Day in the life of a Cyber Security Specialist

As part of our work to define digital career pathways, we asked foundation members of the Digital Professional Stream to provide a short ‘day in the life’ story about their role. Joanne from the DTA shares a day in her life as a cyber security specialist.

""

Always learning and adapting

To be honest, telling you about my role isn’t an easy question to answer. Technically speaking, I would say my role is a cyber security specialist. Officially, I have many titles – from Delivery and Security Lead, to Information Technology Security Adviser, and occasionally, Privacy Officer.

What is your role from day to day?

As I work within a small agency, I work across a wide range of teams assisting them with whatever security requirements they need assistance to resolve. This can range from providing advice, coordinating audits, document development and reviews, or even overseeing the delivery of a project.

The variety of work and projects requires me to continually adapt and I am constantly learning. At the heart of everything, I believe I’m a problem solver. I get to take the policies, guidance, and even legal requirements, and ensure they are adhered to in the way we implement the technology.

While I love the variety of work, the tempo can be difficult to maintain and cybersecurity is constantly evolving. I have learnt to build a strong network around me to make sure I can source specialised advice when needed or sound out ideas to ensure I haven’t missed something.

Understanding users

Working in an agency like DTA has meant that while I am in a cybersecurity role, I am exposed to service designers and user researchers who encourage me to think outside the square. The ability to adapt security advice to suit their needs means I must be clear in the way I communicate and be committed to finding a solution.

What tools do you use?

The tools I use vary and often work with whichever toolset suits the team I am supporting. As I need to consult with a variety of teams, I will use the tool that they respond to the best – security can be a tedious topic so I want to make it as easy as possible for the team to engage with me. Currently I am using Jira and Github the most for tickets, issue tracking and sprint planning. For monitoring alerts, I use in-built dashboards and learning how to use PowerBI to create my own dashboards.

Because of the wide range platforms that I must navigate, I often resort to old school paper and pen for my own sanity. It is my best strategy to write out what tasks are weighing me down, key outcomes of meetings, and map out priorities to make sure I can focus and get to work. 

What skills are important for your role?

While I believe anyone can work in cybersecurity, having strong interpersonal skills is critical to help you communicate to a wide range of stakeholders. I found this to be crucial when trying to influence a team on the importance of security. Getting a security card into a sprint plan is always the best win for me.

All views expressed in this blog are Joanne’s personal views, and do not necessarily reflect the view of the department or agency.