What's your background?
I grew up in a suburb North East of Melbourne. Growing up I always thought I was headed to be a veterinarian, up until I completed my work experience program when I started thinking it might not be what I wanted to do.
While in Year 9 I’d started an elective at school on Game Design, although due to being the only girl in the class the teacher would constantly do roll call and my name was the only one he would skip my first name and ask for “Dean”. This happened a few times and I ended up getting called to our Year Coordinator to ask why I wasn’t attending, to have to explain that the teacher wasn’t actually calling my name, at least not my first name like he was everyone else. Year 11 I picked I.T as one of my units of study for VCE and loved the class. We had a much smaller class, only 6 people, but I wasn’t the lone girl in the class. When we started learning about security, I knew that was where I wanted to be. As soon as I could I researched university courses on IT Security and found Deakin’s IT Security major.
With a base on IT overall and electives, I was able to learn more about web design and SQL, mobile app design, and my personal favourites were on computer forensics and ethical hacking. Although work experience wasn’t required for my course then, I applied for a placement at a multinational professional services company in their forensics team where I was able to read through reports on previous engagements and help to translate the technical language into readable reports for executives
After graduation, I moved with my family to a small retiree/tourist town in NSW. Finding a job was difficult, until I took a chance on a posting for a security analyst position with NEC situated in Wollongong, a 5-6 hour drive away. I felt like I stumbled through the video interview with the Platforms team lead and the Security team lead/manager, after all I barely had any experience, and the position wasn’t listed as a Graduate role. But amazingly I was offered the position, with two weeks to move to Wollongong before I needed to start. It was a whirlwind of moving and starting a job where I had no real idea what I was meant to do yet, but the great part was that I was assigned to a new project where processes and procedures weren’t yet in place so I was directly involved in development of what our security team processes would be. I was blessed to be working with the Platforms team right next to me who were willing to help a newbie as long as I attempted my own research before asking for help, as there was one other new security analyst on site.
A pivotal moment for me was in 2017 when Wannacry hit, I was only 9 months into my position and barely out of the probationary time. This was my first time being involved in a major incident, learning how the teams worked together at a time like this as well as our company working with the customer and other tech companies that managed various parts of the customer’s infrastructure. Despite the long hours and stress of ensuring we were blocking all known Wannacry indicators, seeing the teamwork and efforts that went into preventing a cyber-attack helped solidify that I wanted to remain in cybersecurity.
Now almost five years down the track, I’ve moved to South Australia after being offered to move here 3 years ago. I’ve moved on from working on the initial project I was hired for, to learning how to manage SIEM platforms as well as being an analyst. I’ve been able to explore my creative side by developing a monthly security awareness newsletter and analysis reports. Although the rest of the team is male, I’ve still been able to show a few women through what we do from work experience programs and have been the assigned “buddy” for a few interns and graduates we’ve had with our team.
What's your job about?
During my time here, NEC have rapidly been expanding their managed security services offerings for customers. For various areas of security, NEC package up support services to manage customer security appliances, vulnerability management, GRC (governance, risk and compliance), and SOC services.
My current areas of responsibility are part of the SOC services offerings, although I’ve been able to be involved in vulnerability management and even some GRC work due to the flexibility and collaboration that the Security Operations team encourages.
Day to day, I work with our multiple SIEM (Security Incident and Event Management) environments to ensure their components are running without error and that all the data sources we collect logs/packets from are active. If there are any errors or issues with log collection, I troubleshoot the issue through SIEM or work with the security engineers on issues with the data sources. For further troubleshooting with critical errors, I’ll be involved in remote calls with the SIEM manufacturer specialists to resolve the issue.
Aside from SIEM management, I also gather Indicators of Compromise from various threat hunting/IOC sharing sites and agencies (such as the ACSC/JCSC) to search for evidence of potential breaches across customer environments. If an indicator is found on a customer environment, we kick off our incident response process with the customer and work with their teams to help further investigate and contain the potential breach. Being involved in an incident investigation is exciting but exhausting, I’ve learned so much more about different customer environments and teams while hunting for further evidence of a breach, but the hours can be long, and you can start going down a rabbit hole looking for evidence where it might not be.
To help raise awareness of cybersecurity within NEC and to our customers, I’ve also been the main developer of our monthly awareness newsletter. The newsletter aims to share interesting cybersecurity happenings from around the world, as well as highlight best practices for home and business users. A highlight of this newsletter for me was hearing from an NEC colleague in another state that they send the newsletter to their family, and a member of their family had become the go-to person at their retirement community for security advice!
Did you always know you wanted to work in this field?
Not always, growing up I had my heart set on being a veterinarian until the middle of high school. Once I realised being a vet wasn’t for me, I wasn’t sure what I wanted to do until I took I.T in Year 11/12 and began to fall in love with the security topics that were taught. But even when I was halfway through my degree in IT Security and when I first started my job, I still doubted about being in the field, yet now I couldn’t imagine being in any other career.
What is most rewarding about your job?
Without a doubt, being involved in incident investigations. Being able to dig down into an environment and hunt for clues satisfies that mini detective in me, and when you find evidence of a potential breach the thrill of unwrapping it further is a driving force.
Although I won’t be involved in an incident investigation every day, another great aspect is that I am constantly learning. Cybersecurity changes drastically, and even when you think you’ve found your niche you find you still want to learn more about other areas. Even though I work as an analyst now, I’m also studying ethical hacking and digital forensics to increase my effectiveness at threat hunting but hopefully to also move into pentesting or digital forensics.
What were some of the challenges you faced in getting to where you are now?
The first 6 to 9 months in my role were hard, most of what I was responsible for wasn’t covered in my degree and my team were in another state. I also had no real experience with vulnerability management or dealing with customers, which were major parts in what I had to do. It was a steep learning curve that I wasn’t sure I’d pass but sticking through it helped me significantly increase my skills and develop good relationships with the customer. Once I moved to South Australia and my responsibilities shifted to other customers and SIEM, the challenges I’d dealt with in NSW helped me to integrate quicker into my responsibilities and team.
3 pieces of advice for you would give women who want to work in your industry?