This month’s member spotlight is Jeffrey (Jeff) Davidhizar, security analyst at Crutchfield Corporation. We asked Jeff to tell us more about how he transitioned from teaching math to middle and high school students to his career in cybersecurity.
Can you introduce yourself? Tell us a little bit about your background and what you do at Crutchfield.
Jeff: I grew up in Hampton Roads, Virginia. I attended the University of Virginia in Charlottesville for engineering, which was the first time I started using a computer consistently. A few years into college, I changed my mind and ended up getting a degree in math, more specifically, cognitive science. I graduated in 2009 during a tough hiring market. I ended up teaching middle and high school math for seven years. I taught at an all-boys boarding school in Central Virginia and then for a few years at a boys’ middle school. I enjoyed the idea of trying to help shape how kids thought about math. Hopefully, I was doing a better job of having them appreciate it instead of the subject being unapproachable or too hard.
How did you make the leap from teaching math to cybersecurity?
Jeff: Eventually, I realized teaching was not for me. When I was teaching, I started to incorporate some computer science programming. We programmed mBots, which uses a basic puzzle-piece programming language. I taught the kids how to create formulas in Excel. I had always been interested in the idea of programming and computer science. At the time, cybersecurity was a hot topic, so I started to investigate more. It afforded me a way to still help people and become integrated within the computer world. I eventually took the leap.
What is your day-to-day like at Crutchfield? What do you work on?
Jeff: My title is “Security Analyst.” We have a small team as there are only six of us. That runs the gamut of administering all the security tools, including firewall security information management (SIM), endpoint detection and response (EDR), vulnerability scanners, etc., but also triaging phishing and responding to incidents when they occur. Also, I am part of the team that runs the security awareness and PCI compliance training. Being my first deep dive into the cybersecurity world, I appreciate wearing a lot of hats. I learned about quite a few different tools right away, which I liked.
Is there a type of work you would like to explore more?
Jeff: I like the aspect of focusing on one specific area. Currently, I enjoy true analysis, the blue team aspect, when you poke holes to ensure your detections work. Not true pen testing but the blue side of pen testing. This is where you’re writing simulations and attack simulations to see what detections develop and making sure your tools are identifying the current techniques and tactics.
What are some challenges you regularly encounter in your role?
Jeff: I really like the fact cybersecurity is constantly changing, but on the other side of that double-edged sword, the constant change is also one of the biggest challenges.
How have you seen cybersecurity change since you have been in your role?
Jeff: In the five years I have been in the role, the ability to dive in as a threat actor. The bar is so low now that you can acquire an open-source tool online for little to no cost. Even more so now, you can easily find free books. You could do that before, but the bar for getting into it is set so low.
How do you see the cybersecurity industry changing over the next five to ten years?
Jeff: I am hoping the way my role will change will be a lot of the repeatable day-to-day tasks will be automated to the best of our ability. That will give room to focus on the higher-order aspects, such as examining trends and proactively seeing what’s happening in the world. Technology is going to match the threat actors, too. They are also going to have the ability to automate a lot, like having AI write things for them. AI would cut down on trudging through what are probably false positives and getting to challenges that need to be analyzed.
Tell us about how you are involved with the RH-ISAC community and what you like about it.
Jeff: I finally saw people in person last October at the RH-ISAC Summit. I missed the 2019 event, and then the world shut down in-person events for a couple of years. I finally met colleagues I have been working with for years, which was awesome. The way I engaged at first was to be a fly on the wall with the working groups and Slack channels and to see what it was all about. When I finally acquired the courage to put forward the information or intel that I had found, the feedback was phenomenal. In my own personal and professional life, it fast-tracked the transition because I felt overwhelmed when I first started in the cybersecurity world. To have people at the ISAC to ask questions, to obtain knowledge and experience, was a powerful way to engage.
What kind of advice do you have for people who are just beginning a career in cybersecurity?
Jeff: Do not be afraid to dive in. There are a lot of free resources to engage with cybersecurity knowledge, such as YouTube videos and tools you can download. You can easily build a lab. When I first started, I had an ASUS laptop I bought secondhand. I was running virtual machine (VM) analysis environments, and that’s a really good way to do things. You must do it; you cannot solely read about it.
What are some of your hobbies? Anything you do for fun?
Jeff: When I was teaching, I started coaching climbing for a couple of years. That sparked an enjoyment of indoor climbing, specifically bouldering. I was on hiatus for a few months due to getting injured, for about eight months, but I just got back into it recently. Some outdoor climbing as well, but it is somewhat terrifying to tie yourself into your own gear. Once I got married, I decided that maybe I would not pursue that. My wife and I live in rural Virginia, around the Shenandoah National Park, where we like to visit and unplug. I also enjoy video games, board games, and Dungeons & Dragons (D&D).