Photo of MAGE M.Eng. Alumni Ronnie Joseph on graduation day in cap and gown
UMD’s cybersecurity program was more financially viable compared to other universities, while being consistently ranked among the top 5 in cybersecurity.

Ronnie Joseph

Information Security Engineer at MongoDB

M.Eng. in Cybersecurity

 

My very first introduction to cybersecurity was way back in high school when I came across things like modding Android apps, installing custom ROMs on phones, blogging, and other tech experiments. After finishing school, which honestly wasn’t very exciting because of all the rote memorization taught in most Indian classrooms, I decided to pursue a Bachelor’s degree in Computer Science and Engineering at a well-regarded university in South India.

During my freshman year, I thought I wanted to be an Android app developer because of my limited background in computer science. Around that time, I finally had a regular internet connection, which opened up some possibilities. I promised myself I wouldn’t just be another average student during those four years and that I would really focus on what I enjoyed. Since I had some past experience with blogging, I decided to launch my own tech blog in my first year. On the launch day, I took a leap of faith and shared the website link with the entire official university student email group. I received a mix of positive responses and some anonymous hate, but the experience taught me a lot, especially to believe in myself, even if the world doesn't concur! Over time, I realized blogging wasn’t really for me and that I wanted to dive deeper into the technical side of computer science. A few months later, a college alumnus reached out, and I eventually sold the blog to him.

The reason I’m sharing this story is for a unique reason. I had used a design website, which is now famously known as Canva, to create the blog’s logo. While playing around with its features, I stumbled upon a security bug that allowed non-premium users to access paid features for free. Out of goodwill, I reported it to their security team. To my surprise, they quickly responded, invited me to their private Bug Bounty program, and even paid me a reward. At that point, I hadn’t really heard much about bug bounty programs, but after doing some research, I discovered that major tech companies reward independent security researchers all over the world for finding and reporting vulnerabilities in their products.

That experience sparked my interest in ethical hacking. I began looking for security flaws in different company systems, partly for the thrill of discovery and partly for the financial rewards. With no guidance from anyone around me, I managed to find vulnerabilities in several companies and was recognized in the Security Hall of Fame of famous tech companies like Facebook, Google, and Microsoft. In my senior year, I was selected as one among 30 students from the Asia-Pacific region to attend an invite-only security conference called BountyCon, along with a live hacking event in Singapore. I was awarded a fully funded scholarship for the trip, which was also my very first time traveling abroad. That experience gave me the chance to see how engineers at Meta and Google work alongside external researchers to keep their systems safe.

After graduation, I started my career as a Security Researcher, where I identified CVEs in open-source GitHub repositories and submitted them to partner companies so they could strengthen their detection systems. Later, I worked with the product security team at a unicorn gaming startup in India, where I learned how security practices can vary depending on the speed and scale of the company.

Eventually, I came to the USA to pursue my Master’s degree and landed an internship with the awesome security team at MongoDB in New York City, one of the biggest database providers in the world. My internship was later converted into a full-time offer, and now I work as an Information Security Engineer at MongoDB. Along the way, I also completed my Master’s degree in Cybersecurity and earned a GCEN in Cloud Engineering.

I have to thank God, my family, friends, and well-wishers for this journey. And yeah, hopefully if someone asks me now, I should be able to answer that I’m not a physical security guard for any company, but security engineering is a technical role in software where we work to prevent attacks and hacks.  My job involves things like securing cloud networks, testing systems for vulnerabilities, setting up detections, traps, and making sure sensitive data doesn’t get stolen. Basically, I make sure the company’s information stays safe from the bad guys: Blackhat hackers. 

My advice for any incoming student reading this is to follow my rule, which I call the Triple-H Policy: Humble, Honest, and Hardworking. It may rain for six days, but on the seventh day, you'll see sunrise :)

 

Why Maryland?

I chose UMD after a lot of research, as well as after receiving positive feedback from the alumni. The coursework reflected the current industry trends around Cloud, AI, ML, Virtualization, and provided us with flexibility in choosing courses based on our interests.  UMD’s cybersecurity program was more financially viable compared to other universities, while being consistently ranked among the top 5 in cybersecurity. I’d like to commend the faculty for their valuable time,  guidance, insights and practical teaching.


Top