to know from you, where do you strike that balance? Where do you find that balance?

[Jesse Whaley] Sure. Well, I mean, I agree with everything that’s been said so far from both the quotes that you read plus Andy’s and Geoff’s. All good stuff. To formalize things a little bit here with how do you grow and train your staff is everyone from intern to CISO has goals in our HR system. Everyone from intern to CISO has a development plan in the HR system.

So we know exactly what every single person in the entire organization is working on to develop their own skillsets, and how the development of those skillsets are going to play into the development of the entire team. And so beyond those formal things, it really does come down to giving them the space to do great things.

And I can tell you, 36 interns will come up with much better ways to do things than I could ever come up with on my own.

[David Spark] You know what? Let me close with this question, for both of you. I’ll start with you, Geoff. What have you learned from an intern? Anything.

[Geoff Belknap] Oh, well, I’ll tell you the number one thing I’ve learned is there are a variety of new paths to get to the cybersecurity career path, right? It is no longer just an accident where you have to hack things on your own. There are straight-up mainstream academic paths and there are nontraditional paths and there is absolutely zero way to predict who is going to do better in the career path until you sit down and do the work with them.

And I think it just goes to show that talent is evenly distributed, opportunity is not. And as long as you’re opening up the opportunity window for more people, you’re going to be really impressed by the talent that you meet.

[David Spark] Very good, all right. Jesse, what have you learned from an intern?

[Jesse Whaley] Yeah. A whole lot of things, even specifically about our own environment, just based off of problems that we’ve turned them loose on. And like, boy, I didn’t know that. I think I need to go readjust my strategy here. And just day in and day out, they never cease to amaze me, that interns can really be valuable team players and extensive contributors to your team if you’re trying to grow your team.

And if you treat them well, you give them the opportunities to learn and do great things, they will do exactly that.

[David Spark] Good point. Yeah. They’re eager to learn, they’re eager to impress. That’s the thing that I think is really key because they want to succeed.

[Geoff Belknap] Yeah. And I think the other thing to keep in mind is intern doesn’t mean they’re clueless and you have to show them how to write emails or something like that. It just means they’re new to this particular career domain. You’ll be really impressed by the people that are out there that are considered entry level but have a ton of skills and experience.

[David Spark] Very good point.



[David Spark] All right. We’ve come to the end of our show where I ask both of you which quote was your favorite and why, and I’m going to start with you, Jesse. Which of these quotes was your favorite and why?

[Jesse Whaley] So, I liked Michelle L’s quote where she said, “Train people on rotation like the Japanese method where everyone gets some experience. Offer real accredited training, foster a culture of questions,” etc. I like that one because it’s most closely aligned with the values that I’ve put into my training program for my people.

[David Spark] All right.. And Geoff, your favorite quote?

[Geoff Belknap] Boy. A real high-quality quote fest today but I’m going to go with Chris Carter from Optiv who gave us a really easy-to-implement proscriptive strategy here of just identify internal interests, build a pipeline, develop a training program, and set together – and I think this is really important, so I’m going to underline this – a formal mentorship or shadowing or knowledge transfer program.

You have to partner them with people on your team that are both interested in and good at helping people learn new things. And that is the strategy right there. I know what Jesse and I are saying sounds super complicated but it really isn’t. Here you go. Chris has the entire strategy for you right here.

[David Spark] You just literally have to plan for it like you plan for other things in your program, it’s as simple as that, but it has to actually be done.

[Geoff Belknap] And it is not without its cost but the value you get for that investment is really going to be worth it.

[David Spark] Oh, yes, definitely. And Jesse is a living example of just that. He’s the poster child of building a pipeline, of which we’re all jealous of, I think.

[Geoff Belknap] A giant among other CISOs.

[David Spark] All right. Jesse Whaley, CISO over at Amtrak, I’m going to ask the question – are you hiring?

[Jesse Whaley] We are always hiring. Come on over to

[David Spark] Get into the Amtrak pipeline.

[Jesse Whaley] Or look at our job postings on LinkedIn. That’s another great place to find a job.

[David Spark] Ah.

[Geoff Belknap] Hmm.

[David Spark] LinkedIn. Are you familiar with that site, Geoff?

[Geoff Belknap] I don’t know if I am but it sounds like a great thing to check out.

[David Spark] Mm-hmm. A great place to look for jobs, whether you’re looking for Jesse, whether for Geoff, whether anywhere else.

[Geoff Belknap] A great place to improve your knowledge and find all kinds of opportunities.

[David Spark] Oh, yes. You can find knowledge I believe in your knowledge base program which used to be – what was it called?

[Geoff Belknap] It was originally Lynda.

[David Spark] Lynda, that’s it,

[Geoff Belknap] Now it is LinkedIn Learning which is a fantastic opportunity, and I’m sorry this is now a plug, but it is a fantastic place for you to learn new skills and then you can advertise those skills on your profile so that if you’re looking for an opportunity like this that is entry level, you can advertise that you have the skills necessary to succeed.

[David Spark] Excellent. Thank you very much, Geoff. Thank you very much, Jesse. Thank you to our audience. We greatly appreciate your contributions and listening to Defense in Depth.

[Voiceover] We’ve reached the end of Defense in Depth. Make sure to subscribe so you don’t miss yet another hot topic in cybersecurity. This show thrives on your contributions. Please write a review, leave a comment on LinkedIn or on our site where you’ll also see plenty of ways to participate, including recording a question or a comment for the show.

If you’re interested in sponsoring the podcast, contact David Spark directly at Thank you for listening to Defense in Depth.

David Spark is the founder of CISO Series where he produces and co-hosts many of the shows. Spark is a veteran tech journalist having appeared in dozens of media outlets for almost three decades.