As a middle schooler, Grant Stevens wanted unlimited lives for some video games. He
figured out how to get them by digging into the backend of the games and learning
how computers worked.
“I started messing around with games on my computer to exploit them by adding
health to a character or impacting the amount of damage that a character could do,”
he said.
He soon began experimenting with other technology, building computers and learning
a little bit about software. That tinkering spirit impacted his future in ways he
couldn't have imagined.
Finding his fit
“In high school, I built computers and really started getting into programming,”
he said. But when it came time to choose a college major, Stevens wasn't sold
on software engineering as a career. “It wasn't that I didn't like
it. I just didn't know that I wanted to do that all the time.”
It was his dad who suggested cybersecurity, noting the field's need for people
who like to tinker and ask questions.
“That's when I started to see that this could be a super interesting career
field,” Stevens said. It wasn't just about the fact that there are well-paying
jobs, though he admits that is an appealing part of the industry.
“My first foray into cybersecurity was as a little kid, hacking to gain advantages
in a game. Now, I am gaining the education needed to prevent serious malicious hacking
and safeguard systems from threat actors.
“I like the hands-on nature and the fact that it requires curiosity.”
Exploring firewalls and technology
At USF, Stevens found network security and firewalls, especially open-source tools,
fascinating.
“In Dr. [William] Gauvin's class, we got hands-on with a lot of technologies
I now use in my home lab, like OPNsense and pfSense,” he said. “We also
explored Snort (a network intrusion detection and prevention system) and other tools
frequently used in cybersecurity, all in a hands-on way.”
“It was challenging,” he added, “but everything had real-world applications.”
Whitehatters, CyberHerd and a sense of community
One of Stevens' favorite parts of the program is what happens outside the classroom.
He first joined Whitehatters, a cybersecurity club that hosted industry speakers and
hands-on events. It provided opportunities for students to participate in capture-the-flag
competitions where they could apply what they were learning in real-world scenarios.
“I participated in a bunch of CTFs,” he said. “Some were about getting
a string of text out of a web app (the goal) and breaking into a system to prove you
bypassed defenses.”
He also enjoyed Whitehatters' Jeopardy-style competitions and cryptography challenges.
“In some of them we were given a photo of a random mountain and had to find
the GPS coordinates. In others, we got strings of gibberish and had to decrypt them,”
he said. “I really liked going to meetings, learning about both offensive and
defensive security, and everything that came with it.”
Eventually, Stevens joined USF's competitive CyberHerd team, launched in 2023
to train a selected group of students to represent the university in regional, national,
or international cybersecurity competitions. Stevens enjoyed participating in the
Department of Defense's Cyber Sentinel Skills Challenge but his favorite competition
came from The Cyber Resiliency and Measurement (CRAM) Challenge hosted by the
U.S. Navy's Surface Warfare Center. It was a months-long resiliency and measurement
challenge, where teams designed a cybersecurity defense and assessment system based
on a complex environment setup that included floor plans, hardware and staffing.
“We designed a program to measure the defensive capabilities of an environment
against potential threats. We had to find vulnerabilities and redesign the whole defensive
structure,” he said. Stevens worked as a back-end programmer, using Python and
Flask.
When the team made it to the finals in Virginia, they were hit with a twist: our solution
had to be customizable to assess and defend a different environment. “We
had to adapt everything we had done” he said. The team ultimately came together
and beat the clock, delivering a working solution in time before the deadline.
“We had to adapt everything,” he said. “We lost a lot of sleep over
those two days.”
The grind paid off: They took second place and proved CyberHerd could compete with
the nation's best.
Faculty advisor Marbin Pazos Revilla said Stevens grew during the experience.
"Grant evolved rapidly and has gained significant maturity as a cybersecurity student, and has demonstrated his abilities in various courses and during competitions. He was instrumental during the Navy's CRAM challenge competition," he said. "This competition was very intense from beginning to end. Grant sacrificed vacation time during the development of our team's solution, and took a leading role during the presentation to the team of evaluators."
Turning competition skills into career experience
Stevens credits USF with giving him a platform to grow and land two competitive internships.
The first, with ReliaQuest, came after a six-week training program in the business
school. Students get hands-on practice with the firm's software and top students
are able to interview for paid internship opportunities upon completion. He was hired
as an SOC analyst, where he investigated security environments for signs of compromise
and wrote reports for a client.
His current internship at Geographic Solutions is equally hands-on. He triages alerts,
looks for malicious indicators and assists with incident response.
Now a USF alumnus and a graduate student in USF's master's program in
cybersecurity, Stevens is deepening his knowledge of offensive security and red teaming,
areas where professionals simulate cyberattacks to test system defenses. While Stevens
hasn't yet committed to a specific career path, he's considering roles
in these areas.
“It's about investigating nefarious behaviors, responding to incidents
and mimicking adversarial tactics to protect systems,” he said. “I like
that.”
And it all started with a kid trying to get extra lives in a video game.