Trustwave’s Ongoing Celebration of Women’s History Month

Trustwave is celebrating Women’s History Month with a blog series that highlights our incredible staff and shines a light on how they came to work in the cybersecurity field, their thoughts on their jobs, and the advice they have for other women contemplating a move to the cybersecurity field.

As Oriana Vogel, Trustwave’s Chief Human Resource Officer noted in a previous blog, Trustwave is hyper focused on breaking down barriers to create a more inclusive and welcoming environment where everyone can make an impact.

So, please take a moment to read a few of our stories here, as well as here, and don’t forget to check back as Trustwave continues its celebration of Women’s History Month with additional content throughout March.

I found that my love of writing and my language and traditional intelligence analysis skills fit with researching, tracking, writing, and presenting on not only nation-state threat actors, but also cyber threat actors, as well. Cyber security was the nexus for my skillset. The threats are fluid and changing, and I learn something new daily.

What are some of the misconceptions around working in the cyber industry?

I think some misconceptions about working in the cyber industry are that one must be an engineer or have only technical knowledge to work in the industry. There are jobs in the cybersecurity industry which draw upon a variety of skillsets, like researching, writing blogs, report writing, creating and presenting research findings, threat actor profiling, threat actor tactics, tips and procedure analysis; attack vector research and analysis, as well as presenting on the nexus of cyber and traditional attack methods, or the nexus of cyber and geopolitical threats.

Another misconception about the industry is that one must have an information security degree or other strictly technical degree to work in cybersecurity. One can have a four-year degree, an advanced degree, or earn certification through various entities - like the SANS Get Started in Cyber program - and find many types of jobs in the industry.

Perhaps a popular misconception is that the cyber security industry is not welcoming to women, and particularly to women of color. I have met and worked with many women in various cyber industry positions ranging from cyber analyst to titles in the C-Suite. The women with whom I have worked have been diverse in culture and race and are extremely successful in what they do. They have all been supportive and willing to share advice to help elevate other women in our industry.

Diana Solomon, Senior Security Researcher (NZ)

How did you end up working in the cybersecurity industry?

My story is a classic case of “love at first job offer.” After finishing my studies, the first job I was offered was as a threat analyst. I took the role despite not knowing anyone in this field, mostly because I wasn’t sure what else I wanted to do at the time. However, I knew that it would be a challenging career as I knew I’d need to start exploring more than Assembly Language, which I wasn’t found of in college.

Fast forward to today, and I've been in this industry for more than 13 years. I’ve stayed because my role is fascinating; threats are continuously evolving and so I learn and grow to keep up with them every day.

What’s the craziest or scariest threat you’ve discovered?

The craziest for me is when we discover new, uncommon filetypes getting abused. It makes me wonder, what else in my system can be trojanzied by cybercriminals? Last December, we discovered a small spam campaign which weaponizes OneNote files to deliver malware onto systems. Soon enough, Botnets started to use the same method in an attempt to compromise other machines.

Karla Agregado, Security Researcher (Manila)

How did you end up working in the cybersecurity industry?

When I graduated with a bachelor’s degree of Computer Engineering, I didn’t think I would end up in cybersecurity. My first job out of school was centered around troubleshooting related to Point of Sales (POS) and then I landed in the cybersecurity industry for my second job. That’s where I realized that cybersecurity is a different world, and at first, it was intimidating because this type of industry is usually dominated by men, but I eventually realized that the world of cybersecurity sees no gender in aiming to help and protect people from different types of cyberthreats.

In that role, it was my job to identify and detect different types of web threats, and it inspired me to learn more about the industry. I went to different trainings related to email and file threat analysis and really tried to broaden my horizons.

And when I got hired in Trustwave, I got more motivated as I was able to apply what I had learned in my previous training to my current role and eventually became an expert in dealing with different types of web threats with an application machine learning technology. I’ve had great mentors who are experts in email and file analysis and I’m very blessed to have a manager who supports my goals and appreciates my work.

What advice do you have for other women who may be interested in cyber?

Be confident in what you do and don’t be afraid to take risks. It is a good habit to learn something new every day and as long as you are passionate in what you do, everything will just fall into place whether in cybersecurity or other industry.

Aleksandra Welc, Threat Architect (Warsaw)

How did you end up working in the cybersecurity industry?

My journey in cybersecurity started while I was getting my master’s degree in law. I wanted to be independent and didn't want to rely on my parent’s support, and several of my friends were working in IT in networking. So, I decided to take the opportunity and apply for a Network Administrator role at a company in the hospitality industry. Some of my friends that were already working there trained with me, helped me to prepare for the interview, and referred me for an entry-level position.

After being there for about a year, I was promoted to a Tier 3 support position. Once I had gained sufficient experience, I wanted more challenges. At the time, many of my colleagues were applying to Trustwave, and so I did as well. Ever since my first day at the job, I knew that I wanted to make IT my full career.

Even though I had finished my master’s degree while at Trustwave I thought, I’ve got experience in this field, this is something I like so I decided to not continue into law and I have been here now for eight years.

What advice do you have for other women who may be interested in cyber?

Cybersecurity is a challenging field with ever growing opportunities. To be successful you need to discover a deep passion for learning. A can-do attitude will carry you far. Challenge yourself and don't be afraid of new assignments, since you gain the most experience through doing the work.

Sophia Autran, Engineering Manager (Canada)

How did you end up working in the cybersecurity industry?

I spent 20 years as a software engineer in the information technology field with the last 11 as part of the engineering team at Trustwave focusing on our SIEM solutions. I became interested in cybersecurity because of the importance of enterprise-level organizations being able to protect their client’s sensitive data and individuals, especially as business activities become digitized and move to the cloud.

What are some of the misconceptions around working in the cyber industry?

When it comes to women in cybersecurity, while the technical side of the industry does tend to be male dominated, that should not scare off women from entering the field. Women have the same capabilities as men and there is a great deal of career potential available in cybersecurity that women can take advantage of. I do recommend that women in IT-related fields must be persistent, work hard, and speak up to work against some of the headwinds. Trustwave does an excellent job recruiting women with the number having dramatically increased since I first came on board.