Jamila Evans, Cyber Battle Captain, United States Air Force
Certification plays a crucial role in cybersecurity. With best practice security measures that are broad and ever-evolving, as well as an increasing number of public-private, and inter-agency partnerships, the need for verifiable skillsets has never been more important. As a Cyber Battle Captain, Jamila Evans highlights how certification benefits her command and increases her ability to collaborate with other units and agencies.
How long have you been in the Air Force and what is your role?
I joined in May 2009. Currently I am a Cyber Battle Captain at Defense Information Systems Agency Pacific Command (DISA-PAC) in Hawaii, which means that I make sure every war fighter is connected to the network. We track maintenance and outages of the network and possible service interruptions for DoD employees, contract employees and civilians in the Pacific theater.
Certification is a great way to measure both military and industry professionals and make sure that the person understands information and can communicate it to others. Having established common language helps us talk and work together and build a foundation.
—Jamila Evans
What impact do certifications have on you and your unit?
In the military, when people have the basic certifications, it’s a baseline that establishes that they are knowledgeable about certain topics relevant for the exam. Our goal is for them to maintain knowledge and information so that we can verify that a person remains qualified for their role. As people continue to advance in their careers and gain experience, they add more and more certifications, which helps with validation.
To me, certification is a great way to measure both military and industry professionals and make sure that the person understands information and can communicate it to others. Even within the military, each of the branches has its own lingo, but we all have to work together. I’ve done projects with CYBERCOM, which is a mix of all Services plus DoD civilian and contractors, and having established common language helps us talk and work together and build a foundation.
The DoD directives 8570 and 8140 have put a big impetus on cyber certification in the DoD. What impact do you think they have made regarding cyber readiness within the DoD?
It started off as a basic job requirement to get your permissions on the network, but when we work with our contractors and civilians, we’re seeing that they have the same requirements. These certifications hold great value, not just with DoD contractors, but also in the community. I’ve talked to a couple of companies who say, “we’re not looking for someone with a degree, but we want to know what certifications they have.” Certification is not just something that your commander asks you to do — it’s something that is used in both the military and civilian world.
What do you tell your Airmen when they come to you and ask for advice regarding transitioning out of the military and seeking civilian roles in cybersecurity?
Don’t let this experience be a waste. We learn so much in the military, and sometimes we learn things at a faster pace. It’s a once-in-a-lifetime-experience at a very young age that you likely would not be able to get otherwise, so make your time in the Service count. I think it’s very important for military people to follow industry trends as they go through their military careers, because if there is a requirement that is parallel to both worlds it will help you.
Also, don’t underestimate the importance of building your network and your relationships with people. There’s a lot of people out there trying to find these jobs in cyber and IT, and they are trying to find out what certifications to get, but they are not connected with the “older generation.” Find an organization that will help you expand on your knowledge and have conversations with colleagues about things that you’ve learned and your education and certification background. It makes the experience more interesting.
The reason we use certifications is not just for a military mission. It’s foundational knowledge of the network. When people maintain their certifications, it proves they are knowledgeable about their industry.
—Jamila Evans
Do you feel that your military experience provides any benefits that you can use when attaining certifications?
I feel like the requirements in the military are usually a step ahead of the regular industry. So when the 8570 requirement came out in the late 2000s, I felt like we had a head-start compared with people outside of the military. I have friends who work for Google and they are talking about all of these same certifications that my commander mentioned to me years earlier, and it made me realize that I am actually more equipped to succeed on the outside than I previously thought. Of course there are differences between Google and the military, but you could take your military experience and use that as a foundation on the outside. I think many times civilians have this impression that military is all guns and war 24/7. But in cybersecurity, sometimes the only difference in our job is what we are wearing to work. We are still providing that security and protecting the network.
What message do you have for civilian employers who are looking for veterans to hire for their cybersecurity divisions?
I would tell them that certifications acquired in uniform are just as valuable out of uniform. The reason we use certifications is not just for a military mission. It’s foundational knowledge of the network. If the prospective employer wants to know if a candidate understands their degree in computer science or information technology, I would tell them to check for active certifications. Are they maintaining them? Are they making sure that they have the latest and greatest information? When it comes to cybersecurity, how will this person apply their military experience to help this civilian employer? When they maintain their certifications, it proves they are knowledgeable about their industry.