My Career

I thought I would talk a little bit about my job.  What I do to make money. My professional career.  I'm not even sure my family (aside from my husband) really understand what I do for a living.  So here is my attempt to explain.

I work in the industry of crime fighting.  Cybercrime fighting people who use the computers, hardware, software inappropriately.  I say inappropriately over maliciously because a lot of people don't know that they are doing anything wrong.  But then again... a whole lot of them do.  See the guy above, he's a bad guy.  A Hacker.

So let me back up because how I got here is a curious thing.  I started going to school years and years ago to be an English Professor.  In fact, I would still love to be an English Professor... debate great novels with students, read papers, talk about books, write some articles for professional journals.  I'm sure I romanticize it in my mind (Me, librarian glasses, sipping tea, hanging out with intellectuals lol). Unfortunately, those jobs are undervalued and the road to achievement (not to mention the bill) is long.  So I did what anyone needing to make money does, I went and got a job.

I somehow landed in Accounting.  It was a progression from working as a bookkeeper for a store, then a collections company, and then as an Accountant for a big hospital in Florida.  I had 6 Accounting jobs over a 10 year span.  I liked Accounting but I still wanted to be an English Professor.  So I kept working in Accounting and going to school to get an English degree. I started to notice that working in Accounting exposed me to Controls and I started developing really great relationships with the Financial Controllers in my companies.  I also noticed that I would frequently get assigned projects to work on addressing financial control gaps.  Those projects usually led to working with IT and getting into the weeds of a particular system.  This pattern happened at 3 different employers. 

I realized that I caught on to technical concepts pretty easily.  So I started migrating to IT.  Initially I started as a Business Systems Analyst working with business requirements and making the technology happen. I also completed that English degree but realized that I had very little options in the real world. Except for that fact I still believe today that my English degree has set me apart from my counterparts and has made me a different kind of Security Professional but that is another topic.  I liked what I was doing.  It was going somewhere.  I noticed that because I had a controls background, I really understood a lot about data protection and security.  So I started heading that direction.

My first Information Security role wasn't what I would call a nice slow introduction.  I moved into a role that put me in charge of running the department because my manager retired two weeks after I started.  I was up for the challenge, though, and went with it doing the best that I could. My knowledge grew leaps and bounds. In fact, I went back to school and my Masters degree in Information Systems. I grew the department quite a bit in headcount and in capability over several years, picking up this broad area called Controls. I became a Manager of a department and thought I did a pretty good job. (So good that my old team keeps in touch and lets me know about their successes which is awesome).  From there I became an IT Leader in the organization. Overtime the stress and burnout got to me so I left.  It was a difficult decision but worthwhile.  If you are a regular reader of my blog you know how much my life has improved since then.

I took on another Security role with another company where I act as a Security Architect and Advisor.  I work with different IT groups coming up with solutions to secure the environment, protect data, and allow for exceptions.  I fight to counter the Hackers, the Script Kiddies, the Hactivists, the Spy Hackers, and Cyber Terrorists. (Did you know there were some many kinds?  Believe me, there are more!) I also do a lot of consulting and teaching to users and IT administrators so they know the dos and don'ts of Cybersecurity.  I am part of several associations and get invited to speak around the area about Cybersecurity occasionally.  I work to protect data in systems from theft and corruption. I collaborate with Auditors on findings and appropriate remediation actions.  I mitigate risk.  I work to ensure that systems are protected from attack and that we are doing business with third parties that also have good security hygiene.   I also investigate threats and true attacks and breaches. I am always promoting good Security habits at work and home.

Twenty years ago I would never have thought this would be my career.  Now I am in the number one current profession in the world and growing rapidly. I'm also a woman in male dominated field.  I'm always happy when my girls show interest in technology because it really is short on women.  Of course, I wouldn't mind if they wanted to teach English or save the planet (another one of those dream careers from childhood). It always amazes me how people get to where they are professionally and my path has been no exception.