Monday - Friday9AM - 5PM
Located inNew Jersey
Visit our social pages
HomeCategory

Featured

https://gatebreachers.org/wp-content/uploads/2021/01/New-Project-3.png

What do you do on a day to day basis?

Every day is different, which is one of the reasons why I love the field.  At a high level, my core role is to assess the risks to our organization and to work with our leaders and care givers in treating those risks to acceptable levels.  A key component of this is to understand the organization’s strategy and to position the information security strategy to enable our mission and vision.  In doing so, I lead a team of information security professionals that occupy roles from leadership (Director, Program Managers) to architects, engineers and analysts.  My role is to enable them to do their roles effectively by providing them with the tools, resources and support to carry out their daily functions.  More often than not, I’m in meetings with various areas of the organization partnering with them to deliver on their goals without introducing unacceptable levels of risk.  At times, I’m reviewing contracts, doing budgets, working through system selections for our security tools, developing and communicating policies, generating awareness and working to create a culture of information security across the organization.  At a micro level, I’m working with all areas of the organization to ensure that our people, process and technologies are working effectively.  Outside of the day to day, I also spend a lot of time keeping up with the news, the emergent threat landscape, new regulations, etc so as to keep pace with the times.  I also work closely with industry peers in collaboration to assist each other in problem solving and moving the maturity needle forward for the industry as a whole.  I do so by volunteering for working groups, serving on collegiate and industry advisory boards and networking.

What attracted you to information security?

I was lucky enough to progress into a role as a project manager for large, international, infrastructure jobs for a large global organization.  I was a pretty hands on project manager and got to experience a wide array of areas of information technology.  Each project had an information security component to it and I found myself gravitating towards the field.  When it was time to move on, I had made the decision that my next role would be focused on information security.  At that time, the HIPAA Security Rule was a few months from coming law.  A large local  hospital was hiring for an Information Security Officer and I got the job.  The rest is history.

Do you have a degree and/or certifications? Do you think that they are necessary to work in information security?

I have a BS in Electrical and Computer Engineering as well as an Executive MBA.  I also have the Certified Information Security Manager (CISM) certification.  I will most likely seek cloud certifications in the near future.  I don’t think that certifications or degrees in this area are necessary to work in information security but I also don’t think that they can’t hurt.  I would not rule out someone without a cert or degree for a job or promotion if the individual can demonstrate competency, skill and the knowledge to do the job.  What I do tell people who are starting in infosec without a comparable degree is that working towards or having a certification, demonstrates a desire and commitment to the discipline and a willingness to work for it.  It may be the differentiator for an entry level role.

What are some of the biggest challenges that you have faced in your career and how did you overcome them?

My challenges came early.  I had to change from full time to part time after my second year in college and had to pay for college on my own.  For many years, I worked as a full time intern and had 2 bartending jobs.  I took classes at night as I could afford them.  I watched all of my friends graduate and begin their careers.  It frustrated and discouraged me at the time to watch everyone else succeed while I struggled to move forward.  It took me 9 years to graduate but I kept pushing.  What I didn’t realize at the time, is that my challenges helped to develop and mature me into the professional that I would someday become.  Once I graduated, I hit the ground running.  I was hired into the company that I had interned for, got several promotions and after 5 years from graduation, left the company to become an Information Security Officer for a large healthcare system in Philadelphia.  Just 5 years after graduation!  The adversity that I experienced, prepared me for a high stakes, high pressure role that I have since fulfilled.   Since then, most of the challenges have been around being able to balance my passion for information security with the constraints that most organizations have in making the resources and finances available to build a strong program.  In my current role, the biggest challenge I face is keeping up with the threat landscape and moving at a pace that is achievable without putting the organization at risk.  In terms of overcoming existing challenges, I believe being a good communicator and a strong partner to the organization has enabled me to gain the trust of our leaders and caregivers and to build the necessary relationships to move forward.

How do you achieve a work life balance to avoid burnout?

I think work life balance is essential to good performance at every level.  Although I work extremely hard, I also find the time to do things that I love outside of work.  I used to work 15 hour days and found that the work never stopped.  When I went for my EMBA, I was forced to stop working after hours so that I could tackle my course work.  What I soon realized is that no one noticed that I wasn’t working as hard.  No one complained about my productivity.  Once I graduated, I made a commitment to myself to avoid going back to working as much.  As for what I do to avoid burning out, I do non security related things to strike that balance.  I am an extreme extrovert.  Being around people is important to me and I enjoy spending time with my family and friends (this includes my strong CISO community).  I love to travel and do so regularly with my husband.  (I could do a better job of disconnecting when away) I’m a huge sports fan and spend a lot of time going to games.  Lastly, I am a long distance runner and enjoy doing half and full marathons which is actually a stress reliever.

What is some advice that you would like provide to girls participating in STEM?

STEM opens up a world of opportunities.  As technology becomes more integral to everyone’s lives, we are going to need talented professionals to keep pace with advancements and to foster innovation.   There are not enough women in STEM.  The unique skillsets and perspectives that we bring to the table can add an incredible amount of value.  In information security specifically, there are not enough people to fill open jobs currently.  That void is expected to grow exponentially in the future.  As far as advice, some folks believe STEM field are difficult or intimidating.  I think STEM fields are challenging and push us to be better versions of ourselves.  Additionally, folks think that information security is super technical.  The field is vast and includes a variety of non-technical areas such as risk management, education and awareness, strategy and communication to name a few.  For those that choose STEM, I suggest you embrace the fields, be bold and confident in your abilities.  Never listen to anyone that tells you that you may not have the ability to do something.  I strongly believe that if we set our minds to do something, each one of us has the ability to do so.  We just have to want it and work for it.  Surround yourself with champions, find a mentor who wants to help and invest in you.  Lastly, have fun learning, it’s the best part.

What resources do you recommend for women who are interested in breaking into your specialty area?

Sites:  SANS.org, ISC2, cybersecurityeducation.org,

Blogs:  Krebs on Security, Schneier on Security

Women specifically:  WiCys.org, womenscyberjutsu.orghttps://cybersecurityventures.com/list-of-women-in-cybersecurity-associations-in-the-u-s-and-internationally/

 

 

https://gatebreachers.org/wp-content/uploads/2021/01/Lizzy-Higgins-1280x640.jpg

What do you do on a day to day basis?

– soc analyst (currently unemployed) also a post graduate student in Psychology looking at human behaviour and cyber security. Want to specialise in human threat intelligence, social engineering and counter terrorism/fighting toxic content online.

What attracted you to information security?

always been interested in computers since I was little and always been very curious by nature – I have a knack for ending up in places/situations I shouldn’t be in and being able to essentially “blag” my way out of a sticky situation or get into somewhere I shouldn’t be. Going into computer security seemed like an obvious choice for me as I am a firm believer of infosec as a social science with a technical element, not a technical area with a social sciences element.

Do you have a degree and/or certifications? Do you think that they are necessary to work in information security?

BSc (Hons) Cyber Security

MSc (conversion) Psychology – soon to graduate

Security +

studying towards GIAC threat intel courses

– find they help but they are not the be all and end all – sometimes you can have all the degrees/certs in the world and still be shit at your job, or have none of them and be ace at it as 99% of the battle is about your willingness to learn.

What are some of the biggest challenges that you have faced in your career and how did you overcome them?

– not being taken seriously for being a woman

– being told repeatedly that I am not technical enough, yet I have a technical CV

– turned down for jobs repeatedly due to it being a bit of a “bro club”

honestly I am still trying to overcome these but each day I am on step closer to hitting my goals and smashing them

How do you achieve a work life balance to avoid burnout?

As someone who’s struggled with MH problems and burning out a couple of times, I have now learnt my triggers, and to find balance. As I am usually sat on my butt for up to 12 hours a day when working (on shift) I find walking to and from work helps a lot, and going running on my dinner break (thank god for showers at the office I used to work at) and also if I have had a pretty shitty day, calling a friend on the walk home and having a mega bitch. Also I find kickboxing, swimming and yoga really helps too and reading something that is non infosec related and putting down my tech helps too 🙂

What is some advice that you would like provide to girls participating in STEM?

don’t be afriad to get involved. Show up, get involved, and so what if you make mistakes?! It’s learning from the mistakes that makes you good at what you do. And don’t beat yourself up if you find you’re not “technical enough” – there are plenty of tech jobs where you don’t have to be sitting in a dark room, writing lines of code and drinking energy drinks until you black out.

What resources do you recommend for women who are interested in breaking into your specialty area?

podcasts – going to tweet a few of my favourites soon

Twitter infosec – get involved in the woman in stem/tech/cyber intititives

Find your local hack spaces, confrences, etc

DON’T be scared to ask stupid questions – as honestly, there is no such thing as a stupid question.

 

https://gatebreachers.org/wp-content/uploads/2020/01/New-Project.png

What do you do on a day to day basis?
I work on an cyber incident response team in a higher education environment. It is hard to say what exactly I do each day because higher education is an extremely volatile environment with an insane amount of variables. On a daily basis I do alert triage, incident response, threat hunting, security administrative tasks, and I spend a portion of each day learning or training on topics in information security that interest me or I need to be more knowledgeable about for my job. Additionally, I deal with securing and protecting research, building out our team’s SIEM and other logging tools, handling phishing emails, and determining what unique behavior seen in our environment is actually anomalous and concerning not just unique behavior.

What attracted you to information security?
Information Security struck me as an extremely important field where I could have real tangible impact with the state of security in my environment. I was also attracted to the fact that it was a continuous learning environment, and I do really learn something new on a daily basis.

Do you have a degree and/or certifications? Do you think that they are necessary to work in information security?
I have a degree from Texas A&M University. I also obtained CompTia’s Security+ certification prior to graduation. I do not think anything is particularly necessary to work in information security besides the desire and drive to learn. In my opinion, certifications are good ways to show that willingness and desire to learn on your own. Lastly, as cybersecurity degree programs are more accessible I presume that a degree will be expected and required for entry level positions.

What are some of the biggest challenges that you have faced in your career and how did you overcome them?
I am relatively new to the industry and to my career so I don’t believe I’ve faced a major challenge to my career at this point.

How do you achieve a work life balance to avoid burnout?
Achieving a healthy work life balance in Information Security is a perpetual work in progress. I can’t say I have achieved it yet, but I try to regularly exercise and make sure at least once a week take a few hour hours for myself and make sure I’m unplugged for that time. Reading fiction (for fun), playing musical instruments, building legos, or doing artsy things are some of the ways I try and give my brain a break at least once a week.

What is some advice that you would like provide to girls participating in STEM?
The best advice I can give, even if it’s a cliché, is to not give up and to stand up for yourself. STEM is hard, no matter what you are doing. It will generally require more work and a bigger drive to learn and to put in extra time on your own than careers in other fields. If a girl wants to do this, she will have to put in the effort and she will have to be willing to stand up for herself and be confident. Imposter syndrome is real, people you work with, both men and women, will discourage you from continuing, in the end it’s up to you if you want to do this. Speaking from experience, I’ve had to learn to be more assertive with my ideas, I had to convince myself that I needed to negotiate a higher salary than what I was offered and that I was capable of actually negotiating for said higher salary, and I’ve had to work extremely hard because unfortunately gender norms do exist and despite my best efforts I am still given more of the tasks designed “for women”, like coordinating team lunch, than my coworkers are. Work hard and stand up for yourself in your personal and professional life and you will make it in STEM.

What resources do you recommend for women who are interested in breaking into your specialty area?

For women interested in being a SOC analyst or incident response analyst, I recommend an introductory certification to prove baseline knowledge in Information Security, I did Security+. I recommend keeping up with cybersecurity  news because a lot of my job is driven by trends seen in the industry. For example, we deal with the APT’s that are active, recent vulnerability disclosures, and ongoing phishing campaigns that other organizations are facing. Additionally, participating in CTFs (Capture the flag hacking competitions) are a great way to expand your cybersecurity knowledge. A lot of the competitions have reverse engineering and network packet capture analysis portions (and other relevant categories) that have direct applicability to what I see on a daily basis in incident response.

AvantageHeadquarters
Organically grow the holistic world view of disruptive innovation via empowerment.
Our locationsWhere to find us?
https://gatebreachers.org/wp-content/uploads/2019/03/img-footer-map.png
Get in touchAvantage Social links
Taking seamless key performance indicators offline to maximise the long tail.
AvantageHeadquarters
Organically grow the holistic world view of disruptive innovation via empowerment.
Our locationsWhere to find us?
https://gatebreachers.org/wp-content/uploads/2019/03/img-footer-map.png
Get in touchAvantage Social links
Taking seamless key performance indicators offline to maximise the long tail.

Copyright by BoldThemes. All rights reserved.

Website built by Lunar Digital Group. All rights reserved.

Website built by Lunar Digital Group. All rights reserved.