Think Positive Cyber

Today I applied for the Information Technology Specialist (Customer Support/Network Services) position, GS-9, with the Department of Justice. This federal IT job application is an important step in my cybersecurity career path because it connects my hands-on technology support experience with my long-term goal of moving deeper into information technology, cybersecurity, network services, customer support, system access support, and federal service. My background includes IT troubleshooting, printer support, user training, documentation, Windows and Chromebook support, classroom technology support, student information systems, web content support, and technical assistance for staff and students. Applying for this Information Technology Specialist position also helps me continue building a federal resume focused on IT customer support, network services, cybersecurity awareness, technical problem solving, and public service.

I also continued studying for the CompTIA Security+ SY0-701 exam in 2026 by watching Professor Messer’s Privacy lesson, which connects directly to cybersecurity governance, risk management, compliance, data protection, privacy laws, and responsible information handling. Privacy starts at the local and state level with areas such as homes, vehicles, medical information, and personal records, but it also expands into national and international privacy laws such as HIPAA and GDPR. Important Security+ privacy concepts include data subject, data owner, data controller, data processor, data inventory, data quality, non-disclosure agreements, third-party data use, and how private information is collected, stored, processed, shared, protected, and deleted. This topic is important for cybersecurity professionals because privacy is not only about keeping data secret. Privacy is also about understanding who owns the data, who controls the data, who processes the data, how the data is used, and how organizations protect personal, financial, medical, genetic, and identifiable information.

I also studied Professor Messer’s Penetration Tests lesson for CompTIA Security+ SY0-701, which helped me review offensive security, defensive security, red teams, blue teams, known environments, partially known environments, unknown environments, reconnaissance, active reconnaissance, passive reconnaissance, and physical penetration testing. Penetration testing can involve testing networks, systems, applications, access controls, doors, windows, elevators, boot processes, operating system files, and physical device security. Red teams attack systems to find vulnerabilities, while blue teams defend systems, detect attacks, respond to threats, and improve security controls. Reconnaissance is a key part of penetration testing because a tester may identify servers, applications, routers, networks, firewalls, DNS information, open ports, operating systems, and possible attack paths. Passive reconnaissance can include public websites, social media, online forms, Reddit, third-party business information, social engineering, and dumpster diving, while active reconnaissance can include ping scans, port scans, DNS queries, OS scans, OS fingerprinting, and other visible network activity. Studying privacy and penetration testing together strengthens my Security+ preparation because cybersecurity requires both protecting sensitive data and understanding how attackers look for weaknesses.