In 1997, Shawna Turner transitioned from college to the real world with an undergraduate degree in Theater Arts from Virginia Tech. Shawna's study focus was Theater Design and Technology. However, it was not long before she discovered that a career in theater does not always pay the bills, particularly during an economic downturn. As Shawna so aptly put it, "When you are on your own, you soon come to recognize that hot food, hot water, and rent are expensive." She quickly channeled her tech skills and found her way to a job in computer development for McAfee, a leading security software company.
Today, Shawna is a principal solutions architect in Digital Product Creation at Nike. She works with the business and engineering teams to identify secure-by-design technology solutions to meet the sneaker giant's business needs. Shawna has worked nearly seven years at Nike and almost two years in her current position.
Here Shawna talks to us about her journey from stage tech to tech solutions to SANS Technology Institute (SANS.edu). Shawna enrolled in SANS.edu in 2017 and graduated in 2020. She offers insights and advice for those looking to expand their career within the cybersecurity industry.
Q. How did you get interested in computer technology and, more specifically, cybersecurity? And what professional experience did you bring to the SANS Technology Institute?
A. My interest in computer technology and cybersecurity was somewhat organic. After I abandoned a career in theater technology in favor of regular and reasonable paychecks, I took a security software job with McAfee working on commercial antivirus software. From there I held many positions with SAP, building the first Sarbanes Oxley compliant financial software, and served as a contractor for Microsoft working in disaster recovery. In 2010, I became manager of Security and Compliance at Tripwire. During this time, Tripwire decided to pivot from compliance to security, which created significant opportunities to stretch my skills. In 2013, I moved on to Nike where I am currently working in secure-by-design solutions architecture.
Q. Why did you choose to apply to SANS.edu? From your research, how did SANS differ from other master's degree programs available?
A. When considering graduate degree programs, I found that there were not many accredited degree programs available. Most were certification programs from mid-level universities lacking cybersecurity strength. Other programs required physical presence in the classroom and full-time enrollment. That was out of the question for me. The SANS Technology Institute offered all the elements that I desired in a graduate degree program: flexibility, accreditation, and a stellar industry-wide reputation. I could enroll in the program while still maintaining my full-time position at Nike. SANS.edu is regionally accredited, so my employer was willing to reimburse me for my tuition. And because SANS is the industry leader, widely recognized and revered, I was confident that a SANS graduate degree would set me up for continued career success.
Q. Prior to attending the SANS Technology Institute, did you complete any courses through the SANS Institute?
A. While at a conference many years ago, I started speaking with a gentleman who was so knowledgeable about the cybersecurity industry and his career seemed to be skyrocketing. He noted that he was taking courses from SANS. That had me thinking; if he could do it, so could I. I took SANS certification courses for about 10 years prior to enrolling in the graduate degree program. I enrolled in the SANS Training Program for CISSP® Certification, an accelerated review course that is specifically designed to prepare for the CISSP® exam. I also graduated from the SANS GCIH, GIAC and GISP certification courses.
Q. Did you take classes online or at live events?
A. I participated in a mix of online courses and onsite classes. I also signed up for additional courses available onsite to increase the value to my travel. Meeting my peers in the industry really brought a richness to the program.
Q. What did you like best about the SANS Technology Institute?
A. I liked the structure and the flexibility of the program. There is a lot to learn and it can be intimidating; however, our student advisors helped us develop a curriculum that would best meet our goals in an order that made the most sense from a learning perspective. Further, the SANS Technology Institute does not have a fixed university quarter. This was a lifesaver for me. There are no traditional start and stop dates. The ability to adjust my schedule based on unforeseen "life" needs was critical to my success.
Q. What did you find most valuable about the program?
A. The breadth of coverage is vast. You leave the program with a firm understanding of why the industry functions the way it does. You get a look under the hood. It's not just about how to manipulate the technology. It is also about learning the "why." If you want to become a leader, you need to know the "why." SANS is the Oxford of security studies, so expectations are naturally quite high. Living up to those is not a trivial accomplishment!
Q. What did you find most surprising about SANS.edu?
A. Unlike traditional graduate programs, the instructors are leading industry practitioners and most students are peers with varied real-world industry experience. This makes for an amazingly relevant and rewarding experience, even if it also can feel like a firehose of data.
Q. How has your SANS degree impacted your career trajectory?
A. Thanks to my SANS education, I've expanded my knowledge base and I've positioned myself as more of a leader in the space. Within Nike, I am now recognized as a subject matter expert.
Q. What advice would you offer someone considering applying to the SANS Technology Institute?
A. Be prepared to learn a ton from both instructors and student peers. Be ready for the level of investment needed to succeed. Enroll at a time when you can give your most so that you can get the most.
Q. What's next for Shawna?
A. Right now I am focused on leveraging my new
skills and knowledge to broaden the secure-by-design approach at Nike.
Architecture should be resilient, but few architects have a portfolio of
patterns to enable the kind of resilience required in today's fast past
environment. This is something that has not been considered here at
Nike. I am excited to get started.