What do you do on a day to day basis?
I work on an cyber incident response team in a higher education environment. It is hard to say what exactly I do each day because higher education is an extremely volatile environment with an insane amount of variables. On a daily basis I do alert triage, incident response, threat hunting, security administrative tasks, and I spend a portion of each day learning or training on topics in information security that interest me or I need to be more knowledgeable about for my job. Additionally, I deal with securing and protecting research, building out our team’s SIEM and other logging tools, handling phishing emails, and determining what unique behavior seen in our environment is actually anomalous and concerning not just unique behavior.
What attracted you to information security?
Information Security struck me as an extremely important field where I could have real tangible impact with the state of security in my environment. I was also attracted to the fact that it was a continuous learning environment, and I do really learn something new on a daily basis.
Do you have a degree and/or certifications? Do you think that they are necessary to work in information security?
I have a degree from Texas A&M University. I also obtained CompTia’s Security+ certification prior to graduation. I do not think anything is particularly necessary to work in information security besides the desire and drive to learn. In my opinion, certifications are good ways to show that willingness and desire to learn on your own. Lastly, as cybersecurity degree programs are more accessible I presume that a degree will be expected and required for entry level positions.
What are some of the biggest challenges that you have faced in your career and how did you overcome them?
I am relatively new to the industry and to my career so I don’t believe I’ve faced a major challenge to my career at this point.
How do you achieve a work life balance to avoid burnout?
Achieving a healthy work life balance in Information Security is a perpetual work in progress. I can’t say I have achieved it yet, but I try to regularly exercise and make sure at least once a week take a few hour hours for myself and make sure I’m unplugged for that time. Reading fiction (for fun), playing musical instruments, building legos, or doing artsy things are some of the ways I try and give my brain a break at least once a week.
What is some advice that you would like provide to girls participating in STEM?
The best advice I can give, even if it’s a cliché, is to not give up and to stand up for yourself. STEM is hard, no matter what you are doing. It will generally require more work and a bigger drive to learn and to put in extra time on your own than careers in other fields. If a girl wants to do this, she will have to put in the effort and she will have to be willing to stand up for herself and be confident. Imposter syndrome is real, people you work with, both men and women, will discourage you from continuing, in the end it’s up to you if you want to do this. Speaking from experience, I’ve had to learn to be more assertive with my ideas, I had to convince myself that I needed to negotiate a higher salary than what I was offered and that I was capable of actually negotiating for said higher salary, and I’ve had to work extremely hard because unfortunately gender norms do exist and despite my best efforts I am still given more of the tasks designed “for women”, like coordinating team lunch, than my coworkers are. Work hard and stand up for yourself in your personal and professional life and you will make it in STEM.
What resources do you recommend for women who are interested in breaking into your specialty area?
For women interested in being a SOC analyst or incident response analyst, I recommend an introductory certification to prove baseline knowledge in Information Security, I did Security+. I recommend keeping up with cybersecurity news because a lot of my job is driven by trends seen in the industry. For example, we deal with the APT’s that are active, recent vulnerability disclosures, and ongoing phishing campaigns that other organizations are facing. Additionally, participating in CTFs (Capture the flag hacking competitions) are a great way to expand your cybersecurity knowledge. A lot of the competitions have reverse engineering and network packet capture analysis portions (and other relevant categories) that have direct applicability to what I see on a daily basis in incident response.