We interviewed Alvine Ntandu, a 2019 cybersecurity B.P.S. graduate, to learn about her GW student experience and her post-graduation career progression. Ntandu emigrated from Cameroon and received her associate’s degree from Prince George's Community College, before matriculating into GW’s cybersecurity bachelor’s degree completion program in 2017.
While a student at GW, she received the National Science Foundation Scholarships for Service (NSF-SFS) Grant, which was highly competitive. The grant provided her with a full two-year scholarship, as well as a living stipend.
Since graduating last summer, she is now working as a Cyber Threat Analyst with a “major government cybersecurity protection group.” She credits her GW program curriculum, GW job fair and the NSF-SFS scholarship as being instrumental in her career progression to her current position preserving our national security.
Q: Tell me about your first memory as a student at GW.
A: I still remember my first day at GW, thanks to the prestigious scholarship I received from the GW CyberCorps Scholarship for Service (NSF-SFS). I was able to focus on school and research and forget about any financial burden. When I got word that I received this scholarship (2 years of tuition and a living stipend), I remember saying this scholarship is a gift and that I was not going to waste it. I didn’t.
Q: How did you find your current job as a cyber threat analyst?
A: I found my current job as a Cyber Threat Analyst through the career fair organized by the CyberCorps SFS committee. As a scholarship recipient receiving two years of financial support through the NSF-SFS program, I knew I needed to work in a government agency for at least this amount of time. This job fair is limited to SFS students and the employers are from federal, government, state and local participants.
I remember having so many offers as a GW student, but I had to pick just one. Due to the sensitive nature of my job, the name of the organization I work for needs to remain private.
Q: Tell me about how you learned to “think like a bad guy” using team simulations.
A: The knowledge I acquired at GW from the Cybersecurity B.P.S. program was instrumental in helping me to have this job in my current organization. For instance, I took a class called attacks, tools and techniques, which helped me to understand bad actors’ mindset, their approach, tactics and techniques. Being in the red team (other students were on the blue team), even as students then we could view security gaps through an attacker perspective and that helped us to understand how to identify security gaps in a network to close potential avenues of attacks.
Q: Tell me about how you are using what you learned in your Network Security class.
A: The knowledge in network security I received from GW helped me to understand how computers and networks work. As a result, at my current job, I am able to analyze packets, command lines used by processes, networks operations and look at DNS requests to see if they have any malicious outbound communications.
Q: Tell me about how you are using what you learned in your Risk Management class.
A: In my organization, we work with hundreds of agencies; we have large amounts of data coming from thousands of endpoints and network devices every day. The knowledge I acquired in my risk management class at GW helps me during triage of that data to focus on the one with the highest severity and that will have the highest impact if successful. Thus, when we have a critical alert, I know to prioritize it quickly, but analyze it accurately too.
Q: How do you use the curriculum from your Digital Forensic class at work?
A: I remember taking a digital forensic class where we were taught how to gather and preserve evidence. Now as a cyber threat analyst I still use those same techniques in the real world. I remember one of my professors always telling me to avoid assuming conclusions based on past experiences. Thanks to that, I have been able to analyze alerts at work accurately, and in one instance was able to observe a command line matching the pattern of an Ursnif that did not seem obvious at first.
Q: What is your work environment like?
A: I work in a very fast-paced environment handling malicious URLS and attachments daily, so I always use a sandbox to avoid infecting our own network. At the end of each investigation, I also have to alert the agency we protect if they have a potential malware infection and provide them with actionable advice to prevent harm in their organization. Even though we use many tools at work, I still need the human eye to identify whether an alert, even one triggered with a high level of severity, is a true positive or false positive.
Q: Did you learn about incident and disaster recovery plans as part of your GW curriculum?
A: Good Documentation is a crucial part of cybersecurity. At GW, the BPS Program taught me how to create incident and disaster recovery plans. Now, I still use the same steps as a guide to document each step I took from the detection time of the alert to the after-action report or lessons learned.
Q: How else did you benefit from GW’s program?
A: The program’s curriculum has a unique blend of all fields of activities in cybersecurity. I was taught by great professors, who have a high degree of expertise. Thanks to that, I can easily work in all types of cybersecurity positions and still excel. Looking back, I am happy that we had so many projects that were intellectual challenges. Thanks to them, I built team skills and now in the real world, everything just fits like a glove.
My experience at GW also improved my social life. I studied alongside lot of smart students with whom I became friends and still network with until this day.
Q: Do you feel the bachelor’s completion program in cybersecurity is valued in the marketplace?
A: The education I received at GW through the cybersecurity BPS program is recognized worldwide. It is highly valued by my manager in my current organization. Thanks to it, I was able to take the huge responsibility I now hold in real life, to preserve our national security overall.