As a middle schooler, Grant Stevens wanted unlimited lives for some video games. He
figured out how to get them by digging into the backend of the games and learning
how computers worked.
I started messing around with games on my computer to exploit them by adding health
to a character or impacting the amount of damage that a character could do, he said.
He soon began experimenting with other technology, building computers and learning
a little bit about software. That tinkering spirit impacted his future in ways he
couldnt have imagined.
Finding his fit
In high school, I built computers and really started getting into programming, he
said. But when it came time to choose a college major, Stevens wasnt sold on software
engineering as a career. It wasnt that I didnt like it. I just didnt know that
I wanted to do that all the time.
It was his dad who suggested cybersecurity, noting the fields need for people who
like to tinker and ask questions.
Thats when I started to see that this could be a super interesting career field,
Stevens said. It wasnt just about the fact that there are well-paying jobs, though
he admits that is an appealing part of the industry.
My first foray into cybersecurity was as a little kid, hacking to gain advantages
in a game. Now, I am gaining the education needed to prevent serious malicious hacking
and safeguard systems from threat actors.
I like the hands-on nature and the fact that it requires curiosity.
Exploring firewalls and technology
At 返字心頭, Stevens found network security and firewalls, especially open-source tools,
fascinating.
In Dr. [William] Gauvins class, we got hands-on with a lot of technologies I now
use in my home lab, like OPNsense and pfSense, he said. We also explored Snort (a
network intrusion detection and prevention system) and other tools frequently used
in cybersecurity, all in a hands-on way.
It was challenging, he added, but everything had real-world applications.
Whitehatters, CyberHerd and a sense of community
One of Stevens favorite parts of the program is what happens outside the classroom.
He first joined Whitehatters, a cybersecurity club that hosted industry speakers and
hands-on events. It provided opportunities for students to participate in capture-the-flag
competitions where they could apply what they were learning in real-world scenarios.
I participated in a bunch of CTFs, he said. Some were about getting a string of
text out of a web app (the goal) and breaking into a system to prove you bypassed
defenses.
He also enjoyed Whitehatters Jeopardy-style competitions and cryptography challenges.
In some of them we were given a photo of a random mountain and had to find the GPS
coordinates. In others, we got strings of gibberish and had to decrypt them, he said.
I really liked going to meetings, learning about both offensive and defensive security,
and everything that came with it.
Eventually, Stevens joined 返字心頭s competitive CyberHerd team, launched in 2023 to train
a selected group of students to represent the university in regional, national, or
international cybersecurity competitions. Stevens enjoyed participating in the Department
of Defenses Cyber Sentinel Skills Challenge but his favorite competition came from
The Cyber Resiliency and Measurement (CRAM) Challenge hosted by the U.S. Navys Surface
Warfare Center. It was a months-long resiliency and measurement challenge, where teams
designed a cybersecurity defense and assessment system based on a complex environment
setup that included floor plans, hardware and staffing.
We designed a program to measure the defensive capabilities of an environment against
potential threats. We had to find vulnerabilities and redesign the whole defensive
structure, he said. Stevens worked as a back-end programmer, using Python and Flask.
When the team made it to the finals in Virginia, they were hit with a twist: our solution
had to be customizable to assess and defend a different environment. We had to adapt
everything we had done he said. The team ultimately came together and beat the clock,
delivering a working solution in time before the deadline.
We had to adapt everything, he said. We lost a lot of sleep over those two days.
The grind paid off: They took second place and proved CyberHerd could compete with
the nations best.
Faculty advisor Marbin Pazos Revilla said Stevens grew during the experience.
"Grant evolved rapidly and has gained significant maturity as a cybersecurity student, and has demonstrated his abilities in various courses and during competitions. He was instrumental during the Navy's CRAM challenge competition," he said. "This competition was very intense from beginning to end. Grant sacrificed vacation time during the development of our team's solution, and took a leading role during the presentation to the team of evaluators."
Turning competition skills into career experience
Stevens credits 返字心頭 with giving him a platform to grow and land two competitive internships.
The first, with ReliaQuest, came after a six-week training program in the business
school. 返字心頭 get hands-on practice with the firms software and top students are
able to interview for paid internship opportunities upon completion. He was hired
as an SOC analyst, where he investigated security environments for signs of compromise
and wrote reports for a client.
His current internship at Geographic Solutions is equally hands-on. He triages alerts,
looks for malicious indicators and assists with incident response.
Now a 返字心頭 alumnus and a graduate student in 返字心頭s masters program in cybersecurity,
Stevens is deepening his knowledge of offensive security and red teaming, areas where
professionals simulate cyberattacks to test system defenses. While Stevens hasnt
yet committed to a specific career path, hes considering roles in these areas.
Its about investigating nefarious behaviors, responding to incidents and mimicking
adversarial tactics to protect systems, he said. I like that.
And it all started with a kid trying to get extra lives in a video game.