while it is true that i have no prior experience in the professional sector of tech, i *have*. however, been studying computer science and programming prior to "my learning path" laid out in the corresponding blog post. in this post, i would like to dive into how the studying has gone, how aspects of my systematic approach have worked, and how things could be improved as i dive into this related but different field!
initially, i picked up computer science and programming because a close friend of mine recommended i try it. he has been a SWE for awhile, starting in high school and earning a compsci degree in college, before having joined the workforce for the past 5+ years. i genuinely had zero exposure to any of the things i was about to learn - all i could do was interact with a GUI, and poorly at that.
funnily enough, i started with a book on python, and while i was understanding concepts, i didn't really get the bigger picture. how was a for loop going to do anything for a web application? it wasn't until i started digging deeper, starting a course on the "Big 3" of web development. seeing what HTML, CSS, and JavaScript did, i was able to start connecting the dots. after that came React, and unfortunately too suddenly, Next.js. This is when i hit a level of "thinking i knew more than i did". i eventually would try another framework instead of Next.js called Remix, where the framework is built in a way that forces you to learn web standards – things like HTTP flows, and how the front-end communicates with the back-end. this experience is what got me past the plateau that "convenience" and component libraries had left me at. this also foreshadows the direction i eventually headed towards.
i built a handful of projects, but even then, i never felt super enlightened. in addition, i still had a nagging doubt in the back of my mind: "do I really care about any of this?", "is this really what I want to do full-time?"
this is where I started learning about systems design and doubled back to take Harvard's CS50, approaching programming with a “day 1 beginner” attitude. i felt a genuine passion spark up. i didn't care that much about UX/UI or web design, which were the domains of the technology i was learning before. i always used the analogy of a beautiful new sink – i didn’t wan to be the one sculpting the granite or marble, i wanted to be the guy hooking up your plumbing in a way that made sure you didn't flood your kitchen, and in a way that allowed it to be extensible for future renovations (S.O.L.I.D principles in construction haha?).
systems design introduced me to IT concepts, like HTTP/HTTPS, TCP/UDP, what a "port" is, what packets are made up of, and so on. this is a really fun subject for me, and i was kind of sad that it may end up only being emphasized in interviews. this made me start to think about a future in IT, but a part of me wanted to keep putting in effort on this SWE path, and to not jump ship just yet. it was a degree of stubborn-ness, but also a degree of checking myself! even though i did ultimately pivot, i'm grateful i exerted discipline and REALLY made sure that i wouldn't have any "what if's" in my head about changing directions from SWE.
if i had switched goals without feeling like i gave my best effort, there would be a nagging thought that i was just running away. instead, i stuck with SWE, running towards the challenging (and very boring) topics, such as data structures and algorithms. i even found moments that i enjoyed, like seeing how the contiguous nature of arrays mattered when it came to memory allocation in RAM. however, as I got exposure to low level programming concepts and interacted with the terminal more, there were far more of these a-ha moments that shot dopamine into my brain. my love for seeing the structure of the system, be it a network of computers or how code is written, lends itself more to the nature of dissection and the act of breaking and entering found in cybersecurity.
harvard's cs50 actually reinforced this sentiment. going through it, i enjoyed learning about programming for the sake of getting better at programming – not JUST in the context of web development. learning C, what a string actually was in the context the professor was using it (Professor Malan), learning about alloc(), buffer overflows, and so much more made me appreciate computers themselves! not JUST the fancy web app i see on my screen, but what's going on behind the scenes that allows for web apps to even exist. this was a great way to get back into python, the language i first started with, too – it made me really FEEL the growth i had gone through since starting.
at this point, i began allowing myself to actually learn about IT and cybersecurity. learning about algorithms is much more fun when i place it in the context of cryptography maintaining privacy and data safety vs answering leetcode questions. after journaling and sleeping on it, i finally made the commitment to change my goal from a web development job to a cybersecurity job.
the culture in cybersecurity alone is enough to warrant the switch for me. HTB's (Hack The Box Academy) module on learning was filled with reinforcements of concepts and principles that had gotten me to where i was – it was so exciting to see "hacker's" also espouse the same things! note-taking, report writing, and the learning/growth mindset. not that these are necessarily absent in SWE, but it's EMPHASIZED in a place like HTB! beyond that, the job itself is something i have a personal interest in.
i'll get further into it in another blog post, but i love thinking in systems. i love understanding the elements, the interconnections, and the functions/purposes of systems; and the sub-systems that make them up! they are everywhere, but the systems that pertain to IT and cybersecurity really click for me. the infrastructure of a network, the components of a computer, how data is stored and moved around, even the human elements involved throughout. their relationships within and throughout tickle my brain in a way that web development didn't. there's something about understanding how RAM works, understanding how programs take up chunks of memory, and how a bad actor can write code in a way that causes a buffer overflow that just provides a dopamine rush for me.
i'm very happy i started out learning about programming. i've noticed a lot of people try to shy away from it on their journey towards cybersecurity. i actually enjoy it! i can't wait to start going even more low-level actually. i'm also happy that i can still put all that hard work to use, and use my knowledge to further my efforts in cybersecurity!