Categories
About us Featured Podcast Interviews

A Data Centre Migration Is About Technology and People

Sarah Lean, aka Techielass, is a Scotland-based IT infrastructure, ops, and sys admin expert and Azure community evangelist. The founder of the Glasgow Azure User Group, Sarah works as a Senior Cloud Advocate at Microsoft and blogs, tweets and has her own YouTube channel. She discusses, cloud careers, how you can get into community relations. What makes a successful data centre migration, and how Data Centre Migration is about technology and people.

🔊 Subscribe to the podcast


Interested in cloud careers? You might also enjoy our interview about how to become an Azure MVP.

How did you get started in tech?

I started off in a Sys Admin role, so I was a helpdesk engineer doing morning password resets for everybody, fishing out bits of broken paper from their printers, and stuff like that. I worked my career through those various different roles. In the UK, we call helpdesk roles first-level roles and then second-level is the support engineers that go out to people’s desks. Third-level is when you get to design systems for customers.

So, I basically went through those support levels within my career and just built up lots of experience both internally and externally. I was in companies where they just had a small IT department and they didn’t understand what IT departments did and how crucial they were. And then I also worked for managed service providers, dedicating myself to various different customers, etc.

How did you eventually become a Microsoft cloud advocate and a prominent figure in the Azure community?

I kind of fell into the community role because I wanted to learn Azure and there were no user groups in Scotland. I think the closest user group to me at the time was in London. Which is obviously not something you want to do it you finish working on Wednesday night; go down to London to user group and then come back up to your work the next day. It’s obviously not logistically feasible, so I basically started the Glasgow Azure user group to fulfil my need. Basically, to learn Azure and find out where everybody else was fitting this into the on-prem and cloud worlds.

And yeah, I kind of fell into running the user group and then started speaking at events. People were like “you need to speak at events and share your story and journey”. Which I didn’t want to do. But then I fell into it and; before I knew it; I was getting headhunted to become a cloud advocate at Microsoft.

It definitely hasn’t been a planned evolution in my career, if I’m going to be brutally honest about it. But one that I’m really enjoying and has given me some excellent experiences of travelling to different parts of the world and doing some amazing stuff and meeting some amazing people in the community as well.

What does the cloud advocate position entail?

My role can be quite varied. A summary of my job is to help others find out how to use Microsoft Technologies. Whether that be by telling the story in a simplified manner, maybe in a blog post or a video that kind of connects the dots between. For example, what your on-prem system looks like and what your cloud system would look like.

I’m sure we’ve all read some official documentation on various different products. Not just Microsoft products, and not understood what they were talking about. Being able to digest that into a way that makes sense for everybody. Whether that be someone who’s a project manager or someone who has 100 years of experience in IT, and being able to get that story across to them is something that I do. So, my day can be quite varied.

It can be creating videos, creating blogs, doing podcasts… Or it can be just playing with technology, or creating new Microsoft Learn content as well. There are lots of different facets, and there are lots of different things I can do throughout the day. So it can be quite fun. And obviously, Covid has stopped me from travelling, so that would have been a big part of my job had we not had a pandemic. But we’re making it work.

Besides being a cloud advocate for Microsoft, you also have a personal blog and do a weekly update on YouTube as Techielass. How do the two intertwine? Do you usually post work-related stuff, separate both worlds, or a mix of both?

I think it’s a bit of both to be honest. Because a lot of people know me as Techielass and from before I was a cloud advocate, through my blog. Some things like my weekly update on YouTube was something that I actually started in anticipation for this job. Because I knew I would have to be on camera or I knew I’d have to do some presentations for this job.

I started that weekly update nearly two years ago now, to basically get more familiar with looking at the camera and being able to connect to it and doing all the things that go around video production and so that that’s kind of interlinked. Although it’s become a kind of side project because I just enjoy doing that kind of medium as well.

Connect with Mindquest Newsletter

My blog is sometimes intertwined with my job. You’ll find me, you know, blogging about random things that I find. I’ve been supporting my husband and working from home lately. So there’s some random support ticket type questions he’s asked me that I’ve blogged about, because I know he’s going to ask me in about 6 weeks’ time. And I’m not going to remember how I did it, so yeah, there’s various different things on my blog.

So yeah, my blog kind of intertwines with my job, but it’s not necessarily always about my job.

Is there anything in particular that you like to blog about within the world of Azure?

I think I’ve tried to specialise in data centre migrations. I think we’ve probably all been involved in an on-prem data centre migration. And I’ve tried to take some of that experience and that knowledge and transfer it into how you would actually migrate to the cloud.

So, you’ll find me talking a lot about migrating. I tend to talk more about the processes around that nowadays rather than the technology because I think that’s a part of the journey that a lot of people struggle with. We can understand the technology quite easily, I think. But trying to put that into practice; how you think about things like training your staff; and how you change that culture within your organization; how do start the project for your migration…

So, I talk a lot about data centre migrations and, although I talk a lot about the culture and the process around it. You’ll find me talking about Azure migrate quite a bit and intertwining that into how you actually do your data centre migration. So that’s kind of my specialty, what a lot of people reach out to me and ask about.

What are the biggest mistakes being made in this data centre migration to the cloud, especially now that some companies might be rushing their transition because of the pandemic?

I think lots of people forget to actually assess what they have inside their on-prem data centre right now. They want to get to the actual delivery part. They want to get to put some resources in Azure, and they want to prove the value and say “we’ve completed that project”. And, like you say, some have been rushing because of Covid and the challenges that it’s thrown up.

I always try and say: take a step back, have a look at what’s in your environment. Try and understand not only the technology in your environment, but also what your staff needs are. So, your technology is going to have a bunch of needs when you move it to the cloud. Things are maybe not even going to be able to be moved to the cloud because they’re legacy. Or they’re far too complex, etc.

But what about the the staff within your environment as well? Do people know how to use Azure once you’ve moved into that? I think it that can often be a stumbling block as well. I’ve seen some customers who bring in third-party companies to do the migration. They move all the technology and then that third-party company leaves. The staff don’t have any clue on how to support the things that are now in Azure.

And before you know it, they’ve got into this situation where they think that the cloud is rubbish. Because the staff haven’t been able to support it because they themselves haven’t been supported in learning it. That’s why I always say that a data centre migration is about technology and people, so make sure you’re investing in the staff within your IT department.

Also, make sure you’re looking towards the end users, the people that use these applications that are in your data centre. Do you know how they use them? Is this an opportunity to ditch some of the ones that they hate? Is it that time to look at new solutions?

So, technology and people are the things you should be thinking about in your data centre migration.

Join our community and find your next job in IT

What advice would you give to other IT specialists who might want to get into community relations and advocacy?

If you want to get into the community space, try and do it in your spare time. I know that’s a big ask, because we probably don’t have a lot of spare time, (I definitely don’t have a lot of spare time myself), but it’s definitely a job you have to have a passion for because it’s very different from the technology world, from being a consultant, from being an engineer.

There are so many facets to it. I do things in marketing, I do video editing, I do image creation. I’m a bit of a designer occasionally. I’m also a technical writer. I have to be a presenter.

There’s a ton if things before I even get to the technology. Sme days might I don’t even touch any of the technology because I’m in things like Adobe Creative Cloud, so that’s a big change.

If you’re not ready to give up the toolbox, if you’re not ready to give up playing with the technology. Then it’s not something for you right now, and that’s why I say do it in your spare time, because, if you find that and you enjoy doing these things, if you enjoy doing podcasts, if you enjoy doing videos you enjoy doing the blogging, you’ll naturally find that you’ll progress more and more to that and away from being hands on the tools as such.

I see a lot of people wanting the glamour, but they don’t realise that there’s a lot of time where you’re actually not touching technology. But it is a great job. It has offered me fantastic opportunities , but I think a lot of people need to be aware of the fact that there’s so much to it and it’s not just talking about tech all the time.

And your advice for the larger IT community?

Besides that, just support people who are creating content, whether that be people like myself that do it as a job or whether it be people doing it as a hobby. It definitely means a lot, even if it’s just a small like on a YouTube video or a retweet on Twitter. That means a whole load to us as content creators.

So, definitely support people when they do that, because it can make a massive difference. That 10-minute video could have taken me like 3 days to create so that small little like on a YouTube video means the world to me and it means that I actually spend my time valuably.

Support the content creators out there.


Check out more of our interviews from our podcast episodes.


For more cloud careers and Azure tips, make sure to follow Sarah on Twitter, YouTube, LinkedIn or through the Techielass blog.

Categories
About us Podcast Interviews

Leadership Failure: The Real Human Element Behind Cyber Attacks

Dr. ir Johannes Drooghaag; CEO of Spearhead Management and founder of Internet Safety for Kids; recently sat down with us to talk about the real human element behind cyber attacks. His work helping educate children and parents about cybersecurity.


🔊 Subscribe to the podcast


You might also enjoy our interview: A Career in Data Science: Unlocking The Power of Data with AI

How did your career in tech start? What do you do these days?

My career started in applied information technology and I my interest was first in the technical part of that. But I lost interest when I noticed that technology keeps rotating and innovating and reinventing itself so fast that it’s very difficult to keep up. And I started to get very interested in how can we build bridges; with the people using the technology and how they can they keep up with this enormous pace of technology.

That was more than 30 years ago and, since then, the pace has only increased. But we have not really done a lot to improve how we educate people with technology. So that became my mission. I focus mainly on the human element of technology, and I do that in the field of cybersecurity, of agile management, for digital transformation. We say it is all customer-focused, which in most cases is true. But, in many cases, we forget the people within the organisation who have to work with all that technology.

How do you advocate for this human-centred approach to technology?

I founded a company called Spearhead Management, in which we literally take, first of all, the people. We start with education and coaching, and we do that based on an approach that we could call a gap analysis. Where are we today? Where do we want to be tomorrow? And yes, there will be technology involved. But how can we enable and empower the people in the organisation to make that happen and to become part of that innovation and that digital transformation. And we do that through training. We do that through consulting, through coaching.

I also use my voice on social media. I started to actively use social media three years ago. I’ve been growing fortunately very fast in the last three years. I use that a lot to point out what the human element behind cyber attacks is. What has gone very well? What has gone not so well? And what has gone really, really bad?

And one of the things I do with my team is that, once a year, we publish a report called The Human Element in Cyber Security, and I do podcasts and keynotes around it under the title “The Human Elements in Cyber Security: And It’s Not What You Think.”

Why is it not what we think?

Because when we look at the IT community, there’s a lot of focus on the user error. So you might get the impression that the user is responsible for all cyber incidents. And when we look at the media, we get all the information about the bad fenders, about the vulnerabilities, about how somebody was hacked and everything went wrong.

But when we look at the technical information about these cyber breaches, we see that more than the human element caused 80% of them in the configuration and the management of technology, so the technical responsibility behind that technology. Now we should not take that and do the same thing by saying, the IT experts are to blame because that’s not fair nor correct.

A lot of that is leadership decisions. We know in a corporation nothing happens without approval and budget. So, the IT guy can sit there and say “I have to update those machines, I have to replace that software because it’s EOL”. But when that person doesn’t get approval and doesn’t get the budget. I assume they’re not going to pay that out of their own pocket, right?

So the human element is a lot more than just the actual making failures. The majority of that is leadership. The majority of that is completely failed risk management. If we don’t change the way we manage and lead, we will continue to have these issues.

Join our community and find your next job in IT

What would be a textbook example of leadership failure impacting cybersecurity?

There is this beautiful case of the colonial pipeline, a very high-profile case that was recently all over the media. It started with all kinds of theories about what would have been the case. And this theory immediately emerged that people were claiming that a user had opened an attachment. Other people claimed that there had been a case of social engineering through which all kinds of other theories popped up. Things popped up and they were all over the media and social media.

But then the actual experts analysed it. They found that a VPN account, which lacked basic security measures and was not in use for a very long time got compromised. Some one shared that compromised account, including the ID and password, on dark web forums. And used that account for the initial breach of the network and through that they were able to escalate.

Now there’s one thing that we have to keep in mind. There’s an FBI director who made a very interesting statement. There are two types of companies. The companies who have had their network breached by malicious actors. And the companies who do not know that their network has been breached by malicious actors. And that’s the reality that we have to assume at the moment. That we are compromised and that we must implement all potential and available countermeasures based on that assumption.

Connect with Mindquest Newsletter

The colonial pipeline case shows us two things we should focus on. Firstly, abandoned technology. That VPN connection that we are not monitoring, not taking care of and that hasn’t been used for a long, long time: it is still open and available. Secondly, the almost mandatory segregation of network access and segmentation of the network itself to make sure that you cannot simply hop from one privilege to the next one. All that was not available. Your active monitoring, through which you keep an eye on what happens in your network. If, after five years, you suddenly see a VPN connection pop up, you should react to that. Never happened.

For me, that is a schoolbook example of knowing what should be done and not doing that. An example of having all kinds of interpretations that are not factual at the beginning of the incident and, as soon as the actual analysis is publicly known, is once again the basic step.

And that is what we see in the majority of our research as the real human element behind cyber attacks. When we follow the three basic elements of cybersecurity (patch management, access management, segmentation and segregation), we can prevent more than 90% of all cyber incidents.

You are the founder of Internet Safety for Kids. Can you tell us a bit about this initiative?

We create videos and content to enable parents and children to use the Internet in a secure and responsible manner. We do that with videos and cartoons. The kids love it. We get wonderful feedback, and the most interesting part is that parents write us to tell us that they’re learning from the videos, which they thought were intended for the kids, but we make them on purpose for the kids and the parents. It’s a beautiful project. I love it. It’s a lot of work, but it’s worth every hour that we invest in it.

What sort of cybersecurity advice do you provide in these videos?

Well, there was one episode for which the kids made the entire script from beginning to end.

They said “We have some wonderful advice: we need to inform our parents about what we do, and we should never hide what we do, and we should always explain why we want to do it. But can you please be so kind as to tell the parents that they should listen when we want to tell them something? And if we want to show them something, that they should actually take a couple of minutes?”

So we did this episode created by the kids alone and we didn’t allow the parents to criticise any of it, just focused on saying “Hey parents: yes, we can tell you what the kids should do, but you should have time for them when they want to do what we tell them to do.”

I love that so much. We had so much fun creating that. We encourage parents and kids to learn this together. It’s not that parents give these videos to the kids and say “well, be busy and learn this.” Sit down together, learn this together and use it as an input for discussions with each other. What we’ve learned with the kids is that they’re really actively involved, so they come back to the parents and they say, “hey, I watched this video and look, I’ve done this and it looks good.” And that’s the coolest thing.


Check out more of our interviews from our podcast episodes.


For more on the human element behind cyber attacks and IT in general, make sure to follow Dr. Drooghaag on Twitter, LinkedIn or through his website.

Categories
About us Podcast Interviews

On Learning Azure IoT and Being an Active Member of the Community

John Lunn, also known as Jonnychipz, is a Welsh Azure MVP and MCT working as a technical architect at BT Enterprise. An organiser of the Welsh Azure User Group and an avid vlogger, John discusses the benefits of being an active member of the Azure community and how he learned Azure IoT. 

Interested in cloud careers? Learn more about How to Become an Azure MVP.

🔊 Subscribe to the podcast


What made you go into Microsoft Technologies and cloud architecture?

think when you go into business you predominantly work with Microsoft Technologies, more often than not. I kind of cut my teeth in IT on that side of the fence, which was very much Microsoft focused. So, I guess that, when I took that additional career step into the world of consultancy and kind of specialized in a particular area; in my case it was unified comms when I first started in that world; Microsoft was a natural steppingstone.

I’ve dealt with it for a number of years now. I knew my way around it. I was comfortable with it. So developing those softer skills like peaking to customers and other clients and helping other people understand the technology, or yeah, or being parachuted into a completely burning disaster of a problem. You soon learn the technologies at quite a deep level. You learn quite quickly what you can and can’t do.

So, yeah. I suppose I kind of edged myself gently into the world of consultancy and architecture. Now I find myself as a technical architect working on predominantly Azure and Microsoft focused solutions for customers. It’s been quite a long career and I’ve delved into a number of different areas. But I wouldn’t change it for the world. I’ve learned so much throughout that time.

Cloud careers are evolving very rapidly. What’s your approach to keeping up with emerging trends?

As an individual, I’m constantly thinking: where are we going with technology? What’s next? Not just for my own interests and keep the passion and the interest in my career. But also: where can I add the most value? The company that I work for — how can I help them see and visualise those innovative ideas, projects and solutions?

For a number of years, I’ve been speaking internally with my management team, talking about where we’re going as an industry, and, clearly, for some time now, it’s been around IoT, edge data, machine learning, AI… All of those kinds of technologies that are going to drive innovative solution design.

So, I’ve been on a personal quest. I’ve dabbled in areas over the years. I’ve done bits and pieces and I keep telling people I know enough to be dangerous. That’s my stock answer. I know enough to dig in and make a little bit of noise. But I take it at my own personal development journey to try and dig into that in a bit more detail. IoT was one of those areas that I jumped into.

Join our community and find your next job in IT

Why Azure IoT in particular? How did you go about diving into the area?

I guess I wanted to understand right the way from that physical thing. That physical device and object, the microcontroller that is inside that device, to the LEDs and resistors and buttons. How do those things get made and then what is the code that sits on that microprocessor? How do I develop that code to then enable me to take that sensor information?

Maybe there’s, you know, some optical, temperature or humidity sensor. The common things that you find in IoT projects. How do I take that, read it with some code and send that up to this thing called the cloud? And then what do I do with that?

So, I took it upon myself to try and look at some pet projects to build this, to start looking at microcontrollers, put them in, etc. I literally got myself a 3D printer and started printing off all these random designs I made myself.

There’s the engineering mentality if you’re really starting off at the maker side of things. So, I went on this journey of learning all of these kinds of disciplines. It’s really about understanding all of these little components that go into what makes an IoT solution. And I’m really trying to understand how you join the dots between these various features and components within Azure to make those solutions.

And it’s been, more of a labour of love than anything for work. I’ve met some fantastic people out in the community that have helped me understand things, that I’ve learned from, that I’ve taken ideas from.

And going down on that journey, you learn so much about those areas of Azure that maybe you’re not using on a frequent basis. You know, you start with this high-level view of the world. I try and dig down deep as much as I can in as many different areas so that hopefully I get a little bit more of a clearer picture as to how and why you can use these things.

Do you think a hands-on approach to learning new technologies is better than a theoretical or certifications-based one?

I mean everybody is different. I think for me hands-on works well. Certification is a great way to go, especially if it’s something relatively new and unknown.

So, for example, the AZ 220 exam is the Azure IoT developer speciality exam from Microsoft. And that’s what I was going for at the time.

There are certain ways people can study for exams as Azure IoT exam AZ 220. It’s very much theory-based where you read the Microsoft docs and understand things. And you know, if you do enough Microsoft exams, you can kind of work out which questions they are going to ask you. You get to learn in an almost parrot-like fashion the areas that particular exam is going to cover. And that’s great, there have been exams where I’ve kind of just done in that way. You go in and you’ve learned something over a crammed week or two.

But the problem is that, later down the road, if you’ve not actually done anything physical or hands-on or done it yourself, I found that I forgot it.

For the Azure IoT exam, I took it relatively slowly because I wanted to absorb it and be part of it for a while. Basically, because it was so much fun. I was just having so much fun doing this tinkering and making and, like I say, it hasn’t stopped.

So yeah, I think certification; as Azure IoT exam; is definitely a great way of identifying the areas that you need to learn. But how you learn those is up to you. Everybody’s got their own style and, for me, slow and steady and hands-on sinks in more and I’m able to retain that information for longer and apply it to other things.

Connect with Mindquest Newsletter

You are an active member of the online Azure community. You go by the nickname of Jonnychipz, and you blog and host a weekly vlog covering Azure-related news and topics. How did you become such an active part of the community? What were the beginnings like?

I had always been on the periphery, the edges of the community. And I guess I never really understood what community meant. Over the years, I’ve been fortunate enough to go to some great Microsoft events globally, and I’ve met some brilliant people. But I had never really been actively involved in the community.

But then COVID hit, and we were all locked up in our houses. I got the time to actually focus and build myself a little bit of an office space. Before, I was always out on the road, driving up and down motorways in the UK or running the kids around.

So, as we all had this additional time, I thought, OK, this is an opportunity for me to try and focus on public learning and the community a bit more. In hindsight, I didn’t really know what I was doing when I first started. I set a blog up and it was jonnychips.com, you know? And I started putting out some blogs. I started doing the 100 days of cloud, just trying to show my public learnings and hopefully give a bit back.

What does your new role in the community bring into your life? What have been the best moments so far?

Well, it sounds a bit cliched, but there have been so many different situations that were super fun and where I thought I would have never been I had not turned to the community. Things like joining and setting up and helping organise a user group – part of what I do is helping organise the Welsh Azure User Group, and we run that as a monthly virtual session.

We’ve had so many fun moments over that, just from the guys and gals that help organise the weekly or biweekly calls that we have, through to the events themselves and just the fun engagement from other people in the community. There’s been so many comedy moments and just good general laughs over things.

IoT has been one of the standout things for me. The people I’ve met in in the world of IoT, from members of the community through to the advocacy team at Microsoft themselves, I’ve managed to speak to one or two of those over the last few months. They’re all super people. Really clever, intelligent, passionate people just putting stuff out.

You forge these new friendships without you realising it. You’re virtually speaking to people across Twitter and you’re having that banter, you jump on a live Twitch stream and have a little bit of fun.

So, it’s probably safe to say that there’s not really been one best moment so far. I think the best is yet to come. I’m really looking forward to getting back to the face-to-face meetups, getting back out there to two events where I get to meet some of these great people and hopefully have a coffee or a beer and a bit of lunch or something with them. I see that being a super fun time.


Check out more of our interviews from our podcast episodes.


For more cloud careers, Azure and Azure IoT tips, make sure to follow John on Twitter, LinkedIn and YouTube or through Jonnychipz.com.

Categories
About us Featured Podcast Interviews

The State-Of-The-Art SOC

Chris Crowley is a US-based veteran cyber security expert specialising in security operations centers (SOCs). He works as an independent consultant through his company Montance, has a SOC-Class and is a SANS Institute senior instructor. He discusses how he carved his path in cybersec and shares some insights into what makes a state-of-the-art SOC.

🔊 Subscribe to the podcast

Check out more of our interviews and podcast episodes.


How did you get started in cyber security? 

It’s kind of interesting. I started working in technology when I was 15 years old, back in 1988. That was my first job where I actually went into an office, as until then I had done a bunch of stuff off of my computer, independently, like doing mail merges for one of my mom’s friends in order to send out letters advertising her business.

They hired me to basically come in and do reel-to-reel backups. Literally, they needed somebody to put the tapes on and spin them up and get going. So that’s the kind of stuff that I started doing in technology.

I actually graduated in molecular biology because I thought I would go into medicine and scientific research. After I did basically a full undergraduate degree, I decided I didn’t really want to do that for work anymore. I had worked in labs, etc., but I didn’t want to do that for the rest of my life.

I had always worked with computers. So it was sort of an easy switch for me to do another undergraduate in computer information systems in order to have the credentials. So I did that, and I started working in IT operations.

In the 2000 time frame, there wasn’t a lot of cybersecurity focus. And then things started going wrong. I was working at Tulane University at the time. And the FBI showed up and they are like “you have to take all these computers offline”. We had problems with spam when literally, prior to that, there wasn’t really a problem with spam on email. I’ve dealt with compromised computer systems. I’ve had to deal with Blaster and Nachi, SQL Slammer, so all these early worms that we weren’t ready for and that destroyed networks.

So, that’s kind of how I got started on cyber. I was the IT operations person, and we had cyber problems. And it was a huge struggle initially because there wasn’t a lot of information. Now you can go Google cyber security but, in 2000-2003, you went like what on Earth is going on? You know you’d just have to try to figure it out.

And how did you eventually become the independent cyber security expert that you are today?

So, a major change happened for me personally in 2005. In 2005, Hurricane Katrina hit New Orleans. I was living in New Orleans at the time. My house flooded. Tulane University was dramatically impacted, so I went through this big disaster recovery experience.

And I had been doing a bunch of cyber stuff at that point, and I knew that that was the direction that I was going. I moved to Washington DC, and that kind of changed things. I started working at U.S. government agencies and working in cyber programs. Also around the same time I started teaching for SANS Institute.

At this point, I was like, “OK, if I want to continue along this path, it would probably be better for me to exit employment.” And this was not really something that I had planned to do. I had not planned to go into business, to go out on my own, but that’s what ended up happening. Mostly because I couldn’t balance the full-time job plus the training stuff and the opportunities that I had for some other things.

I kind of joke about it, but I had three part-time jobs that were about 50% of what a normal workday would be. I didn’t know how to do it and I ended up like this for the first three years. Just feeling completely overwhelmed and hustling and doing all the things that were necessary. And I wasn’t even really chasing customers. It’s just that I had like 3 contracts that I was working on.

Since then, I’ve continued to do that and I think I’ve gotten better. I still work about 60-70 hours a week, but it’s just kind of spread out and it’s a little bit more comfortable for me.

That’s my career in a nutshell. I have my company Montance that I do consulting through, I have my SOC class in which I do training for security operations, and I still teach through SANS Institute. I have the opportunity to do a lot of things.

What are you working on these days?

Right now, I’m working with a managed security services provider out of the Middle East. I’m also working with two large financial services companies doing maturity assessments or tabletops for their capabilities. It’s really interesting for me, and it has become phenomenal. Of course, it continues to be a little bit uncertain, always wondering where the next gig is

You mentioned juggling all these part-time gigs as you exited permanent employment. What key learnings about yourself and the way you work have you gotten out of your transition into independent work?

I want to say yes to everything. I really do. People ask for help or want me to do engagements and so on, and I want to say yes all the time. And the problem is that I can’t do that. I have to pick which things I will actually engage in that will allow me to do a good job.

I’m the sort of person who wants to do all the different things. I’m not a specialist, I’m very much of a generalist. So, in addition to the saying yes to everything, it has been hard for me to allow delegation to other people. It’s strange because, when I work in teams where I’m the team lead, I tend to be really good at delegating. But when it comes to my own work, when it’s more, when it’s more of a reflection on me, it’s harder for me to delegate.

So those have been the specific things that I’ve adjusted in my approach.

Where do you draw the line between a junior cyber security professional and a senior one?

That’s a great question. I like the terminology of junior/senior much better than the tier 1, tier 2, tier three kind of stuff.

A senior-level person is able to make an informed, coherent decision, weighing all of the appropriate information that might be available. A senior-level person should know that they need to get more business context. They need to be aware of other people in the organisation who might be affected by a cyber-based decision and get their buy-in or get them to weigh in.

I don’t think that I can expect a junior level person to have the appropriate level of awareness, skills and social interaction and acumen on all the details to be able to come up with that same complicated synthesis and then provide a defendable opinion. I mean, junior-level staff will try to do something like that, but they simply lack the experience and the capability and the technical acumen to come up with the best opinion.

What makes a state-of-the-art SOC?

Anytime I start talking about security operations centers, I fall back on to five things.

We’ve got inputs, people, procedures to work through, technology to work with, and then there are outputs, the sort of things that come out of the SOC that are work products.

From an input perspective, if you had to focus on one thing to have a state-of-the-art SOC, that would be the ability to absorb a tremendous amount of data at speed and have that be something that is constantly changing the instrumentation across every different type of system. Effective ingestion is a hallmark of the state-of-the-art SOC.

In older SOCs, what you would get was “Well, we need to write the connector for that, and we need to hire professional services to do that, and I can’t take the data in from that system.” State-of-the-art is “Give us the data, we’ll figure it out, and we’ll consistently be able to absorb it.” 

Connect with MIndquest Newsletter

Also, you need to have a way to absorb historically, so even after things have happened. If you can go back in time for absorption, and this is relevant both to threat intelligence as well as to logging or other artifacts, then everything gets synthesized into the picture of what you’re doing.

For the people, the human aspect, you need people with skills and capabilities. The modern SOC is a learning SOC. The modern SOC is not a helpdesk. I don’t want to disparage the help desk, but the idea of a help desk is basically: we tend to have a given set of things that are within our scope; here’s what we do, here’s what we work on. If you’re part of this or meet the criteria, we run it through things and we assign it to the right people.

The state-of-the-art SOC handles uncertainty on behalf of the organisation. It handles the unprecedented. I can’t write a routine for something that we haven’t anticipated. We can say we’ll handle it. But then we’re going to figure out on the fly what to do. We’ll deal with it, and we will do it with a degree of grace. It’s not going to be highly polished the first time through. But it’s also not going to come crashing down with people quitting in the midst of it. Because that happens sometimes.

From a procedural aspect, a state-of-the-art SOC has a flexible deployment of its staff.

We have the ability to do a lot of things quickly and efficiently, but we also have adaptability, thinking and business relevance.

In terms of technology, I’ll name a couple of technologies, but I don’t want to limit it to these. As an example, if you don’t have a SOAR and you aren’t implementing SOAR, you are behind the curve. Right now, that is a technology that a lot of people are embracing. And, if you don’t have a SOAR technology, but you’ve written all of your own custom PowerShell or Python or whatever in order to do stuff, I still think that counts for SOAR. But that notion of effective automation is really important for current state-of-the-art capability.

I gave a talk at RSA earlier this year where I went through and listed out my technology taxonomy. It is basically is every single thing that I could think of that a state-of-the-art SOC needs. You can find it in PDF here.

Finally, the fifth thing that makes a state-of-the-art SOC is the artifacts that come out of it. The modern SOC is more about portals, automatic notifications directly notifying the constituents as well as the affected system owners and responsible parties with minimal human interaction.

The SOC analyst is interacting with some form of a system that’s collecting that information, and the system is notifying people rather than the analyst copy-pasting everything into a Word document, printing it to a PDF, and sending that out. I have no problem with collecting reporting into a document, but we already have that data in our various systems. Why aren’t we just programming them to do what computers do well? You know, hit the bits that need to be hit and distribute that information appropriately so that it’s much more portal-driven and constituent-focused than “Here. Encrypt this report.” It’s hard to get there, but I think that that’s a hallmark of the current state of the art.


Join our community and find your next job or expert in IT


For more cyber security and SOC-related tips, make sure to follow Chris on Twitter and LinkedIn or through Montance.

Join his SOC-Class for a deeper dive into security operations centers. August and November sessions are now available.

Categories
About us Featured Podcast Interviews

The Career Path of a SAP Consultant

German ABAP expert Martin Fischer is a Business and SAP Portfolio Manager at BridgingIT, SAP Mentor and a host of the SAP Coffee Corner Radio podcast. He recently sat down with us to talk about how he got started with SAP and discuss the career path of an SAP consultant.


🔊 Subscribe to the podcast

Check out more of our interviews from our podcast episodes.


What is the SAP consultant career path: How did you get started in the SAP ecosystem?

I started to become interested in computers and technology when I was 16 or 17. At that time, I was about to start an apprenticeship in business administration at a wholesaler for tires and other technical products. I had had some Visual Basic for applications lessons in school before, so I started supporting the financial department by writing a macro in Excel or Access, I don’t remember for sure.

The head of the department got interested in my skills at that time, and they were about to start an SAP project to implement SAP FI in SAP 4.6c. That was the coincidence that got me started in the whole SAP ecosystem, and it’s been 20 years since.

Of all the career paths available within SAP, why did you choose ABAP?

I worked on that project for one and a half years and took over the responsibility for running that system. A year after, I decided to study computer sciences and business and, during my studies, I became more interested in software development. So, I thought, OK, I have a background in SAP, and there is a need for ABAP developers: why not look for a job in that area? And so, I did.

And what has been your career path as an SAP consultant since then?

I joined a consultancy in Zurich after my studies and was there for about a year. Then I moved over to Capgemini and was there for three years. Now I have been with BridgingIT for almost 10 years. I left the development space and moved over to more architectural stuff, as well as team leading responsibilities. I am not programming for the whole day anymore. Actually, I seldom program now. But it’s still in my roots, and I like to dig into the technological details.

Join our community and find your next job in IT

What were the biggest challenges you faced when transitioning into a more managerial role?

Becoming the team lead of my former colleagues. There are a few of them who have much more experience than I do, so it was a bit of a challenge for me. I guess it wasn’t that much of an issue with them, pr at least I had that feeling. But for me, it was different.

The second one was having to care about more people and things in many aspects. So, consulting, finding the right project assignments for my team, etc. It was a bit hard because the role involves some pre-sales and that part was hard in the beginning to learn. Also having to accept that I don’t have that much time anymore to focus on my technology topics. Now I have multiple other topics to devote time to during the day, and I had to accept that I will, over time, lose the deep knowledge of the latest technologies.

But now, after more than four years, I have accepted it and I’m fine with it.

What do you enjoy the most about your new role?

The possibility to drive things in the direction I want to, or which I think is the correct one. Of course, I don’t decide that all by myself, but I have a bit more influence than I did before.

I also enjoy very much the interaction with customers, so the pre-sales part that was so challenging in the beginning turned out to be something I really like. I’m much more confident in these discussions now. The first times, you are very nervous. At least I was. Nowadays it has become more of a routine, and I really like it.

What do you value more, certifications or experience?

There are many things you have to learn for the certification exam that you don’t ever use again. That’s actually one reason why I’m not really convinced that getting many certifications is real proof of qualification or knowledge. I’m quite sure you can get the certifications if you do a proper preparation for them and learn the stuff they will ask you for. But you will not really be able to work with the technology you are certified for. I rate experience higher than certifications.

Connect by Mindquest - newsletter

When does pursuing certifications make sense?

I would say at the point in time I did my certification, as a junior, it was a good thing to have it because, especially if you work for a consultancy, it helps you to get better project assignments. Some customers are still looking for it. But, in the development area, I don’t see the need to do all the certifications that come with the technology. I don’t see the value in that.

Sometimes you have to do it as a partner to maintain your partner status. That’s another reason why sometimes you have to get certified.

But, from a career perspective, I’m not a big fan of certifications. I think there are better ways of getting a deeper understanding of what you are doing. Get involved in small projects, do a POC, get your hands on the latest technology somehow.

You are an SAP Mentor. What is the Mentors program like?

The program has changed a lot over the last 3-4 years. I’m now almost at the end of my 4th year in the program.

There’s a new program called SAP Champions which took over the community focus and the focus on the outside community, which was also part of the Mentors program. The program now focuses more on providing feedback to SAP on certain topics.

It’s an honour to work with all other mentors in the team because they are all very experienced. The international aspect is also very valuable for me because you get to hear things going on in the United States, Australia, or Asia, and things are different in different countries, so it’s also something you have to learn.

What career advice would you give to other SAP and IT experts in general?

Stay curious and never stop learning. That is very important. And work in something that you like to do. I am lucky to have a job I really like. I cannot imagine investing so much time in something I don’t really want to do.

I think that’s very important. More important than more money, etc. If you have passion for your job, money, at least in technology, comes along.


For more tips on how to navigate the career path of an SAP consultant, make sure to follow Martin on Twitter and LinkedIn and through SAP Coffee Corner Radio.

Want to make the most of your career in SAP with S/4HANA? Check out our definitive S/4HANA Careers Guide.

Interested in DevOps too? Find out more about career opportunities in this promising field through this expert’s DevOps career story.


Need advice on how to start or develop your freelance consulting business in tech or IT? Need to start a new permanent or freelance assignment? Join Mindquest and get support from our team of experts.


Categories
About us Featured Podcast Interviews

How to Become an Azure MVP

Gregor Suttie is a Glasgow-based Microsoft Azure MVP and Microsoft Certified Trainer working as an Azure Architect at Dutch firm Intercept. He helps run the Glasgow Azure User Group and is a prominent Azure family and community member. He recently stopped by Mission Control Center to discuss cloud careers and how to become an Azure MVP.  


🔊 Subscribe to the podcast


How did you get started in IT and with Microsoft technologies?

I have been in IT for more than years, so it was quite a while ago. I was one of those people who don’t know what they’d like to do in life when they are at school. But a high school friend encouraged me to try doing some computer programming, and I really enjoyed it. After school, we went on to do some college-level computing and programming courses, and I got a part-time doing AS/400 at a bus company.

After that, I went to Paisley University just to the West of Glasgow to do a one year-degree in media technology, which is slightly computer and programming-related even though it sounds like media. When I finished there, I applied for a developer role and gained some Microsoft experience but nothing too deep. I started learning HTML from Notepad, believe it or not. That was back in the day when HTML was the first thing. Using notepad to code was interesting. I was even learning Java in Notepad as well. It wasn’t even an IDE. So that’s kind of how we got into baseline Microsoft technologies, just using basic programming.

I then got my very first junior role at a software company: Interactive Developments in Sterling. And I went in there as a junior with absolutely zero experience, so it was quite frightening but really exciting at the same time. I was really lucky there was a very senior lady who was the senior dev, and she took me under her wing and basically showed me how to write code properly and test it, how to deploy it and, more importantly, write good tests to the code that I was trying to write, which wasn’t very good at that point, but she kept me right. And that’s kind of how I started. I was basically doing VB 6 in that job for three years, learning VB 6 under the wing of a good teacher. Very lucky to have someone mentor me like that.

And then you became one of the first 50 Microsoft Certified Solutions Developers (MCSD) in the world. How did that happen, how did it feel?

Yeah. After about three years, we were moving away from VB 6 and towards Microsoft .NET, so I was learning that during the day at my job, and at night as well.

It was the first time that they had ever offered the MCSD exams. I think it was two exams, and I went for them and passed them on the first attempt, which was really cool. But mainly because I was doing a lot of studying and hands-on.

I got a letter signed by Bill Gates together with a copy of the software saying that was one of the first 50 people in the world to have passed that exam. I don’t actually still have it, as it got lost when I moved house, but I got the Visual Studio box with all the posters and all the CDs in there signed by Bill Gates, which was exciting.


Read a very exhaustive Azure developer job description.


You are also an Azure MVP. How can one become an Azure MVP?

Three or four years ago, you used to be able to nominate yourself for the distinction. But they got rid of self-nomination because so many people were nominating themselves, so they just couldn’t cope with the number of nominees. They changed it to make it that you had to be nominated by someone from Microsoft or an existing MVP. So, I asked someone to nominate me and eventually happened.

It’s all basically based on community contributions. How to become an Azure MVP? The main thing is that you shouldn’t try to become an MVP. You should just do what you do, and it will eventually come along. You have to do blog posts, talks, help out through user groups, all that kind of good stuff. If you’re doing that on a regular basis, then someone might nominate you.

Once you are nominated, you have a form to fill in with all the contributions that you’ve made over the last 12 months. You fill that out and send it off, and the person who deals with the form contacts you within three months just to let you know if everything is okay with your form.

And then it basically goes into the ether. You don’t hear anything until you get awarded. On the 1st of every month, they come out and communicate the seven or eight people in the UK who have now been awarded the MVP. That’s kind of the short version of how it works.

I couldn’t believe it when I got it. It’s probably my biggest achievement so far.

As someone who knows well how to become an Azure MVP, what’s your advice for those who are just starting out in their cloud careers? What certifications should they pursue?

I always ask people: what are you interested in? Sometimes it’s worth trying to write the Venn diagram and put in circles what you like. So, are you a developer or are you more of an ops person? Can you code? Would you like to code, or not? That’s kind of how you start.

What’s your background? Some people don’t have any background and they’re just learning from the very start. If you want to learn from the very start, it’s probably best to start off with the Azure Fundamentals exam. In fact, I always recommend that you start off with the Azure Fundamentals exam because it will give you a nice introduction to the Azure exams. It will also give you the confidence that you have managed to pass a fairly tricky exam.

If you’re new to the cloud, the Azure Fundamentals exam is actually a little tricky because it covers quite a lot of things. If you’ve got experience in Azure, fair enough, but, if you’re new to it, I would start with the fundamentals. And that goes for all of the courses.

These days, there’s quite a lot of demand for Azure administrators, people who can set up all the Azure resources. So, the Azure Administrator certification is quite a good one to go after. But other areas like Azure Power Apps are becoming very popular as well. Power Apps is a low-code platform, so it’s nice for people who aren’t massive programmers but are into coding.

Connect by Mindquest Newsletter

Go to Microsoft Learn and click on the certifications link on there. Have a look around and try and figure out what you are best at.

Also, the online Azure community online is amazing. If you go on Twitter for example, under the hashtag #AzureFamily, you will find lots of amazing Azure people. If you want to get started with Azure and got questions on how to get started or even about how to become an Azure MVP, then definitely please do reach out to me or reach out to anyone in the #AzureFamily and they will definitely help you. Don’t be shy if you’re stuck with anything. Reach out and someone will help.

Join our community and find your next job in IT

Your background is in development, and then you moved into DevOps. What was it like to be, all of a sudden, in the middle of development and operations teams?

It was interesting. I worked at a large bank two jobs ago, and the developers were on one side of the fence and the operation teams were on the other and they had nothing in between. And I couldn’t really understand this. So, what we would do is work on a two-week Sprint, and then we would build a code tester code and I would pass it over to the OPS team who would then deploy it, but we would never really speak to each other, and I thought this is really bizarre. “How does this work? This can’t be a good relationship.”

So, I got to know the operations team. They were in New York and we were in Glasgow. I got really friendly with them and kind of started to bridge the gap; and I created a role for myself where I sat in between the two teams. I made sure that the code was all built and tested. Then I could help pass it over to ops team and show them how to deploy it correctly because before that they would just deploy it. It would break because there was no real handover.

Anyone in the operations team could pick up and deploy the code, and the devs had an idea of what documentation to make. It was quite an interesting role. Before I did that, there were two separate teams who didn’t talk to each other. It was a good way to kind of bring the operations and dev people together.

Now you are an Azure Architect at Intercept. What are you working on as part of your role?

We are helping independent software vendors (ISVs) from all around Europe move from on-premise to Azure. The projects that we’re working on these days are basic setup designs for companies who want to move to the cloud or that are already in the cloud and want some extra governance.

We design it, we implement it, and we also look after it. So, we’re doing managed services. I’m really loving working here. Plus, it’s really interesting to work for a foreign company. I’m based in the United Kingdom, in Scotland, and I work for a company in the Netherlands. So, it has been really good fun.

Since the Covid-19 pandemic began, a lot of companies have been rushing to migrate to the cloud. What are the biggest mistakes you are seeing being made as a result of this hastiness?

I do some workshops on governance and Azure, so basically setting up things correctly from the get-go. And sometimes we see customers who have started in Azure and have created resource groups and have started deploying stuff but there’s no governance in place. There are no rules, no naming conventions. There are no limits to what you can deploy and who can deploy what.

When I deliver my governance workshops, it’s quite interesting to see people who are like “Oh, I didn’t know you could do that.” It’s just things like stopping people from being able to deploy huge virtual machines. stopping people from leaving things running. In the cloud, you can spin up things quickly, but some of them can cost quite a lot of money. You can burn through your credits and your money quite quickly in the cloud if you’re not careful.

I have also seen some poor naming conventions where everything is just random names and it’s really hard to work out who deployed what and when and what. It’s quite funny when you see a mess and you’ve got to go and tidy it up. I don’t often see that, but one or two customers have kind of run before they can walk.

So, governance is mainly the thing that people need to keep an eye on. It’s easier to do it from the start. You can certainly put governance in once you’ve got your Azure environment running, but it’s just nicer and easier to do it at the start.


Check out more of our interviews from our podcast episodes.


For more tips on cloud careers and how to become an Azure MVP, make sure to follow Gregor on Twitter and LinkedIn and don’t forget to check out his blog.


Need advice on how to start or develop your freelance consulting business in tech or IT? Need to start a new permanent or freelance assignment? Join Mindquest and get support from our team of experts.


Categories
About us Featured Podcast Interviews

Becoming an Oracle Certified Master: My Ticket to a Stellar DBA Career

Born in Brazil, Rodrigo Mufalani is an expert Oracle DBA working at IBM as an Infrastructure Specialist for hybrid cloud projects. He recently sat down with us to discuss how he got started in his DBA career and how becoming an Oracle Certified Master and Oracle ACE catapulted his career and allowed him and his family to start a new life in Luxembourg.


🔊 Subscribe to the podcast


How did you get started in your DBA career?

My journey in the database world started a long time ago, back in 2004, and it happened by chance. 

I was at college at that time and applied to a developer position at a company, but my programming logic was not as good as that expected from a developer at the company. But the HR department saw that I did pretty well on the SQL part of the test and invited me to apply to an internship position as a DBA. 

Why did you decide to pursue that opportunity and go down the Oracle DBA career path?

When they offered me the position of DBA, I started looking on the Internet for what exactly a DBA was. I had no idea at that time.

I had started my career doing first line IT support, helping out with Windows installations and network stuff. But I was searching for something closer to the development side of things, as that’s what I was studying in college. So, that offer was perfect.

And that’s how I became an Oracle DBA. I think it was destiny. 

And now you are an Oracle Certified Master (OCM) and Oracle ACE. How has that helped you in your DBA career?

It has helped a lot in my career. It’s why I am speaking to you from Luxembourg. Until 2018, I used to live in Brazil with my family (my wife and kid). Because after the certification, I got an invitation from a company based here in Europe to move here and help them with their customers.

How is the exam to become an OCM?

I cannot talk a lot about it because I have an NDA, but I can tell you it’s pretty hard. 

You have to prove you have hands-on expertise in a list of skill sets in different areas, some of which you rarely use on a daily basis. And it’s pretty hard because you have time, your mind and the exam itself against you. It’s a two-day exam at Oracle’s headquarters, and I took my exam in the UK.  

At the moment, and due to Covid-19, the exam is suspended, so there have not been new Oracle OCMs since 2020. But the future OCM exam, if there is one, will probably be related to the cloud and offered online.

Join our community and find your next job or expert in IT

What about the Oracle ACE award? When did you receive that one? How has it helped you in your DBA career?

I can’t believe it happened more than ten years ago, in 2009. Especially because it’s not an easy distinction to maintain over the years. If you receive the award but you don’t keep participating in the community, sharing your knowledge with the community, you lose the award. 

It’s funny because I remember I was reading the email in which they notified me that I had been awarded the distinction when my boss at that time called me into his office to go over some stuff. And I told him I just got awarded the Oracle ACE award, and he goes “Oh, congratulations! But what exactly is that?” He just had no idea. It was so long ago. I was the third person in all of Brazil to be given the award. 

The program has grown a lot since then, and it’s a pleasure to continue being part of it. I like talking to a lot with people and love to do presentations and talks at conferences. I founded the Luxembourg Oracle User Group with some colleagues, and I’ve had the opportunity to speak at several conferences. Also, I even had the opportunity to go to Azerbaijan before the Covid pandemic, and it was amazing. I have met so many great people through these conferences. 

I must really thank the Oracle ACE program for giving me the opportunity to meet all these amazing people.

What is your main role at IBM?

Right now, I am helping with a large migration project for a big customer. I am doing some automation and am involved in all the migration activities as part of the cloud migration team. So, ensuring performance, that all is done according to the plan and on time, etc.  

For the moment, I am mainly helping with Oracle-related subjects. My role is a little bit wider, spanning to all things database-related, but for the moment I am mainly playing with Oracle.  

Connect by Mindquest Newsletter

As a DBA, what are the most challenging aspects of working in a hybrid cloud environment?

Nothing in particular. The same challenges that we have all the time. So, tight deadlines for delivering projects, ensuring as little downtime as possible, etc. The customer always wants to have the, and we try to deliver the best to them.

What advice would you give to those starting in IT?

My advice for the starters in the field of technology would be to read and research as much as possible. Try to pay attention to the senior people around you and don’t be embarrassed to ask questions. But ask questions after you try. Of course, in a safe environment, not in the production environment.  

I prefer that someone asked me after trying these or that step and failing to find a solution. Sometimes, people get so accustomed to getting every answer at once that they don’t even try.


Check out more of our interviews from our podcast episodes.


For more advice on cloud careers, make sure to follow Rodrigo on Twitter and LinkedIn, as well as on his blog.

Categories
About us Featured Podcast Interviews

Two Months into My First Software Developer Job

Olena Drugalya recently went from being a stay-at-home mom to landing her first software developer job, joining Novatec Consulting as a junior software engineer. Two months into the role, she chats with us about her beginnings, first learnings, and what other people starting their web developer career should expect from the first weeks at the job.

🔊 Subscribe to the podcast


Congrats on first software developer job? What projects have you been working on so far?

I’m actually not working on any client-facing projects right now because I’m still in the learning phase. Novatec has a Talent Hub, and every new employee in the software engineering department starts there. We spend a lot of time learning, as the project we will be involved in later require a lot of additional skills and knowledge of languages and frameworks. So, they want to be sure that we know all these things in advance.

What’s the talent hub like?

There are a lot of new developers in the hub: juniors, trainees, students… And we work together on pretty much the same program. We learn back-end, Java, Kotlin and some frameworks, but we also learn front-end tools and frameworks. Then, in the end, we are given a project to do by ourselves, and we present it and show everything that we have learned so far.

Some need two months to complete the program, others need more time. It really depends on the person, but it usually takes no more than six months. We need to deeply understand the concepts and processes, so we can use as much time as we need to learn. They don’t rush us. I really love Novatec’s idea of the talent hub.

Pretty cool, isn’t it? Sounds like a great way to get started.

Yes. I was so happy when they took me in. This was something I was looking for because I don’t have that much experience and they give us the possibility to learn and cooperate with other developers and see what the process of development is really like.

We participate in all the company meetings, as well as in sprints and refinements. So, from the first day, we can see what the other developers are doing and how they manage the development process. We are not taking part in it yet, but we are already aware of what the project looks like from the inside and how people are working on it, and this is a very valuable experience.

What are you finding to be the most challenging part of this learning process?

The most challenging for me probably has been working on a project inside a team. Before this, I was doing everything by myself. So, if I had a project to get done, it was just me doing all the thinking, projecting via framing and coding. Now it’s just a bit different situation.

You have other developers in your team, and the planning of the project takes more time than the coding part itself. That’s because it needs to be divided into small parts, and everyone in your team needs to understand what their task is and what they’re going to do.

And I bet you learned many things as a result.

Yes. I learned how to develop the user story, how to create a ticket, how to cooperate with other developers using GitLab and all these things which I would have never learned by, for example, being a freelancer.

You mentioned you’re learning back-end, and your previous training was in front-end tech. How is going full-stack like?

I was lucky because was able to handle the back-end pretty well because I had some experience with C#. So, Java was not that difficult for me, but still, it took me probably a month to dive deeper into it, to go beyond the basics and learn new stuff. Then it became easier when I started with Kotlin and the various back-end frameworks. The most challenging part was Java itself.

Connect by Mindquest Newsletter

How was the experience of going through the onboarding process? Was there something in particular that positively surprised you?

I was really surprised with it all, as that the onboarding process was really well organised. Everything was on time and there were so many people presented their teams and projects. They were telling us with enthusiasm and happiness, explaining how they were handling things and that they were happy to see us at the company. That was very inspiring and surprising in a positive way.

What advice would you give to others just starting with their web developer career?

For the junior developers who are just starting their web developer career, I think the most valuable advice I could give is: don’t be afraid to ask questions. Everything you want to know, everything you are not sure about, just ask. There are a lot of people who will help you, who will guide you and mentor you.  

In a good software engineering team, they all want you to succeed. That’s the beauty of cooperation. Everyone helps each other out when they are working on a joint project.

Join our community and find your next job or expert in IT

What about work-life balance? Starting a new job can be stressful. How are you doing with it all? Are you working from home, or at the office?

Work-life balance is pretty much on schedule and going well. We’re still working from home remotely, but we can go into the office if we feel like we want to socialize with other colleagues. So, from time to time, we meet at the office. I do like work from home, as that way I don’t have to spend that much time in traffic to go to the office and back.

You were blogging quite a lot before starting your first job as a software developer. How is blogging given how busy you must be? Are your new experiences prompting you to write about new topics?

Yes, it’s difficult now with the content. I know there are a lot of people on Twitter who juggle their work with content creating, family and everything, but it was difficult for me these first two months. It being a new job, and my first software developer job, I wanted to get to know everything, to learn as much as possible. And that didn’t leave too much time for content creation.

So, my blog is still where it was before, but still coming up with ideas. At Novatec we also have the possibility to write blogs, so I will probably think about that as well. I would like to pick up blogging again soon and write about all the new back-end tech I am learning to use, about Java and Kotlin – there are so many topics waiting to be written about.


Check out more of our interviews from our podcast episodes.


For more guidance in your web developer career, make sure to follow Olena on Twitter and LinkedIn and don’t forget to check out her blog and Hashnode activity.

Need more tips on how to find a job in IT? Check out our IT job hunting guide.

Categories
About us Featured Growing your career: permanent & freelance IT Consultants Podcast Interviews

A Career in Data Science: Unlocking The Power of Data with AI

We chat with Ton Badal, machine learning engineer at London-based DataOps start-up Synthesized; about pursuing a career in data science and the challenges of working with data.


🔊 Subscribe to the podcast

Check out more of our interviews from our podcast episodes.


How did you get started in tech, what made you go for data science career and machine learning in particular?

Since school, I have had an engineering mentality, I’ve always had this problem-solving way of thinking. I’ve always enjoyed math and solving problems. In university, I studied telecommunications engineering and specialised in audiovisual systems, so the processing of audio, images, video and other audiovisual systems from a technical perspective.

There I started doing research in machine learning, AI and data science. I started discovering this super interesting world. After that, I was sure that I wanted to do a data science career. So I went for a master’s in AI. And that’s how I discovered this very, very interesting and challenging world.

What did you find to be the most challenging part of this process of learning data science as career and becoming a machine learning engineer?

When I started university, it was not a clear path yet. Eighteen or fifteen years ago, you couldn’t see the path of a data scientist from start to end. Data science sits between computer science and math. And, throughout my career, I’ve been closer to computer science than to math. But the challenge is that you have to know as much as possible from both worlds. But at the same time combine them as well as possible. So I think it’s been quite challenging to be able to unify both worlds.

What’s the best career advice you have ever been given?

This is not really a piece of advice that someone has given me, but rather something that I’ve seen people do. I’ve realised that, when I was starting to look for jobs and was looking for a career, I was kind of looking for anything. I felt like I was the only one selling myself. But at some point, you realise that it’s important that the company also sells itself to you. The company also has to be interested in the person who’s applying. It’s not just top-down, but also bottom-up. There has to be this mutual understanding. When I started looking for jobs, I didn’t care that much about that. But after a while, I realised that it’s really important to feel confident and be in a good environment. It’s crucial for your career development and for example a data science career.

So, I would recommend to everyone to not just get the first job and be very selective about what they want and what they seek to accomplish. Also, the people who interview you: you have to look at them and ask as many questions as you can about the company. It’s not only about selling yourself, but also about understanding the company and making sure that the step you’re going to take is the best one for you because that’s going to influence the rest of your career.

CV Writing Tips for IT Professionals

What’s your advice for those who want to learn data science?

If you want to learn something, the best way to learn it is to get hands-on, to find a project that you’re interested in. There are a lot of open source projects that require some help. For example, at Synthesized, we’re now going to open source a fairness package. If you’re interested in this field, you can collaborate on many, many different projects. The best way to learn computer science and data science is to get a project, get a data set. Sign up for a Kaggle Competition, for example, and try to solve it and get as close as you can to the top of the ranking.

Need tips on how to find a job in IT? Check out our IT job hunting guide.

What are the biggest issues with working with data these days?

First of all, there is the problem of ending up with a poor signal-to-noise ratio. The amount of data that you can find nowadays is huge. But, many times, this data contains a lot of noise. And, if you are not careful, you are just going to end up with just a lot of noise that renders it useless. 

The second big issue is compliance, so GDPR, HIPAA, etc. If you have data that is not privacy-compliant or that is discriminating against some groups, that’s going to be not only useless, but it’s also going to be illegal to use. So you need to work closely with compliance teams. You need to spend time with the legal team to make sure that you make proper use of your data. 

Finally, there’s the problem of data sets becoming data silos. More and more, to access data, you need a data engineer, a data scientist or a machine learning engineer — someone who can do the magic with the data. It’s getting more and more complex to access the data because doing so requires the knowledge of a data engineer or a test engineer. 

How is Synthesized helping to solve these problems?

Synthesized has a core engine that is able to solve these problems by enabling users to easily access their data products in many different ways. So, for example, let’s take one of the problems that I was mentioning before: working with compliance and privacy. Our engine is able to generate data that is representative of the original data but is free from privacy issues and from even biases. 

Connect by Mindquest Newsletter

Another of the problems is related to infrastructure, to data silos. Current approaches are data warehouses and data lakes. There are some problems with these approaches, for example, the signal-to-noise ratio in the case of data lakes. There’s a lot of data in there, but it’s very difficult to use. But, the infrastructure problem is also there because the data is very centralised and you need a data engineering team to get to it. So what we’re working on is a new infrastructure called data mesh that aims to decentralise data access. It tries to decentralise all these data products so that each team can access the data independently. Both for internal and for external collaboration.

Can you tell us a bit more about your role at the company?

I’m very lucky to have been a very early employee of the company. I joined at a very early stage, and this meant that, although my official title is machine learning engineer, I’ve been able to touch a bit of everything. 

However, my main role as a machine learning engineer is making sure that the core technology is as good as possible. But that also involves a lot of what a pre-sales person would do. So, going to the clients, asking them for requirements, and making sure that the product works well for them and is as tailored as possible to their requirements. But about also improving the product. 

And there is also some marketing work involved, like developer relationships. We need to push into that direction because we’re a small company with very new technology and we need to make sure that we sell bottom-up, not top-to-bottom. We approach customers as machine learning engineers, as the nerds who sell to other developers, not as the marketing guys who are trying to sell something to them. Otherwise,+j the message doesn’t get through that well.

What’s next for data? Where do you see data science in, let’s say, five years from now?

I think that, right now, we’re in a very crucial moment for data. We are having all these privacy issues, fairness problems, and the users are more and more aware of this. So, we have to make sure that we have the best practices in place, that we make the best that we can with our data but still respect users. It’s going to be a very challenging time. 

At Synthesize, we mainly work with structured data, but I think it’s worth mentioning unstructured data. What’s happening with OpenAI, GPT-3 or other generative models — what’s being done is amazing. It’s a very exciting time. I’m very, very excited to see what the next new thing is going to be.

You’ve been based in London for a while. What do you like the most about the London tech scene?

What I like the most about it is that there are a lot of people working on the same topic, and you can very easily meet people doing really interesting things. And that’s one of the most powerful things when you are doing research or trying to improve your product. Just talking to people, understanding their problems and just having a conversation about something that probably you don’t understand and you don’t even know about. 

Discussing new tech trends with people at other companies, that can really help. You discover new things and go out of your usual boundaries. London is great for that because there are a lot of meetups. Well, there were before corona. But yeah, you can talk to and meet a lot of people. There’s this big ecosystem where a lot of things are happening and there’s so much to learn. I’m really happy to be living here.


Join our community and find your next job or expert in IT


You can follow Ton on LinkedIn and on Twitter.

Looking for a job in IT? Check out our IT job hunting guide.

Categories
About us Featured IT Consultants Podcast Interviews Tips for your daily life as a freelancer

How To Code Well: Taking Breaks and Other Pieces of Timeless Career Advice

Peter Fisher; freelance web developer and host of the popular “How To Code Well” podcast; discusses why he started teaching coding and some of the best career advice he has given.

🔊 Subscribe to the podcast


How to code well

How did you get into web development?

I never actually wanted to be a programmer. I actually started off from an arts background. So I did a lot of graphics design and a lot of 3D animation. We did a lot of flash animation and action script coding, so the coding came alongside the multimedia stuff.

When I was at school, I was building small little websites for myself and friends just to post images on. And I found it interesting that one could build something with really small feedback loops. All you had to do was write some HTML code and refresh the page and you had something.

And then when I got my first job in a web development agency, I discovered very quickly that I wasn’t actually a graphics designer as more of a coder. So, I was able to transfer my passion for design to a passion for designing and architecture.

You are the host and teacher of How To Code Well. A podcast and learning hub around web development and pursuing a web developer career. How did this adventure start?

I never started How To Cope Well with the intention of building a business from it or being a creator. It was a purely accidental thing that I got into. I always started blogging when I started learning because that was my way of keeping note. But I was writing to myself rather than to others.

After I finished university, I was in this ocean of developers who’ve just come out of university, and they were all looking for the same jobs. I was speaking to a lot of recruitment agents, and one of them, off the cuff, said “I wish there was a way I could show our clients how well you can code.” This was like 2006-2007, so YouTube was just coming out. And I thought: “You know, that’s something people is starting to use more, so I will video myself doing some code.” It was a very selfish decision. It was never intended to teach anyone how to code, it was just to show how I coded, so I could have called it How Well I Code rather than How To Code Well.

But then you decided to focus on helping others. What changed?

At first, I did about four videos and posted the links up onto my CV, but I very much doubted that anybody would actually see those videos from a job perspective. So, I forgot about it for a few years and didn’t bother logging back into YouTube.

Then one of my family members wanted to post or share a video for other family members. And I just thought “Oh yeah, I’ve got this YouTube account.” So, I logged in and, after several years of it being dormant, I noticed that there was a ton of comments and questions and feedback which were all very positive. I thought this was something I could run with, and it went from the very selfish decision of promoting myself to helping people out. People on YouTube were asking if I knew how to do other things, how to use other programming languages, where the next part of the course was. The funny thing is that I never thought it was a course when I did it. The driving force of How To Code Well is its community.

What was the most challenging part of starting to produce educational content on a regular basis?

I was a junior dev working a full-time job with freelance work on the side, and I was now teaching people to code, so time was and is a thing that is against me.

I’ve got a very strict rule of not doing it during working hours, so it’s evenings and weekends, and over several years I’ve managed to keep that going. But there’s a lot of sacrifices one has to make. For instance, if I live code on YouTube on Tuesdays after work, my working day is prolonged, and my downtime is shorter. If I live code on Twitch on Sundays, my Sunday afternoons are out of the water. And there’s a lot of preparation that you have to do before you do that. You need to think about what it is that you’re going to code and talk about.

What about impostor syndrome. Do you experience it yourself? How do you address it?

Impostor syndrome is something that is definitely real, and with the podcast that came through accident as well. I started doing long-form content where I was touching upon subjects that I didn’t know much about. It got to a point where I was getting to the limits of my knowledge, and I just decided to bring people on the show to learn from them. It’s always a learning journey, always knowing where my limitations are.

With every course I build, I think that I’ve done the wrong thing, if I’ve said the wrong technical thing. You know, if I’ve pronounced an acronym wrong. You’re constantly doubting yourself. It does get easier because you get used to that feeling and you can have a little word with yourself and say “It’s fine. It’s okay, you can publish it.”

You’ll never truly know how the audience is going to react until you publish it. So, every doubt that you’ve got in your mind is just your doubts. It’s not the doubts of others. I think that’s how I get through it.

Speaking to people on the podcast who know about the subject matter, I do come away feeling like I know nothing. I know what they’ve said because I’ve understood what they said, but it just makes me aware of how little I know of web development, which is another reason why web development is so good, because there is so much to know and so much to learn, it’s endless. You’ll never learn everything.

Join our community and find your next job in IT

In your experience, what makes a good web developer versus a great one?

From a technical standpoint, a good web developer knows the syntax and the processes. But a great developer understands the technical consequences of those processes and decisions, and they can lean upon past experiences.

Connect by Mindquest Newsletter

Also, a great developer is highly professional. They know when to say no and they have justifications of why they’re going to say no. They have testing, they know how long things are going to take, they have some experience behind what they’re doing. They’ve seen it from inception to deployment, and they’ve gone through the whole bug fixing cycle. But really, I think what boils it down is experience. You can’t just learn to be a great developer, you must embrace it and experience it.

Based on what you have seen through your courses, what are most developers struggling with these days?

Not understanding core programming concepts is something that I see a lot, so knowing the framework but not understanding the core principles of the programming language behind that. Learning the concepts of programming is a transferable skill. I’m not just talking about learning JavaScript or learning PHP or Python. It’s learning the operators, the logical flows, learning what a function is versus what a class is. All of those things you can take with you to the next programming language.

What I see a lot is people diving into frameworks and then getting stuck when they move to another position or another job, or when that framework changes. They are comfortable in that world, but they’re not comfortable in the world outside of that framework.

What’s the best web developer career advice you have given?

First of all

Take breaks. Take more breaks than you think you need to. Your brain works offline, so even if you’re not physically at your machine, you’re thinking about the work. I think about the work when I wake up and when I go to bed. I never switch off in terms of thinking about the bugs that I need to fix or the logical flows, but because I’m not staring at a screen, I’m not getting stressed about it. I’m processing this information in my brain in the background. And, when you come back to the code, it’s easier to identify the issue that you are in.

The second one

The second one is to keep asking questions. Web development is super hard and it’s going to get harder. You think you know it now, but, in two years’ time, you’ll know two years’ worth of it, and then you’ll discover another two years that you don’t know. There’s more stuff in web development that I don’t know than there is that I do know, and I’ve been in it for a long, long time. Don’t beat yourself up and if you don’t understand what you’re trying to achieve, then ask someone. And, if you don’t understand what that person is saying, ask someone else, because perhaps that person hasn’t talked about the answer in a way that you can absorb. Maybe you are more of a visual learner. Maybe they can show you on a whiteboard or take you through the process. Throwing acronyms at someone isn’t a very useful thing, is it?

Lastly

Lastly, technology comes and goes. At university, I studied visual basic and action script. Well, action script is for Flash. Flash is never used. And visual basic, I just wouldn’t even know. I did well in that course, but I’ve never used it. What I’m trying to say is that technology comes and goes, and whatever you learn now probably won’t be the thing that you will be learning in 10 years’ time or doing in 10 years’ time. So, what you need to do is accept that and embrace change, but don’t embrace change every five minutes.

And the only thing would add is to just enjoy it. Don’t get too stressed with it all. It’s a very challenging thing, and I find that, the more I get stressed, the more I dislike it. So, once you find that you’re actually getting stressed and frustrated with something, take a breather, take a couple of hours. The code will still be there tomorrow, so take an evening off.


Check out more of our interviews from our podcast episodes.


How To Code Well is a video podcast which is live on YouTube every Thursday at 20:00 BST. The audio version is released every Friday and is a week behind the live show. You can find it on iTunes, Spotify and most other podcast platforms.

You can follow How To Code Well through its website, on YouTube (Live every Tuesday @ 17:30 BST and Thursday @ 20:00 BST for the podcast) and on Twitch (live every Sunday @ 14:30 BST).