When Mario Fernandez ‘06 embarked on his career in cybersecurity a few years after earning his degree, this specialized field was barely on anyone’s radar yet.
“We didn’t even know how to spell cybersecurity,” Fernandez jokes.
Making an Education Work
Originally from Lima, Peru, Fernandez grew up in New York City. After graduating from high school, he attended college for a while before concluding, due to the expense, that he needed to find a different route to earning a degree. He decided to join the military.
“I served in the U.S. Marine Corps for eight years,” he explains.
Two years before he separated from the military, Fernandez returned to school, attending classes at a community college in Maryland. In 1998, the school he was attending formed an agreement with UMGC that allowed students to transfer their community college credits to UMGC if they were pursuing a four-year degree there.
“With the credits I had already earned, a counselor recommended that the best fit for me was a degree in information system management with a minor in communications studies,” says Fernandez.
Gaining a Foothold in IT
During this time, Fernandez worked at a nuclear power plant as a security trainer. After he graduated in 2006, he thought he would find a job elsewhere, but a promotion became available with his current employer.
“They were updating their training at the plant and using databases and computerized testing for the security officers, and they were looking for someone with database experience,” he recalls.
It was a perfect fit for Fernandez, who remained in the role for two years, gaining valuable experience in information systems management. From there, he noticed there was an open government position for a physical security inspector. Intrigued by this opportunity to work for the federal government, he applied.
“Somehow, my resume ended up in a different pile, and I got two interviews,” he says.
The hiring manager had noticed Fernandez’s database management experience. That, coupled with his knowledge of nuclear power plants and military experience, made him a great fit for a new position with the United States Nuclear Regulatory Commission (NRC), the government agency that regulates commercial nuclear power plants and other uses of nuclear materials through licensing, inspection and enforcement of its requirements.
Building a Cyber Program From the Ground Up
When Fernandez was tasked with helping develop a cybersecurity program at NRC, it was a fledgling field. To get up to speed, he attended training programs he found at various schools so he could gain the insights necessary to develop an oversight program for nuclear power plants.
“It was like flying a plane and building it at the same time,” he says, laughing.
That’s because once the requirements he was helping develop went into place, nuclear power plants had just 180 days to submit their plans to the NRC outlining how they would comply with them. On top of that, the initial target date to implement the program was July 2017. However, due to the urgency for cyber security in nuclear power plants, the date was bumped up to January 2013.
To meet this ambitious goal, Fernandez and the team worked tirelessly to develop cyber security requirements, inspection processes, enforcement documents, a team of trained inspectors and more.
“We tasked our engineers to perform inspections because they understand power reactors and how power plants operate. Then we teamed our inspectors with cybersecurity specialists,” he explains.
Today, Fernandez works as a cybersecurity specialist in the headquarters of what is now the Cyber Security Branch of the Division of Physical and Cyber Security Policy in the Office of Nuclear Security & Incident Response. This office is responsible for inspecting every licensed and operating reactor in the U.S. to ensure they are complying with cybersecurity requirements.
“There are 50 sites at the moment divided into four regions,” he says.
He has thrived in his role there because of his knowledge of information systems management, experience in nuclear power plants and earlier study of engineering, which gave him the foundational understanding necessary to help launch the cyber security program at the NRC.
His Best Advice
While it may seem like the stars simply aligned for Fernandez, his success can be credited to his willingness to tackle new challenges, undaunted. For others hoping to break into a new field, he offers similar advice.
“It can be very intimidating to look at some government job descriptions,” he admits. “I’ve heard the same from a lot of students – that they can make it sound like you need a master’s degree or PhD to work in the government.”
Instead of feeling discouraged, Fernandez encourages them to find an internship or other entry-level position in their desired area so they can get exposure to the day-to-day environment and what the work is really like. He also suggests talking to professionals already working in their desired field, which will provide insights and may instill the confidence necessary to break into a new career.
You can also connect with students and alumni through UMGC's career mentor program Community Connect. Simply click here to log into CareerQuest to learn more.
“You’ll be amazed at how much you already know and how much you can learn,” he insists.
Read more Alumni News.