AJ Yawn is Co-Founder and CEO at ByteChek and a Founding Board Member of the National Association of Black Compliance and Risk Management Professionals (NABCRMP). AJ has earned 6 AWS certifications including the AWS Solutions Architect-Professional and AWS Security-Specialty. Prior to ByteChek, AJ spent over a decade in the cybersecurity industry both in the US Army and as a consultant. He is a regular speaker at SANS Cloud Security curriculum events such as BIPOC in Cloud Forum and CloudSecNext Summit, and can be found teaching SEC557: Cloud Security and Continuous Compliance.
SANS: What made you choose to work in security?
AJ Yawn: Purpose. When I left the US Army I wanted to find a similar purpose in my career that I felt during my service. Cybersecurity gave me that opportunity by providing me with a career that is impactful and meaningful. What we do every day in cybersecurity is important to the businesses we work for and society in general.
SANS: What courses do you teach / author?
AJ Yawn: I am currently helping co-teach SEC557: Continuous Automation for Enterprise and Cloud Compliance as my first class in the “certified instructor pipeline.” Given my background in cloud security and compliance, this course was the perfect fit for me.
SANS: Why do you teach, research and practice information security?
AJ Yawn: I teach, research, and practice information security because I feel like it is my responsibility to give back to the community and be a living, breathing representation of what is possible in cybersecurity. As a Black and Hispanic man, I understand that there are not a lot of professionals like myself so it is important that I am active and giving back to the community.
SANS: What tips can you provide newcomers to cyber security and defense?
AJ Yawn: Get comfortable being uncomfortable. The path into cyber security is not easy but it is attainable. Understanding that there will be moments where you are confused or not sure you understand things fully is critical to persevering and continuing on this journey. I am still confused and learning daily, it's what makes cybersecurity fun and every day different.
SANS: Who has influenced your information security career?
AJ Yawn: So many people have played a role in my development and growth in information security. If I had to pinpoint one person it would be my good friend Anthony Paris, US Army Cyber Officer. We started our Army career today in 2011 at Fort Gordon, GA as Second Lieutenants going through Basic Officer’s Leadership Course together. Ever since we met, we’ve pushed each other to greatness and continued learning. Despite never serving in the same unit directly, we deployed together and worked in similar roles throughout our career which allowed us to stay close and also help each other grow. Anthony helped me out tremendously during my transition out of the military and in my civilian career. I am grateful for his friendship and companionship as it has enabled me to stay sharp and lead me to take chances and grow my career to where I am today.
SANS: What do you want people to know about you?
AJ Yawn: I don’t take myself too seriously. I truly enjoy what I do and think it is important but I also know that I am fortunate and lucky to be in this position. I truly enjoy getting feedback from anyone that is willing to provide it and have never met someone that I didn’t learn a tremendous amount from. I want to learn from my students, fellow SANS faculty, newcomers to the industry and so many more. If we interact at a SANS conference or course, just know you can talk to me about anything, let me know that I need to improve or just ask some questions - I look forward to meeting you all out there.
SANS: Favorite quotes / books / music, etc
Quote: “Don't explain your philosophy. Embody it.” ― Epictetus
Album: Victory Lap by Nipsey Hussle
Book: Meditations by Marcus Aurielius
SANS: Tell us about things you enjoy that people may not expect.
AJ Yawn: At Florida State University I was a member of the basketball team and in my last year we went to the Sweet 16.