# IMOS21: Targeting the stars to succeed in information security – Alyssa Miller
Cyber security professionals need to aim for the stars and overcome self-confidence issues to advance in their careers. This was the message of an enlightening speech delivered by Alyssa Miller, Head of Business Information Security, SMP Global, while delivering the keynote address to the Safety Info Autumn Online Summit Magazine – North America 2021.
Miller began by describing her own career to date and how she rose to the top of the business information security manager at SMP Global, where she leads cybersecurity strategy for a $ 4 billion per year division.
Her career in information security began at age 19 as a programmer at a financial technology company, while still studying computer science in college. She remained at the firm for almost nine years, occupying various senior positions.
At 28, Miller was approached to become a penetration tester; While she was concerned that she had no prior knowledge of penetration testing, she was assured that she would be able to figure it out. That leap worked because at the age of 31 Miller was leading a team alongside the entire vulnerability testing and management program for a company with 35,000 employees. Despite these accomplishments, Miller continued to view his progress as primarily luck. “I never really thought about how impressive it was,” she explained.
Four years later, at the age of 35, Miller entered the consulting world in an application security practice. As the least profitable firm in the consulting firm, she was tasked with building a team from scratch and, alongside her colleagues, made this the most profitable team in the entire firm, achieving growth. revenues of 400%. However, “I never really gave myself a lot of credit for it,” she said.
Following a merger, Miller became at age 37 responsible for a program services practice at a new consulting services company, where she worked with senior security leaders. such as CIOs and CISOs in large global organizations. Again, Miller largely attributed this to “serendipity.”
Then a setback occurred at the age of 41 while working for a security consulting organization as part of a larger security practice at a reseller. She was not promoted to director despite being chosen by the previous director. “It really hurt my confidence. I felt like I shot too high, maybe I wasn’t ready for this high level role, ”she explained.
This led her to reassess her goal of advancing into high-level security positions, and she moved to a role of “contributor”, focusing on public speaking and advocacy work.
Her perspective changed when she was approached by one of the Big Three social media companies, who asked her if she wanted to be considered for a leadership role. While no one was ultimately hired for this role, just being seen as ‘made me go back and look at everything I had done and ask myself’ why did they chose? “It got her to analyze the extent of her accomplishments” and it really built my self-confidence.
This new found confidence brought Miller to his current senior role, as BISO for SMP Global. “It’s a chance now to do all of these things I’ve worked for all my life – what an exciting position to be in,” she said, adding, “I never would have made it here if I had. was afraid to take that leap, if I let this damage to my confidence hold me back.
Miller believes that overcoming self-confidence issues is therefore essential to advancing in security careers, especially for women, who she says continue to experience many disadvantages in the workplace. This includes having to give up their career for their family.
With that in mind, Miller gave the following tips to those looking to grow in their careers:
- Overcome the “impostor syndrome” – the fear of being “discovered” in a role is “universally experienced”, especially in technology. Therefore, it should be remembered that there is a vast area of knowledge when it comes to cybersecurity, which means that each person brings their own diverse perspective. “Nobody knows everything,” said Miller.
- Look at job descriptions differently – Miller said that in cyberspace many job descriptions “stink,” spelling out experiences, demands and responsibilities that are just unrealistic. She gave an example of a job description that required 10 years of Kubernetes experience when it has only been around for six years. However, she advised potential candidates not to be discouraged “because no one can tick all of these boxes”, and instead look at the high-level job description and ask “is this something you can you do or something you can learn to do? “
- Know your worth – Potential employers should never ask you what your current salary is, and if they do, you should flip the question back and tell them what you expect to be paid or even what they expect to pay someone. ‘one to do this job, Miller advised. She added that you can check out sites like LinkedIn and Glassdoor to give you a better idea of what kind of salary you should be earning for the job you’re applying for. This way you can make sure that you will be paid what you are worth for that organization.
- Get a mentor – Miller also advised people to get help from a mentor to guide them on their career path. Rather than focusing on learning professional skills, the mentor “should share their journey and be that person to help. [with] situations you live in and need help to understand or navigate. This relationship is forged at best “organically” via people met at work or during conferences.
- See refusals differently – People need to make sure they don’t lose self-confidence if they aren’t offered a job after attending an interview, Miller said. The decision is never personal, and it may just be that “there was something about the role that wasn’t right for you.” She added that it’s always worth asking the hiring manager what he could have done differently with his resume or during the interview. “You can use those refusals as an opportunity to grow and learn, to understand how a certain position might not be right for you. “
- Negotiate the job offer – It’s also important to understand that any job offer you receive is negotiable, and don’t be afraid the company will cancel the offer if you try to negotiate the terms of the deal. It’s something recruiters expect, Miller noted. Nor should this negotiation be all about salary and may include aspects such as bonuses and annual leave. “Always be willing to ask, don’t be afraid,” she said.
Miller concluded by saying, “Shoot for these heights – just because you’re shooting high doesn’t mean you have a chance of falling.