Jennifer Glasgow discusses her transition in to the cybersecurity sector.
Senior software engineer Jennifer Glasgow has worked at Liberty IT for more than eight years, having first started her career as an associate systems administrator, before segueing into cybersecurity.
“The opportunity to move to the cybersecurity space came to my attention as I was preparing for maternity leave with my first daughter. At the time, I was working in an infrastructure role and was interested in exploring a different path,” Glasgow told SiliconRepublic.com.
“While full-stack development didn’t appeal to me, I was offered the chance to consider a position in cybersecurity engineering. I spoke with some of the team’s current members to learn more about the role and the work appeared to be both interesting and diverse.
“Upon my return to work, I joined the cybersecurity engineering team and began my career in cybersecurity.”
What does a typical day at work involve?
No two days are the same in my role, but my typical routine begins with checking emails and reviewing the incident queue to identify any matters that require immediate attention. I then join our daily team huddle with the security analysts to discuss updates and share information.
After that, I return to our JIRA board to continue any tasks I had been working on the previous day. These tasks may include modifying existing SOAR playbooks, creating new ones, collaborating with analysts to gain clarity on their needs, amending or writing new detections.
What role does automation play in your work as a senior software engineer?
Automation is a primary objective for our team. The more processes we can automate, the greater the overall efficiency we achieve. By minimising the potential for human error, we not only enhance the accuracy of our operations but also free up valuable time for our analysts. This allows them to focus more on in-depth investigations rather than spending unnecessary time on benign incidents.
We evaluate the tasks currently being performed manually and seek opportunities for automation. This might involve executing dynamic Splunk searches based on variables within the container, followed by making decisions based on the results, all without any human intervention.
We automatically close reported suspicious emails based on a combination of criteria, including tags and an approved sender list, among others. It’s essential that the rules we implement are precise to prevent the unintentional closure of legitimate emails. The logic behind these rules must be carefully considered and agreed upon with stakeholders to ensure that both parties are satisfied with what gets closed.
What skills do you use on a daily basis?
Problem-solving is probably the most used skill in my role, along with programming abilities and effective collaboration and communication with team members, all of which are essential daily.
One area I had to focus on was gaining knowledge of security protocols, as well as understanding networking concepts. This knowledge is essential for grasping the context of the detections we are writing and the threats we are addressing.
What are the biggest challenges you’ve encountered when working in cybersecurity and how have you overcome them?
Transitioning into the cybersecurity mindset can be quite an adjustment, especially for those who may not have a background in the field or whose interest has recently been sparked. One of the most significant challenges I encountered was mastering the various terminologies and understanding the type of work involved in a cybersecurity career. It can be daunting to engage in conversations when you’re unsure of the topics being discussed.
However, I encourage others not to be intimidated by this. Instead, I found that it sparked my curiosity and motivated me to conduct thorough research to bridge the knowledge gap. Once you shift your mindset to embrace this new perspective, you naturally become more vigilant and attentive to potential threats, which is an essential aspect of working in cybersecurity.
This proactive approach not only enhances your understanding but also strengthens your ability to contribute effectively to the team.
How has this role changed as this sector has grown and evolved?
I guess it’s always changing. One of the main things is keeping up to date with the advancements in technology. When I began we were very focused on writing detections, whereas now we have the advantage of utilising artificial intelligence (AI) and machine learning (ML) to enhance our ability to detect and respond to threats. Also, the decision-making process regarding the tools we use has shifted significantly.
The times of relying on a single product are behind us, we now require versatile solutions that facilitate cross-platform integration. Another significant change is the increased collaboration with other teams.
Cybersecurity was once viewed as an isolated function that only responded to incidents, but this perspective has shifted. Now, we emphasise the importance of embedding security into the design process of new applications from the outset. This sector is one that certainly does not sit still.
What do you enjoy most about the job?
I love to see how my work benefits my colleagues and enhances the overall security of the company. For example, a small piece of automation could give an analyst back 30 mins per incident, which could be valuable time spent on a critical incident. I feel fortunate to collaborate with a network of highly skilled professionals who are dedicated to knowledge sharing, ensuring that everyone remains informed about the latest advancements in cybersecurity.
What advice would you give to someone starting out in a career in cybersecurity?
If you have an interest in cybersecurity, don’t delay, start today. Begin by building a foundational knowledge of cybersecurity principles. A valuable step would be to study the CompTIA Security+ material and work towards obtaining that certification. Speaking to specific skills, the python programming language is one you’ll want to gain experience in. It’s essential to maintain a sense of curiosity and stay informed about the latest trends, threats, and technologies in the field. Familiarise yourself with the tools and solutions currently available in the cybersecurity landscape.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.