How do you describe your job to average people?
I am a senior director of security operations at the Center for Internet Security (CIS), a nonprofit organization that works with the public and private sectors to help improve their cyber security. In this role, I manage a team of cybersecurity analysts and maintain operations for a fully functional 24/7 Security Operations Center for the Multi-State Information Sharing and Analysis Center (MS-ISAC). I also help to coordinate and report on cyberincidents impacting state, local, tribal and territorial (SLTT) governments.
Why did you get into IT security?
I have always been intrigued with cybersecurity, and after 15 years in retail and restaurant management I was looking for a change that would be both challenging and interesting. I am able to apply the management and inter-personal skills that I have developed over the years while learning new skills in the technology sector to my current position.
What was one of your biggest challenges?
Initially the biggest challenge was the technical learning, it was not something that my generation was exposed to. Now the challenge is probably aligning my work and personal development to put me on the path to achieve the new career goals that I have in this industry.
What keeps you up at night?
New ideas of what and how I can help improve our operations to provide the highest possible service to our partners while creating the best work environment for the staff.
What makes you most proud?
Making the successful transition into a completely different field. When I decided that I wanted to make such a major career change I just did it. I knew where I wanted to work and what I wanted to do, understanding that I would have to work my way back up. I started here at CIS as a security operations analyst and within just over a year received the promotion to SOC manager and then less then one year later a second promotion to senior director.
How would you use a magic IT security wand?
I would give all public and private sector entities the resources necessary to achieve and maintain a robust and comprehensive security posture.