Women should look to cybersecurity sector where there are many job vacancies. Source: Dall-E.
Globally, there is a significant shortage of cybersecurity talent. In fact, about 3.4 million cyber detectives, risk professionals and-bug catchers are currently needed. On the occasion of International Women’s Day, I want to encourage more women to join the exciting and lively cybersecurity sector.
As a Women-in-Tech (WIT) in cybersecurity, I recently identified some of the most popular cyber career tracks and took the opportunity to present women who are leaders in these functions. These career tracks are based on Infocomm Media Development Authority’s (IMDA) skills framework. Although some of the cybersecurity women leaders I highlighted, may not reside in Singapore, their job functions are available here and overseas, reflecting the exciting job possibilities in this sector.
Meet Gabrielle B., an award-winning ethical hacker and penetration tester. An expert in vulnerability assessment and penetration testing, she described the field as one that “is constantly evolving as new technologies and techniques are developed, and cybercriminals become more sophisticated”.
That is what makes her job exciting, challenging and fulfilling as she is directly contributing to the greater good “by helping to protect cyberspace, individual liberties, democracy, economic stability, and sovereignty, all of which points to the ultimate the goal of cyber peace”.
So, what does Gabrielle do?
She designs, performs tests and checks cases to determine if infrastructure components, systems and applications meet confidentiality, integrity, authentication, availability, authorisation and non-repudiation standards. She is also required to translate these requirements into test plans and write and execute test scripts, all of which must be done according to standards to better determine vulnerability from attacks.
To qualify as a pentester, Gabrielle has to be well-versed in cybersecurity standards, protocols and frameworks. She must also have a creative and analytical mind, able to deploy new and innovative methods to perform penetration tests.
Being a team player is an advantage because she needs to communicate findings and implications effectively.
Cyber detective, Kristina Ivanova, is a forensics investigation expert who plans and oversees the investigation processes and protocols following a cyber threat or incident. She is knowledgeable about the different types of cyber threats. She is also familiar with various hardware and software applications so as to analyse threat data from various sources.
She is the deputy head for Group IB’s Asia-Pacific high-tech crime investigation department, chose to be a forensic investigator because of her passion for solving puzzles.
Kristina says: “Each case I investigate brings new insights into the workings of cybercrime. I turn these insights into data, which we use in our early cyber-attack prevention technologies to protect millions of people and thousands of companies around the world.”
A cybersecurity department also needs experts to plan and oversee the performance of security response during a cyber incident or threat. Shuchen Hu is an incident response expert who also proposes mitigation techniques and counter measures, and develops solutions to prevent future attacks.
“The process from data collection, analysis and investigation to identifying the root cause is like solving puzzles and very rewarding. It also feels great knowing our work can help others to make a positive impact,” she said.
Hu’s skills include being knowledgeable in applying various cybersecurity analysis tools and techniques to resolve incidents. Since incidents can happen at any time, she is frequently on standby and at times also rostered for shift duty at night, weekend and holidays.
Complementing these different roles, a security operations manager is the one who plans and oversees the monitoring and maintenance of security operations. Danielle Pentony, director of cyber security operations in a large healthcare agency in Australia, provides direction and leadership to senior management as well as expertise on security technologies and concepts. A key function is to enhance the resilience of security operations.
Diligence and being alert when monitoring security operations, systems and activities, is a core skill at this function. Danielle looks after several functions such as cyber monitoring, threat intelligence, threat hunting, incident response, cyber awareness and education, and also develops plans and solutions to address security incidents.
Her passion stems from the fact that she is leading “an amazing team of intelligent and bright minds who make a difference by protecting people, systems and organisations across the digital ecosystem”.
With the threat environment constantly changing and threat actors’ tactics becoming more sophisticated, the job presents exciting opportunities to learn, grow and make an impact, she added.
By discovering these different cybersecurity career paths, one can make their decision what is the most suitable for them to pursue. Whichever is your choice, surely you will add value to the cybersecurity workforce.
Alexandra Mercz is a Chief of Staff | Google Professional Cloud Security Engineer | NIST CSF Lead Implementer | IFSEC Global Influencer in Security 2021 | SG 100 Women in Tech Winner | (ISC)2 SG Chapter Ambassador
Tell us about your thoughtsWrite message