I recently published a deeply personal post about who I am behind the resume — not just what certifications I’ve earned or tools I’ve built, but the mindset, the persistence, and the lived experience that defines me.

This post builds on “Not Just a Resume — Cybersecurity Is My Life”, where I laid out exactly who I am beneath the certs, tools, and job titles. If you haven’t read it yet, I recommend starting there — because what I’m about to say only makes sense if you understand what the system keeps trying to filter out.

But there’s something else I need to say. Something bigger than just me:

I am the kind of person companies say they want. I solve problems until they’re dead, not just bandaged. I’ve earned multiple certs in under a year — in a field that recommends 4+ years of experience to even try. I write my own defensive scripts. I publish IR case studies based on real-life incidents.

And yet — I still get filtered out.

Not because I lack skills. Not because I can’t prove them. But because some forms only care about one thing:

“What’s the highest level of education you’ve completed?”

---

The Box I’m Supposed to Check

Let me tell you what that question doesn’t allow me to explain:

• I’m a licensed paramedic — one of just 3 out of 40 in my class to make it through to the end
• I spent nearly two decades in emergency medicine, where failure was measured in lives
• I completed a cybersecurity bootcamp in 2024
• And then? I earned Security+ and CySA+ in under a year — while most of my bootcamp peers haven’t completed a single cert
• I built a defensive hardening tool (GhostHunter.ps1) and an automation script for job applications
• I run my own vulnerability scans, do root cause analysis, and remediate issues across my home lab and family systems
• I write incident response case studies from real-world failures — including medical device issues in my own body

So when I’m asked to “check a box” — High School, Associate’s, Bachelor’s — none of those labels represent what I’ve actually done. And because the system doesn’t know what to do with people like me… it often ignores us entirely.

---

Who Else Gets Filtered Out?

It’s not just me. It’s veterans. It’s licensed professionals. It’s tradespeople, bootcamp grads, autodidacts. It’s the people who couldn’t afford four years of debt but still learned how to do the job.

The checkbox doesn’t ask if you’ve solved real incidents. It doesn’t ask if you’ve protected users. It doesn’t ask if you’ve built anything, fixed anything, or lived it. It just asks if you paid tuition somewhere long enough to get a piece of paper.

---

If the System Were Honest, It Would Say:

“We’ll ignore you if you don’t have a bachelor’s, even if you’ve done the job better than people who do.”

That’s not a merit filter. That’s a failure of visibility. And in cybersecurity — where threats evolve faster than policies — it’s costing companies the people they actually need.

---

I’m Not Asking for Special Treatment. I’m Asking to Be Seen.

I didn’t just attend a bootcamp. I didn’t just pass a class. I didn’t stop when the certs were done. I’ve applied this knowledge in real situations, built tools, fixed problems, and taught myself more in 12 months than many degree holders learn in four years.

So if your filters would throw me out for not having a Bachelor’s degree, ask yourself this: What exactly are you filtering for?

Because I’ve already proven I can do the work. The only thing I haven’t done is check the box you thought mattered more than everything I just listed.

And if you’re not afraid of hiring someone who builds their own security tools and writes their own IR playbooks?

My DMs are open.