Senior IT Architect, IBM
Fifteen years ago, Pete Caro had trouble breaking into the IT field, despite the fact he had multiple, college-level computer courses under his belt. So he joined the Army in 1998. There he steadily gained IT experience and expertise that enabled him to establish a successful civilian career in IT security and support the armed forces as an Army Reservist.
Working IT in the Army, Caro, now 36, started out in mid-1999 as a systems administrator, doing Tier 1 and Tier 2 technical support for the Army Combined Arms Support Command (CASCOM) in Fort Lee, Va. By 2001, he was network and security administration team leader for the Army Theater Network Operations and Security Center in South Korea, while at the same time studying to complete a bachelor's degree online.
He was information security officer for Army Special Operations Command in Fort Bragg, N.C., before separating from active duty in October 2004. Since then, he has developed tandem IT security careers—working as an Army Reservist and also for civilian companies such as defense and commercial IT security consulting firm Booz Allen Hamilton and, since April 2010, IBM.
Education: Bachelor's degree in computer science, Grantham University, Kansas City, Mo.
Certifications: CISSP-ISSEP, CompTIA Advanced Security Practitioner (CASP), CompTIA Network+, CompTIA Security+, CompTIA A+. He also previously earned his CCNA credential.
Tell us about your current job.
At IBM, I oversee a team of eight IT security engineers and manage all the projects they work on. We have about 60 or 70 people working on the overall program—including integration testers, software developers, and project managers.
We build secure IT systems for clients. On any given day we have more than100 projects that we manage out of my office. I'm involved with most of them, although I don't work on each project every day.
A lot of my day is made up of meetings or email. I help provide technical direction, architecture decisions, implementation decisions, and problem solving. I'm the one who makes these technical decisions, up front, on a day-to-day basis.
In addition, I interface with customers to make sure that we understand their requirements and problems and that we make sure we solve those problems in a secure way.
On the reserve side, I'm a Master Sergeant in the Army Reserve. Until recently I was the senior enlisted advisor to two Army Reserve detachments, about 30 soldiers, assigned to DISA to conduct defensive cyber operations for the DoD. Currently I'm the non-commissioned officer in charge of the operations section, S-3, for the Army Reserve Element at DISA. I'm part of a small team that plans and conducts all operations for the unit's five detachments across the country. It's supposed to only take one weekend a month, but it turns into two or three nights a week plus one weekend a month.
What's the best part of your job?
I like being able to take a customer's problem, figure out how to solve it securely, and see it through to being built. The satisfaction you get when you've built something and solved somebody's problem is what I like.
What's the worst part of your job?
Sometimes dealing with meetings and bureaucracy when you are trying to solve someone's problem can get discouraging.
How do you stay up to date with what's happening in IT?
I read slashdot.org – it's like a pipeline for IT news. IBM has a lot of internal education and newsletters. I go to CompTIA's offices as a subject matter expert once or twice a year and get to talk to my peers and find out what's going on. I also try to go to Shmoocon, an IT security conference here in Washington, D.C., to attend the presentations. I read Wired, MIT Technology Review, Popular Science, Popular Mechanics and other technical publications.
What advice do you have for someone who wants to pursue a career in IT?
Try to get a strong, hands-on background, and good hands-on experience. Get one or two solid, industry-recognized certifications, even if they're junior ones. And, if you can, get a computer science or information systems degree. You don't need a degree at first, but the certifications help let prospective employers know you are serious about your career.
Some people are down on certifications, saying all they do is show you can take a test. But as somebody who reviews hundreds, if not thousands of resumes a year for many years, certifications are one of the first things I look for to evaluate candidates. It helps you weed out unqualified people.
Certifications tell me you have a certain baseline of knowledge plus the initiative and willingness to study and pass an exam. The person who has that knowledge and demonstrates that commitment is really worth more of my time to interview than the person who hasn't put in that effort.
CompTIA Security+ is one certification I look for a lot. For networking, CCNA is one that carries a lot of weight. For more advanced security engineering, I look for CISSP or the CASP, now that CompTIA has that. We do a lot of government work, and these certifications are some of the ones the government and military require for security positions.
Finally, don't be afraid to start at the bottom and work up. When I started in the Army, I did a lot of help desk work and quickly moved up into engineering and security… but you have to start someplace.