Updated: Aug 17, 2020
Innovate or Die
Year 1 to 2: Becoming a Man
In December 2004, I left Cameroon for Uganda to pursue the Cisco Certified Network Professional (CCNP) certification in Routing and Switching. This was a defining moment for me, as at the age of 16, I left home for a country that was plagued by many crises, such as the civil war between the NRM and LRA.
The first two years were the toughest. First of all, my family had to sell a few farms to sponsor my trip to Uganda and the US$300 (that was serious cash at the time) needed for me to enrol in the Cisco Academy - Makerere University College of Computing and Information Sciences. Secondly, I had to negotiate with the school authorities, the landlords and the shop owners to let me pay my fees in instalments. It was therefore, in Uganda, where the boy became a man.
After completing the requirements for the CCNP certification, I enrolled in Compufield Institute in Mumbai, India to master the necessary system administration skills I needed to become an all-round network and systems administrator. Life in India was tough for me as I continued to need my family’s support. Convincing them to invest the small amount of money they had, in me, was no easy feat. I still remember my "hotel room" – I could stretch my arms out and touch both walls. That's how massive it was.
Three months after my arrival in India, I made the decision to become a man and start paying my own bills. As you’d expect, it wasn't as easy as I thought it would be. The first thing I did before getting on the return flight to Uganda was call the General Manager of Africa Online, Uganda and request an unpaid internship with the ISP engineering team.
Year 3 to 15: Discovery
Joining Africa Online (now integrated into Telkom South Africa) was the best move I made. Even though I asked for an unpaid internship, I still received a small stipend to help me pay half my rent and lunch during the week. In order to generate enough income to take care of my other needs, I began to develop my entrepreneurial skills on the streets of Kampala. As a CCNP and MCSE, I thought I would be assigned to work on the core Internet Services. Instead, I was asked to go into the field and install wireless access points, troubleshoot mail and dial-up issues, and spend nights and weekends working with the Telcos (MTN and UTL) to troubleshoot lease line issues. At the time, I wasn't happy, as I felt I was not being "respected", but looking back now, I am grateful for the experience.
Fast-forward to the present: I have worked or consulted for Vodacom Business Africa, Airtel Uganda (formally WARID Telecom), Huawei (Orange Business Services, Mali), and AFRINIC Ltd.
The Present and the Future: Rediscovery
After a very interesting career as a network and systems engineer for "traditional topologies", an aggressively growing hunger for embracing next-generation "topologies" took over. I developed a deep interest in cloud computing and, at the same time, began exploring data science, web development and programming in general. These were all IT segments I hadn't really paid much interest to in the past. When this happened, I was no longer with AFRINIC, and was jobless.
I spent the first year after AFRINIC deciding on the career direction I should best pursue. I came to realise that I loved planning and designing computer network infrastructures, and subsequently making the lives of developers and users easier. I started by exploring certifications in secure computer and cloud infrastructure architecture.
The next thing I learned about myself is that I love teaching others how to do stuff. I want to help other engineers have great careers. It was tough for me, and my family, to design the kind of future I wanted. Now I want to pass everything I have learnt through my personal experiences onto others – and in doing so, help them enter the world my journey has brought me into.
My approach to teaching is based on the belief that before you can venture into the technicalities of implementing infrastructure design, you must first understand the why behind the technologies that we use daily. Before choosing to implement a security feature, you need to understand the why behind security, the models and what problems they are solving. Only after this, can you make an informed choice as to what technology to use, based on your business requirement(s). This to me is the street definition of being an architect.
To transform my mindset into that of a security architect, I looked at the CISSP certification requirements as a place to start. To me, this was the meanest certification I have ever embarked on attaining, even after 15+ years in the industry. It requires a mindset that places the needs and objectives of the organisation ahead of engineering. For two months and 900 hours in total, I went through the study guides and read articles from ISO, NIST and blogs – and eventually met the certification requirements.
My next objective was understanding how to secure cloud computing environments. This objective empowered my approach to mastering cloud security through the CCSP. In the process of pursuing this certification, I released the most successful CCSP course on Udemy. (I will be publishing segments of that course for free on this website going forward.)
There are quite a number of Internet Security-related certifications that can guide you on the path of understanding what it takes to be a security architect. However, after the CCSP, I decided that I needed to focus on how the different public cloud computing platforms enforced these security concepts. I chose to start with Microsoft Azure.
In order to "architect" secure Azure infrastructures, I needed to understand the fundamentals of cloud computing and how Azure enables you to administrate its platform and applications. This led me towards reading through the certification requirements for Azure Fundamentals and Azure Administrator. I believe you need to understand the “how to” fundamentals of a technology before learning how to secure it. I chose not to underestimate the simplicity of the Azure Fundamentals certification. The Azure Administrator course was more challenging, but very eye-opening.
The reason, I believe, we secure our infrastructures is to protect the data that resides or travels through it. To fully understand the data, I needed to understand the sources of that data and the applications that use it. I also needed to to understand the pathways to creating that data and the architecting of the software that generates or consumes that data. This led me towards attaining the Azure DevOps certification.
All my knowledge has led me to the decision to share what I have gained with those interested in having a successful career in Internet Security. Of course, there are quite a few more cloud computing platforms to explore, and as I master them, I will pass on that knowledge through this platform.
In the meantime, check out the live classes being offered weekly and create your own account to be notified of new posts in our Deep Dives series.
This blog post has been edited by Arrova Media & Communications