Paul Shaver is a US Navy veteran whose path to cybersecurity began in the Navy, where he served as a Gunner’s Mate (GM) while also working on the rollout of Windows NT. He served on the crew of the USS Robert G. Bradley (FFG-49) and at Naval Air Station Pensacola. Since leaving the Navy, he has served in a variety of roles, leading teams while focusing on automation and critical infrastructure security.
How did you become interested in the military?
I am a third-generation sailor. My wife and I currently have two children serving in the US Navy. When my oldest went to sea for the first time I got a message from him that said “I’ve known for a long time that this is what I wanted to do, but out here on the open sea… I can feel it in my blood.” This wasn’t the case for me – I hated school and was a terrible student. I knew I needed something else to get me on a career path that wouldn’t have me asking “do you want fries with that?” Once I was in the Navy, I quickly found a love for being at sea and for the feeling of doing something of greater purpose. Let’s face it: the structure and discipline were really good for me as well.
Did your role in the military have any direct relationship to your current or previous roles?
I went to the fleet ‘undesignated’ which is basically an apprenticeship type program that puts you directly in the most laborious jobs and gives you an opportunity to try out roles to see what you would like to specialize in. I requested a rotation in the radio department because they were just starting to use computers (mid 1990’s) and, with the little exposure I had to them in high school, I thought it would be interesting. Truth be told, it wasn’t as glamorous as I thought. I next tested the waters in the weapons division and fell in love with the Gunner’s Mate rating. I spent my free time learning all I could, took the advancement exam, and made E-4 as a Gunner’s Mate. There was such a wide array of things the Gunner’s did, supporting the electronics, hydraulics, pneumatics, and motor control on large gun and missile systems, explosives and ammunition handling, small arms…the list is actually pretty extensive. Little did I know that would play a huge role later in life when I started down the path to work as an automation and control systems engineer, and ultimately to Industrial Controls System Cybersecurity.
What experiences while in uniform started you on the path to where you are now?
Since I was one of the first generation of sailors who had grown up with a computer in classrooms and at home, I was added to a tiger team that received basic IT training in hardware and networking. We then helped deploy Windows NT networks and train other users shipboard. This re-kindled that interest in computers and again, would play a huge role in my career path later down the road.
What did you do in the latter part of your service/while you were leaving the military that set you up for success?
I knew I wasn’t going to be able to leave the military and go straight to work without some education. I took advantage of as many training courses as I could, took A+ and Network+ certification courses, a business management course, and made a plan to get an entry level IT job and go to school once I left the Navy.
Looking back—did you do anything that set you back?
While I would not say anything really set me back–I can say that I focused on the need to have a college degree to be really successful. One thing that has not changed since my high school years is that I am still a poor student. I get bored in class unless I am hands-on and able to apply what I am learning. My key takeaway there was understanding that I learn differently and not tying my success to a four-year degree. I have tried to go back and finish my degree three times—each time with the same level of success. It’s not that I don’t love learning, I do! I just get bored with ‘book learning’. I honestly believe the success I have had is because I learn quickly, just not the same way others do.
What are 3 challenges/experiences you’ve faced/had in your current role where you leaned on/used your military experience to help overcome?
I jumped into a management role when I was new to the company – that is not an easy thing to do. The previous leader was promoted, and the team already had expectations of how things worked. If you have ever served in a unit when the new Chief/Platoon Sergeant shows up, the ability of that person to truly be a leader and not a ‘manager’ is critical. Dedicating time and effort to getting to know how the last person did things and what your team needs from you to make that transition is critical to smooth sailing and success.
I landed in a role with solid skills in control systems, IT management, and cybersecurity but had ZERO knowledge of how this organization did things or what their products/services were. It is important to have an ability to hit the ground running and learn fast – I call this the toolbox effect. The military does not have time to train new recruits on every aspect of the job they are going to the fleet to do. They give them a metaphorical ‘toolbox’ and teach them large overarching concepts then send them out to learn from others at the command. This ability to learn on the fly gets overlooked when companies are hiring veterans.
Different backgrounds mean different perspectives. I learned this early on in my military career and it is one of the things I think about nearly every day. The military is one of the most diverse workplaces you will ever find. That diversity brings educational, cultural, and experiential backgrounds that look at problems and develop solutions differently. Leveraging this in a team environment means you must take time to understand why people think the way they think. That time spent builds relationships that foster trust. Trust means people will follow even when you lead from the back and push them to be better versions of themselves. See how it all builds? When you think about it, where else can you learn to value those kinds of diverse experiences and build the trust and camaraderie?
What sort of education and experience would a veteran need to either land your role or be part of your team?
The good majority of folks get here with an engineering, computer science, or cyber security degree but there are so many resources available on the internet to learn just about any aspect of cybersecurity. Veterans with existing backgrounds in cyber can take SANs ICS courses while those with electronics or engineering backgrounds can take foundational courses in cybersecurity. You do not need to be an expert in both – this goes back to my ‘toolbox’ effect. The things that are most important are the desire to learn and a motivation to keep putting in the work. I joke that this profession is probably not right for anyone who does not love to learn. If you sleep for 8 hours there is a good chance you will have 2 new things to learn when you wake up.
What message would you like to send to employers on how to hire and get the most value from veterans?
Don’t overlook the ability of veterans to learn and adapt when the skills/experience don’t match the job description exactly.
Cyber.Media has also created a series highlighting members of the military community who are working in cybersecurity. To read more about moving from the military community to the civilian job market, visit:
Matt Kiely: Author, Content Architect, Cybersecurity Practitioner and US Marine Corps veteran
The Pipeline: Michael Smith – Security Consultant, Cybersecurity Startup Mentor, and Veteran
The Pipeline: Anonymous Veteran (Air Force Intel/IT vet and Information Security Operator)
Veteran Security (VetSec) – An organization and online community for training, networking, and advice
The Pipeline: Dan Costantino (CISO/CIO and United States Marine Corps Veteran)
The Pipeline: Mark Ferrari (Entrepreneur, CISO, and United States Air Force Veteran)