Technology has always been part of my life growing up. We had our first IBM computer when I was aged 4. I honestly never considered a career in technology until I spent a summer working at the Massachusetts Institute of Technology (MIT), Boston, testing their newly installed IT system for their employee benefits office. I loved my role at MIT and was fascinated by the university. After that I knew then I wanted a career in technology.
On my return from working at MIT, I completed my BA degree in Economics and Geography and was accepted into a postgraduate information technology programme for the Irish Financial Institute as a software engineer. An increase in fraudulent activity with electronic payments allowed me to get exposure working with the information security team, and within six months I asked to specialise in information security.
Back then, in 2001, information security wasn’t recognised as a career of choice at graduate level and there were very limited structures in place to support career development as an IT graduate. The majority of courses and training programmes were run from the US, and UK courses were booked up months in advance.
Many people told me that I would never have a successful career in information security as I lacked the technology experience and didn’t fit the military-like professional profile.
The initial years were tough trying to study for my Certified Information Systems Security Professional qualification (CISSP) in the early hours of the morning before my regular working day. I was delighted to achieve the CISSP accreditation in 2004 and became Ireland’s youngest female CISSP.
Qualifications and work experience are fundamental to having a career in information security, however in my opinion the distinguishing factor came from key people that I was surrounded by and who spotted potential that may have been invisible to others. This is why I titled this article ‘Vision is the art of seeing what is invisible to others’, a quote by Jonathan Swift.
So who are these people? At 21 years of age I found myself sitting in front of the Financial Institutes CIO asking him if I could specialise in information security. He was and remains to this day a great leader and business-technology strategist. He backed me fully, allowed me to choose the career I wanted, and acted as my career coach.
I remember a couple of years back thanking him for helping me get to where I am in my career and he replied, ‘I taught you nothing about information security – you did it yourself.’ But he taught me much more, like how to act with integrity, always challenge the status quo, stand-up and be counted, and most importantly that everybody matters so listen to everyone.
I joined a forum called the Irish Information Security Forum (IISF) when I made my decision to specialise in information security. I was one of the youngest members to attend the forum at that time, and one of the founders took me under his wing. He has helped me with my education and encouraged my involvement at industry level.
I call this man Ireland’s information security Godfather, and he still continues to encourage me. I have yet to meet anyone still as passionate and committed to the profession. Passion and support are key components to having a successful career in this industry.
Companies differ in their management style, approach, culture and values. You can be faced with managing challenging situations throughout your career and asked to quickly make high-impact, business-critical decisions. Being part of the correct governance framework and valued as part of a company whose values sync with your own will support you in these times and help you to demonstrate successful competence.
I like to be seen as a business enabler, supporting the business strategies whilst balancing compliance, costs and risk. The role of an information-security professional is to manage and protect the assets of an organisation: the people and information. This can often lead to working long hours and some days can be tough, but the best remedy for me is getting a big hug the biggest asset in my life, my seven-year-old son Crean.
I hope this article will give other women the inspiration to pursue a career in information security.
Niamh Muldoon is EMEA technology risk and compliance program manager at Workday