CyberWire Daily Podcast Summary
Episode: Maria Thompson-Saeb: Be Flexible and Make It Happen
Host/Author: N2K Networks
Release Date: February 16, 2025

Introduction

In this episode of CyberWire Daily, host N2K Networks sits down with Maria Thompson-Saeb, Senior Program Manager for Governance, Risk, and Compliance at Allumio. Maria shares her inspiring career journey, emphasizing the importance of flexibility and proactive career management in the ever-evolving field of cybersecurity.

Early Career and Education

Maria begins by recounting her early interest in computers, despite growing up in a household without one. This curiosity led her to pursue Information Systems Management at the University of Maryland University College.

“When I was growing up, we didn't really have computers in my home. But you know, it was something that seemed interesting to me and because I didn't have a computer I felt, oh, this is interesting and I want to learn more about it.”
[01:45]

She initially considered a Computer Science degree but opted for Information Systems Management to avoid the heavy mathematics content, aligning better with her strengths and interests.

Transition to the Federal Sector

Upon graduating, Maria entered the workforce through a position at a federal agency's help desk, marking the beginning of her extensive experience in government technology roles. She spent several years as a contractor, navigating various technological environments within federal agencies.

“I had to take it in my own hands to go out and figure out what it would take for a company, a manager or someone to see me as a security professional and not just a sysadmin.”
[04:20]

Advancing to Sysadmin and Embracing Unix/Linux

Maria's career took a significant turn when she transitioned from a help desk role to a System Administrator position, working with Unix and Linux systems. This shift not only broadened her technical expertise but also ignited her passion for cybersecurity.

“I suddenly was put into an environment that was Unix and Linux. And so that's how I moved from Windows system admin to being on the Unix Linux side, which was really exciting, by the way, because it was a challenge and it was something I had never done.”
[03:30]

Emphasizing Security and Advocacy

As Maria delved deeper into her sysadmin role, she became an advocate for security best practices, pushing for the implementation of robust security tools and processes. This proactive stance marked her transition from general IT roles to a focused security professional.

“I was advocating for security best practices and for security tools and just processes. And so with that, it just really changed the whole focus of my mindset.”
[05:10]

Overcoming Challenges and Seeking Recognition

Despite her dedication, Maria faced significant challenges in being recognized as a security professional within her organization. Senior management struggled to view her beyond her sysadmin title, leading to frustration and the realization that proactive measures were necessary.

“There were many times when I was advocating in one position I had, I was advocating for security very hard, but it was just very challenging and very difficult for senior management to even view me as a security professional.”
[06:50]

Determined to change her professional trajectory, Maria pursued certifications such as CISA and CISSP, believing that formal credentials would validate her expertise and facilitate her transition into dedicated security roles.

“I decided to go after the CISSIP, but before I did that, I went after the CISA. So I decided that in order for a company to take me seriously, maybe it would be best if I had a license that showed that I had the basic level of knowledge to be able to function in that role.”
[07:45]

Joining Allumio and Current Role

Maria's efforts culminated in her current role at Allumio, where she is entrusted with building and maintaining customer trust concerning the company's core and Edge micro-segmentation platform. Her responsibilities include ensuring that Allumio's controls around SOC2 compliance operate effectively.

“At Allumio, I am responsible for helping to build and maintain customer trust around the Allumio core and Edge micro segmentation platform.”
[08:15]

She emphasizes a collaborative working style, valuing the expertise of her colleagues to bridge any gaps in her knowledge.

“I rely on the people who know more than I do to help me understand where I have my own gaps.”
[08:30]

Advice for Aspiring Cybersecurity Professionals

Reflecting on her journey, Maria offers valuable advice for those aspiring to enter the cybersecurity field:

1. Focus on Security Education: Maria advocates for a dedicated focus on cybersecurity education to build a strong foundational knowledge.

   “If I could go back and do it all over again, I would study cybersecurity. I would focus on security and compliance.”
   [08:50]

2. Understand Threats and Remediation: Grasping the nature of cybersecurity threats and effective remediation strategies is crucial.

   “Make sure you understand the proper threats, you understand how to remediate those threats, and that you understand how you can help companies avoid those threats.”
   [09:00]

3. Be Flexible: Maria highlights the importance of flexibility in career planning, adapting to challenges, and altering paths when necessary.

   “Be flexible. I think that's what I would tell myself. Just be flexible. Be able to change when you need to change.”
   [09:07]

Conclusion

Maria Thompson-Saeb's story is a testament to resilience, adaptability, and the pursuit of professional growth in cybersecurity. Her journey from a help desk technician to a senior program manager underscores the significance of continuous learning, certification, and the willingness to navigate and overcome organizational challenges. Maria's emphasis on flexibility and proactive career management provides a roadmap for aspiring cybersecurity professionals aiming to make their mark in the industry.

Notable Quotes:

• “Be flexible. I think that's what I would tell myself. Just be flexible. Be able to change when you need to change.”
  [09:07]

• “Hackers can't attack what they can't see.” – Zscaler Sponsor Message
  [00:11]

Key Takeaways:

• Educational Path: Choosing a specialization that aligns with personal strengths can pave the way for a successful career.
• Certifications Matter: Credentials like CISA and CISSP can significantly enhance professional credibility.
• Advocacy is Essential: Proactively advocating for security within organizations can lead to pivotal role changes.
• Collaboration: Leveraging the expertise of colleagues fosters a more comprehensive understanding and effective problem-solving.
• Flexibility: Adapting to changing circumstances and being open to new paths is crucial in the dynamic field of cybersecurity.

This episode provides a comprehensive look into the career progression of a cybersecurity professional, offering insights and inspiration for listeners navigating similar paths.