Matt Kiely served in the Marine Corps as an Intelligence Analyst, Special Access Program Security Officer, and System Administrator, helping to stand up Marine Fighter Attack Squadron 121, the first operational F-35B Lightning II squadron in the United States. Since leaving the Marine Corps, Matt earned a degree from Northeastern University and worked at MIT’s Lincoln Laboratory. He now works as a Cybersecurity Content Architect. Check out his page: https://huskyhacks.dev
How did you become interested in the military?
I had felt the pull to serve from an early age. My grandfather was an aviator in the reserve and my grandmother was a Navy WAVE (Women Accepted for Volunteer Emergency Service)
Did your role in the military have any direct relationship to your current or previous roles?
I served as an Intelligence Analyst, Special Access Program Security Officer, and IT Systems/Network Administrator for the first operational F-35 Lightning II squadron in the United States. If those three jobs were in a triangle, the midpoint of that triangle would be cybersecurity, so it worked out to be a very natural career to jump into. I was not a military-trained cyber operator, and my MOS (Military OccupationalSpecialty) was basic IT for the airwing of the Marine Corps. Still, I had experience with cybersecurity concepts like threat modeling, intelligence assessment, and essential IT systems, so it felt like the right move.
What experiences did you have while in uniform that started you on the path to where you are now?
The most influential moment of my early career was when I was denied as an applicant to the Marine Security Guard (MSG) school. I wanted to be an embassy guard more than anything, but my MOS leadership needed to keep resources as available as possible during the initial operations of the F-35 as a weapons platform. They denied my package to the Embassy Guard school. That same summer, in an effort to figure out where I would go from there, I started taking off-duty education to earn a degree in Information Technology. The denial to attend MSG school was the greatest gift I’ve ever been given; pivoting from that to pursuing my education started a journey towards mastery and knowledge that persists to this day.
What did you do in the latter part of your service/while you were leaving the military that set you up for success?
In my last year of service, I applied to Northeastern in the spring to continue my undergraduate education and was accepted that summer. I had an acceptance letter in hand and a plan to start classes three weeks after I would be exiting service and getting home–it was a very natural transition. Having a large project to look forward to was critical. Additionally, I ensured that I would be in a tenable spot financially and squirreled away as much money as possible. When I got home in late December of 2016, I had three weeks to enjoy the holidays and spend time with my family, and then the semester started right up and I was on my way!
Looking back—did you do anything that set you back?
Nothing major comes to mind, but I took on many commitments during my final semester that probably caused more stress than I was prepared for. I applied for a co-op position at MIT Lincoln Laboratory thinking it would be a summer gig, but the Security Services Department thought my skills would translate well into a full-time cybersecurity analyst position. They offered me a full-time role instead! But that meant I would have to go to school full-time to get the most out of the GI Bill as well as work a full 40-hour work week. Pair this with the Boston area traffic, and it made for some long days. That final semester was a test. You can’t pour from an empty pot! Don’t be afraid to retain time every day for yourself, even if that means saying no to opportunities sometimes.
What are 3 challenges/experiences you’ve faced/had in your current role where you leaned on/used your military experience to help overcome?
- Marine NCOs are expected to operate “far from the flagpole,” meaning they are given centralized directives but are expected to execute and lead in a decentralized fashion. I am on a team with only a few other people and expected to author cybersecurity training content that is practical, contemporary, and aligned with the current threat landscape. This requires a great deal of autonomy, which I developed during my time in the service. Much of the time, I am required to do a lot of self-driven research to fill gaps in my knowledge to create bespoke cybersecurity content.
- Staying current in cybersecurity skills and knowledge takes dedication and practice. In a technical role, you need to be a craftsperson. I learned a great deal about the craftsperson mindset from my former mentors in the military.
- It absolutely takes a village. I’ve run up against topics outside of my wheelhouse and have no problem asking my teammates for help. From lifting the log to getting aircraft in the air, in any military metaphor that you’ve heard, you’ll find that no person is an island.
What sort of education and experience would a veteran need to either land your role or be part of your team?
For everything that follows, I’m speaking specifically about becoming a cybersecurity practitioner. I consider that title to be anyone in the technical trenches of the field: red teamers, penetration testers, DFIR, malware analysts, SOC analysts, to name a few. This is not to say that every cybersecurity area is a strict technical meritocracy; we need lawyers, human resources, technicians, executives, proselytizers, recruiters, and everyone else! Take everything I write below as a subset of the field and remember that communication, empathy, and emotional intelligence are prized everywhere they are found in this community.
You’ll need a thorough understanding of technology, how things mesh, what makes it tick. I have a Bachelor’s degree in General Information Technology and graduate-level certificates in cybersecurity specifically. I’ve earned a few select certifications from the more challenging technical, practical courses. Study like a craftsperson until you begin to see solutions and synergy in every piece of technology and learn how these disparate parts create ecosystems. Take the practical cybersecurity courses, identify your blind spots, and work to cover them thoroughly. Consider Mushashi’s famous quote from the Book of Five Rings: “If you know the Way broadly, you will see it in everything.” Study until your mastery in one area spills uncontrollably into competency in the adjacent fields. Become a seeker; listen for what sparks your interest and use that to guide where your mastery will develop. When you have something to give back to the community, give back without a second thought. Toss the ladder down for someone else! Remember that love of the craft is the best way to sustain the journey. Don’t give up. The world needs you!
Cyber.Media has also created a series highlighting members of the military community who are working in cybersecurity. To read more about moving from the military community to the civilian job market, visit:
The Pipeline: Michael Smith – Security Consultant, Cybersecurity Startup Mentor, and Veteran
The Pipeline: Anonymous Veteran (Air Force Intel/IT vet and Information Security Operator)
Veteran Security (VetSec) – An organization and online community for training, networking, and advice
The Pipeline: Dan Costantino (CISO/CIO and United States Marine Corps Veteran)
The Pipeline: Mark Ferrari (Entrepreneur, CISO, and United States Air Force Veteran)