Employees at A-LIGN take many different paths throughout their journey – that’s why we sat down with Savannah Lazzara to talk about her journey from being an intern to a full-time Penetration Testing Staff Consultant at A-LIGN.
Where are you from? How did you get involved in cybersecurity and start your journey at A-LIGN?
I’m from Tampa, Florida. When I started at The University of Tampa, I was majoring in International Business with a concentration in Management Information Systems. While studying that major, I was able to take my first networking class. I loved the networking course material and the challenges that came with learning the subject so much that after the class ended, I switched my major to Cybersecurity and started practicing with Kali Linux on my own. In doing so, I eventually narrowed my interest to the penetration testing field of cybersecurity, which helped me focus on what type of internship I wanted to have in the industry.
During my junior year of college, I applied to work at A-LIGN as an IT Audit Intern, hoping to eventually transition to their penetration testing team as I gained more experience. They were not offering Penetration Testing Intern positions at that time. As I went through the interview process for the IT Audit Intern position, I consistently expressed my interest in penetration testing, but I was told there were no internships available on that team. Once I made it to the final interview, A-LIGN discussed opening a position for me as a Penetration Testing Intern and I was able to land the job.
Tell me about your role at A-LIGN.
I mainly work on Network and Web Application Assessments. Each week is usually a different project, so it is always a new environment to examine which I really enjoy.
How long have you been at A-LIGN? What has changed during your time as an intern to your time now as a full-time employee?
I have been with A-LIGN for almost a year and a half. Now that I am full time, I have been able to learn more advanced skills with my colleagues and engage with new clients weekly.
Can you describe your experience as an intern at A-LIGN?
I had limited knowledge of penetration testing, but I shadowed a few of the seniors and staff consultants on our team. I traveled and did physical social engineering engagements onsite with clients in New York City and New Jersey. Being exposed to all different areas of penetration testing and getting hands-on experience with other team members was extremely valuable to my growth as an intern.
You’re very involved with Root@UT. Can you tell me a little bit about your role in that student organization and how it came to be? How are students benefitting from it?
Chase Krivda and I saw a gap in technical training for students at the University of Tampa. We wanted to start a club that would help facilitate the technical training of students at UT, so we started Root@UT to expose students to Linux OS, Windows OS, Hack The Box labs, Capture The Flag (CTF) training, penetration testing workshops and have presentations by local industry speakers. We have people coming from A-LIGN and other companies to teach and speak to students, and the organization has helped many of them grow their technical knowledge.
While I was teaching myself the base knowledge to be a penetration tester, I had a lot of questions and I didn’t have anyone to ask. To make it easier for the Root@UT students, they can message us personally by text or email, and we’re always there to help them. Students learning command-line and how to set things up are often frustrated by the complexity, but having someone to ask makes it much easier. We do focus a lot on penetration testing, but we have had presentations on other areas to provide insight on the blue team side of the industry.
What role do you think education plays in helping these students discover a career path in cybersecurity or penetration?
Education allows you to see which area you like the most and specialize in it. It is beneficial to know a variety of areas within cybersecurity, but education is important in actually being able to learn the specific areas you love. I went from graduating on a Friday and starting full-time at A-LIGN on a Monday because I was exposed to the industry through my education and involvement in Root@UT.
What attracted you to A-LIGN?
All the professors at UT always spoke highly about A-LIGN. When I saw the opportunity to work for a great firm, I immediately wanted to join the team.
If you could describe A-LIGN in one word, what would it be?
What is the most valuable lesson you’ve learned at A-LIGN?
Finding an area I enjoyed and specializing in that area was a game changer while working for A-LIGN. Although I knew I wanted to become a penetration tester, A-LIGN pushed me to learn and further grow my skills.
What is the best part of working at A-LIGN?
The best part of working at A-LIGN is being able to be involved with other departments outside my team.
What surprised you most about working at A-LIGN?
The biggest surprise to me is how interactive the executives are with the employees. It is great to be able to have conversations with people from the top who listen.
What do you do for fun outside of A-LIGN?
Outside of A-LIGN, I work on Hack The Box machines to help grow my skills in penetration testing. That’s where I’ve learned a lot of my attack methods. I also love to bake!
Why do you think cybersecurity and security audits are important?
Cybersecurity is important because everything is digital now. If an organization doesn’t have proper security measures in place, it can jeopardize everything for them.
What is your motto/personal mantra?
Work hard now, play later.
What is something most people don’t know about you?
Most people do not know that I have seven siblings between my mom and stepdad.
What’s the best advice you could give someone trying to enter the industry?
Remember that there is always more to learn since the cybersecurity landscape is constantly evolving.
What’s the most rewarding part about working for A-LIGN?
The most rewarding part of working at A-LIGN is being surrounded by people who push me to grow as a consultant.