As part of ISC2 Cybersecurity Month, Cristian Martinez, CISSP, shares his cybersecurity career story and tells us about his work to help bring people – often from outside of IT – into the cybersecurity field.

Cristian Martinez, CISSPDisclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2.

I came to the U.S. from the Dominican Republic about a decade ago, with the simple goal of building a better life through technology. My first encounters with cybersecurity weren’t glamorous: it was late nights studying, fixing broken labs and saying “no” to shortcuts that would have made life easier in the moment but harder in the long run. What kept me going was a belief that opportunity and discipline can change a family’s trajectory in one generation. This is the story of where that has taken me.

Jumping straight to the punchline, I’m now the founder & CEO of Sentinel Technology, a Massachusetts-based cybersecurity firm. I’m also the founder of Cyber Ninja Security Academy, a 99-day program that helps newcomers – often without prior IT experience – to break into the field. I’m also a proud ISC2 member and CISSP.

My Learning Journey

Earning the CISSP was deeply personal: I first took training in 2011 but, for years, I let fear delay the exam. In 2024, I finally sat for it – and passed. I still remember writing one phrase on the testing center’s dry-erase board: “THINK LIKE A MANAGER.” That shift, from purely technical thinking to risk-based, business-aligned judgment, changed my career.

Today, my work spans identity and cloud security, with a focus on enterprise environments. But my real mission is to use cybersecurity to create economic mobility. I live in Lawrence, Massachusetts, an immigrant city with incredible grit and potential. Through community workshops that include sessions with local teens at the public library and our Academy’s hybrid nonprofit/for profit model, we’re building ladders for people who might not see themselves in an IT or cybersecurity role yet.

I started with fundamentals – networking, systems and security basics, then layered hands-on experience. I said “yes” to tough problems in Active Directory, Azure and identity. Along the way, mentors taught me that communication is as important as configuration; a secure setting that no one understands may as well not exist.

There are certainly things I wish I had known earlier, most importantly that imposter syndrome doesn’t disappear at the next certification or job title. You overcome it by keeping promises to yourself, small daily wins that compound into confidence. Also, don’t wait for “perfect” conditions. Take the exam. Apply for the role. Ask for the mentorship call.

Helping Others

What we do now is help organizations design secure architectures, modernize identity and prepare for real-world threats. On top of this, we build curricula and hands-on labs so students practice like professionals. The Academy emphasizes three pillars – IT fundamentals, networking fundamentals and security fundamentals – plus a capstone project for each phase so students graduate with proof of skill, not just notes.

These steps enable students to actually learn from the advice we’d give if we were simply asked:

  • Master the Basics: Networking, OS internals, identity and scripting will outlast any single product or certification trend.
  • Think Like a Manager: Security is risk management. Learn to explain threats and trade-offs in business language.
  • Build Public Proof: Share projects on GitHub, LinkedIn posts, or a simple portfolio site. Show your work.
  • Find Community: Join local meetups, online groups and volunteer. Teaching others accelerates your own learning.
  • Be Consistent: Two hours a day beats a 14-hour cram once a month. Upskilling is a habit.

My aim is to scale Cyber Ninja Security Academy and the Cyber Ninja Foundation to provide scholarships, internships and job placement pipelines. The cybersecurity talent gap is also a chance gap: by opening doors for first-generation professionals and career-changers, we strengthen both families and the security of the organizations we serve.

It’s a fact that representation matters: when students see a Latino instructor with a CISSP teaching advanced topics, their posture changes and they realize, “People like me do this.” Culture is a multiplier in cybersecurity: diverse teams catch what homogenous teams miss. Backgrounds like ours sharpen our risk senses; we see edge cases because we’ve lived them. It is also currently Hispanic Heritage Month, which reminds me of my parents, my city and every student who tells me, “I didn’t think I could do this until now”. To them, I say: train hard, hack smart and defend the future. The industry needs you and there’s room for all of us at the table.

Cristian Martinez, CISSP, has 15 years of experience in banking, education, consulting, and cloud security sectors. He has held technical and leadership roles, with responsibility for Active Directory security, Azure architecture, and enterprise identity management. His cybersecurity work spans training future professionals, offensive AI research, and community cyber awareness. 

ISC2 Webinar

New to the security industry? Or thinking about transitioning into an information security role? If so, this webinar is for you. Please join us for a virtual webinar, Security Industry 101: What Every Newcomer Needs to Know on October 15 at 1:00 p.m. ET. 

The session will cover what you need to know about the cybersecurity field including:

  • Size and growth of the security industry
  • Useful vocabulary terms and buzz words
  • Five types of cyberthreat actors
  • Modern cyberthreats and tactics
  • Categories of security defenses
  • Common security job roles
  • Security industry ecosystem

Related Insights