Several of you have been asking how this has been going, so I’m going to send an update out.  I also have some coffee flowing, so I’m also going to connect the dots for some of you who think I’m off my rocker to be doing this at 43.

Navy – The Navy requires you to be 186 pounds.  If you are heavier than that, you need to have a 39 inch waist or below.  If you have higher than a 39 inch waist, there’s a chart where your neck and waist are compared, etc.  They are requiring essentially 26% of bodyfat or less.  I’m in a size 38 pants in jeans and dress pants, but my waist is measuring around 41 at the moment.  I missed the Feb 15th cut off.  One BIG thing that was flagged for me was my self-reported Barrett’s esophagus.  Well, that was 15 years ago I thought I was diagnosed.  Figured I’d get that re-checked.  Prior to going under, the doctor asked – “why are you here again”?  I said, “I’m looking to get into the military and I’m trying to get my Barrett’s esophagus checked”.  He said, “you don’t have Barrett’s.  They suspected it last time but the pathology came back negative.  Didn’t anyone tell you?”

No.  They didn’t.

So, got it checked again and no, I do NOT have it.  This means I have nothing medically other than my weight keeping me back.  They have selections every 6 months, and the next one will be in March – your package needs to be in by mid February.  Recruiter thinks I have a VERY strong package.  These are the same guys that over the summer wouldn’t return my calls when I told them I was 42.  More on  that below.

The Navy has a position called an “information professional officer” which I feel is perfectly suited for my skills.  The downside is that they start everyone at O-1.  Reince Preibus just started as an O-1.  No special snowflakes starting any higher than this.  Except if you’re a doctor.  More on this as well.

The Navy is attractive because the job as I’ve understood it is very similar to what I do today and I feel I’d be very good at it.  The downside of this is that there is a decent chance this position would deploy.  You cannot deploy until you are certified as a qualified Information Dominance Warfare Officer – which would take 3-4 years of training.  At first, I was very concerned over this, and then I started doing some research on it and I became ok with it.  Not that my family likes this.  Another downside is the training is 5 months all at once, about 5-5.5 hours from my house.  When you are in training, you do NOT get paid from your job, you get deployment pay and BAH.  For O-1 salary, this isn’t great and would give me great pause.

Army – The Army JUST opened this up to the reserves on January 4th and there are no age limits.  I submitted a package for this as well, and they will let people know by about May 1st if they are highly qualified enough to be interviewed.  I’ve also spoken to Army recruiters and they feel I have a very strong package to be considered.  The pro with this is that the training is 2 separate trainings – one is 6 weeks and then later another is 12 weeks.  So, it’s not all at once, and it’s not 5 months straight you could be away from home.

Another BIG pro of this is that the Army talks about “starting at O-2 or higher”.  I read a document which talked about staffing a number of captains for this (Captain is O-3 in the Army and O-6 in the Navy).   So, a Captain salary with BAH is much more palpable on the wallet and doesn’t cut as deep.  Another big pro here is that if I was deployed, there’s a good chance (90%+) it would be to Fort Meade – which, without traffic, is 80 minutes from my house.  To put it into perspective, I drive 90-100 minutes to work – every day.

With the Army, it’s almost identical to the H/W/waist standards.  I have another 10-14 weeks before I’d be tested for that, and at 224 or so this morning, I think with all of the walking I’m about to do, I could take that down to 210 by then.  That would most certainly take me to 39″ or below.

But why….

Here is the big question I get asked.  Something resonated with me on this.  I wanted to be in the military from the time I was a kid.  Early on, with my chess aptitude, I wanted to be an Army General.  I have seen just about every war movie ever made.  Strategy and tactics have been fascinating to me.  But I never wanted to do infantry.  I didn’t want to kill.  I wanted to defend our country from enemies – but the violence of war was not of any interest to me.

I had also had all kinds of weight problems my whole life.  You have to understand, I’ve always been active.  Even at my fattest I could go out and run 3 miles at 372 pounds.  It wasn’t fast, but I could move.  Movement and athleticism were not my concern – I just had a fucked up relationship with food that had me more or less consuming wayyyy too many carbs.  Once I dialed them back, the weight has melted off of me over the last 2.5 years.  I bring this up because I never really was too worried about long marches or running.  Push ups were my nemesis due to someone sitting on my back when trying them.  I can now do 20-30 with some moderate level of difficulty.  But – this is night and day from a year ago when I couldn’t do one.

But why…..?????????

So I don’t go into my work background here too much.  And I won’t.  But I will go over industry type of technologies I’m intimately familiar with and how this has been built for someone like me to step up.

Recently, I was at DISA’s endpoint security summit at Ft. Meade for 3 days.  The room was packed with 250 or so of the best and brightest minds in IT endpoint security in the Armed services (and DHS).  I got to hear about what they are testing, what’s going on, and what’s coming.  None of this was classified, but I’m also not going to go into it for obvious reasons.  What I wanted to take from this was that I felt I belonged in that room.  I had the resume and cub scout badges to be there.  Not only was I intimately familiar with everything being presented – I had experience with much of it and wanted to chime in on suggestions and means of testing effectively.  I’m part of a working group now to potentially assist if asked, but you have some serious weight in these groups and you have to pick your spots to contribute.  It’s not about who the smartest person is in the room, it’s how to effectively work with people and share experience while also leaning in and hearing them out on what they are doing.

So – some of my background.  I have a master’s degree in cybersecurity and an MBA.  So I feel confident that I know the subject material in great depth and also have the management sciences to boot.  With certifications, I have the CISSP (gold standard for IT security), PMP (gold standard for management), MCSE Server 2012, MCSA server 2008, MCP (NT 4.0), MCTS SCCM 2007 (patching/SW deployment tool), Sec+, A+, Network+, Server+.  The cub scout badges also show I’m capable of understanding deeply complex material and passing these tests.  Also, I have 15 years of IT leadership experience in a 23 year career.  I have worked for some of the largest companies/industries in the world – EDS/Vanguard, Harley, SSA(DHS)/Lockheed, Siemens, Tyco International, DoD, Pfizer.

With respects to IT security, I spent several years working with a standard now called “compliance to connect”.  Where I work, I was the lead SCCM engineer where they would test new things.  We would get hit FIRST.  So, in 2011-2012, I worked with C2C and dealt with soft certs, machine-based certificates, 802.1x and RADIUS servers, SHA/SHV, and built out the ACLs for machines who failed compliance to then reach the items it needed to become compliant.

For a good number of years, I worked with a tool called “system center configuration manager” or SCCM.  I reached a point where I was a lead on a DoD team managing 42,000 machines.  I dealt with things like building the EMET package and deploying to all machines, working with enterprise group policy to harden machines, writing silent install scripts to install software or harden systems (for example, Java) to all machines.  I also built a Windows 7 Operating System Deployment from the ground up and deployed this out to my “customers” over 5 months.  We lost data on 6 machines, and that was during testing.  The idea was to build a clean machine, every time, but ensuring that the task sequence was always updated with the latest and greatest.  It would reach out to SUP during build and when the machine was “born”, it was born clean – every time.  This was in 2011 or so and won me a big award from my “customer”.   As a contractor, this was a big deal.  I then won a company award for three straight quarters as the top contributor out of a team of over 200 contractors.

So a lot of this is….endpoint security.  I care about the endpoints, but I have to understand information systems as a whole in order to make it work.  You have to know how IDS works.  How proxies work.  How enterprise group policy could be blocking agents.  How security tools may be hindering operations.  How ACLs and VLANs work.  Virtual machines.  Zero and thin client security.

When you look at those leading the fight, you have a lot of great men and women in these positions.  But if you look closely at their resumes, they may not have virtually any IT background.  Some might.

What this tells me is that people like me need to step up and help contribute to these architectural discussions.  Talk about operational risk.  Discuss impact downstream.  Suggest alternatives or problems that need to be overcome by proposed solutions.  How to do MORE with LESS.  How to automate things.  What metrics are important for ROI discussions.

So – I feel leadership is the strongest it has ever been – but diversity of thought can be of interest here.  What do the engineers, architects, and leaders who have been working with this for 20 years feel about it?  What do they need to be successful?  What policies could help?  What hurts?

While I never wanted to pick up a gun in combat, I feel like I can help those in combat.  Ensuring the confidentiality, integrity, and availability of IT systems for them.

One big problem the military has is these smart people they are growing – are leaving after 4 years for big pay days in Silicon Valley at 3-4 times their salaries.  With the reserves, they may be able to attract some serious expertise from the private sector with personnel who have those decent salaries already and want to give back.

A thing that differentiates me from a lot of these other applicants is that I do not NEED this to enhance my career.  My career is very well fine and good without this.  I want to pull up a seat at the table and talk shop with them and assist where I can to do my part in service.  It’s not with a gun – it’s with my mind.  If ideas I have or experiences I’ve dealt with could help save someone’s life or help certain missions succeed someday – THAT is a big deal to me.

And THAT is why.   My family does NOT want me to do this.  It is quite possible that the military doesn’t want me to do this either.  But I feel it’s a noble cause to step up and give it a shot.  My background and experiences put me in VERY VERY RARE company to do this.

I think it’s a waiting game for the next 3 months or so, and with this, I plan on trying to get my CCNA to work on a weaker area I have.  I understand networking – but how to configure routers and switches?  That might be a bit of a blind spot I have that I could help sweeten the deal before now and then.