Me and my job: Nick Hetrick, senior IS security operations analyst, WellSpan Health

Share this article:
Me and my job: Nick Hetrick, senior IS security operations analyst, WellSpan Health
Me and my job: Nick Hetrick, senior IS security operations analyst, WellSpan Health

How do you describe your job to average people?

As a member of WellSpan security ops, I take the lead on vulnerability and protection management. I proactively mitigate technical risk for existing systems and new implementations. This role is also responsible for daily operations and support of WellSpan's security controls. I also manage the implementation of new security controls that protect the enterprise.

Why did you get into IT security?

I was looking for a way to expand my skillset. Previously, I held senior network engineer- and network manager-related positions at other organizations. I wanted to capitalize on this skillset to grow professionally. IT security is always something that caught my eye. I just had to gather enough courage to step outside my comfort zone. I'm happy I made the leap and would recommend others do the same.

What was one of your biggest challenges?

From a security standpoint, ensuring secure remote access for a large and complex organization is a challenge. AAA [authentication, authorization and accounting] are the driving factors for any remote access solution, but this is easier said than done and requires many infrastructure pieces to be implemented, including business processes.

What keeps you up at night?

Ensuring our systems and their data remains safe. Malware and network-based attacks become more sophisticated each day. This also holds true for phishing attacks. As a result, we are always looking for new products or ways to optimize existing protections to keep the bad guys out.

Of what are you most proud?

I'm proud of the work that has been accomplished, in a very short time, to stand up a new centralized security department and shape the direction of how the enterprise protects its systems.

For what would you use a magic IT security wand?

I would use my security wand to engrain the dangers associated with phishing email and how to identify them in our users' minds.

Share this article:

Sign up to our newsletters

More in Opinions

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.

When it comes to cyber attacks, predictions are pointless but preparation is key

When it comes to cyber attacks, predictions are ...

Rather than predicting the next lightning strike it is far better to pay attention to the areas we already know are vulnerable.

Protecting what matters

Protecting what matters

Whether it is a database of customer information or valuable intellectual property, an organization's "crown jewels" need to be protected with the most robust security possible.