Viruses, hackers, identity theft and the manipulation of Internet communications by terrorist groups. These harsh realities of the twenty-first century point to the essential role of computer and information security.
This results in a growing demand for trained and certified computer security pros, with qualified women and minorities more than welcome.
"The percentage of women in the field is growing. There's no reason for it to be a male-dominated career," says Dow Williamson, director of corporate development for International Information Systems Security Certification Consortium, Inc (ISC)2 in Palm Harbor, FL. The organization provides a standard for professional certification of info security pros based on a compendium of industry best practices.
According to a 2004 global info security workforce study put out by (ISC)2, women make up 11 percent of the computer/info security workforce. The study estimates that there are now 1.3 million info security pros worldwide. It expects the number to increase to 2.1 million by 2008, a growth rate of better than 13 percent a year since 2003.
Meet SANS and ISC
The SysAdmin, Audit and Network Security (SANS) Institute in Bethesda, MD offers info security training and certification. It also develops, maintains and makes available a large collection of research documents about various aspects of info security. And it operates the Internet Storm Center (ISC), the Internet's early warning system.
The ISC was created in 2001 after a worldwide network of volunteers mounted a successful detection, analysis, and warning effort in response to the Lion worm attacks. Today's ISC, still working through its volunteer network, provides a free analysis and warning service to thousands of Internet users and organizations. It works with Internet service providers to fight the most malicious attackers.
Safka, who goes by that single name, is Global Information Assurance Certification (GIAC) admin and an online training developer for SANS. She agrees that gender, age, race and ethnicity are no handicaps. "More women are not only willing to enter the field, they are entering it," she says.
Both Safka and Williamson of (ISC)2 see ample good training as the key to career growth and longevity. A solid academic foundation is important, preferably in info security, science or engineering. Info security as a college major is relatively new, so most professionals now in the field have other degrees.
Credentials and certifications
There's an expanding need for certified info systems security professionals (CISSPs) and systems security certified practitioners (SSCPs). ISO 17024, a new international standard, is an accreditation that's growing in acceptance and demand.
Having a recognized certification in your specialty is important, Williamson stresses. "You want to keep earning credentials as you expand your career."
Safka sees growth in online career training, and a trend toward condensed training programs to keep down cost and time constraints.
The professionals interviewed for this article represent both the public and private sectors. They all have the recommended solid education.
Some have been in the field for years and earned important industry certifications. Others are still in the early stages of their careers in info security. Some provide technical expertise at agencies whose systems must by definition operate in a secure environment.
In contrast with the (ISC)2 figures, all five of our info security interviewees happen to be women.
Jane Scott Norris directs info assurance for State
Jane Scott Norris is the chief info security officer (CISO) and director of info assurance for the U.S. Department of State (Roslyn, VA). She joined the department eighteen years ago, after working as a consultant in the aerospace industry.
Norris has been the senior agency info security official for the past three years. She manages the department's cyber security program and coordinates it across various offices and bureaus.
She's responsible for the policies and procedures that make up the program. She manages awareness training and education and sets performance measures.
She's also in charge of certification and accreditation of the department's info systems. And she makes quarterly and annual reports to the office of management and budget (OMB) and to Congress.
Tough work, but Norris has the education, credentials and experience to do it well. She has a BS in physics and electronics from the University of Nottingham, England and an MS in systems management from the University of Southern California.
Her certificates and credentials include the advanced management program at the National Defense University (NDU), and Department of Defense CIO and info assurance certificates. She's a CISSP and a certified info security manager (CISM). Her NDU training and her certification courses were funded by the State Department.
Norris' career has been exciting. As a foreign service officer, she's spent much of her time as info management officer at embassies in London, UK and Islamabad, Pakistan. She was regional systems manager in Pretoria, South Africa and systems manager in Kinshasa, Zaire.
At home, she's been the senior advisor for strategic personnel issues to the department's CIO, and Y2K program manager. Now, of course, she's the CISO.
Her proudest career achievement came quite recently. She was given just eighteen months to check and approve all State Department information systems. "The OMB called it an impossible task," she says. But with the cooperation of system owners throughout the department, she brought the project in ahead of schedule and under budget.
Norris' term in her present job will end next near, and she's waiting to see what opportunities open up next. She might move to the Foreign Service Institute or an embassy, or maybe stay in Washington. "There are so many tremendous possibilities," she says.
So far she's had a wonderful time. Her only regret is that "I can't go to every country in the world during my career."
Norris advises new people in the field to learn to write clearly and concisely. "The higher you go, the more important writing is," she says. "Forget technical jargon. You'll be working mostly with folks who don't know it."
Janice Fedak directs EA and planning at State
Janice Fedak is the State Department's director of enterprise architecture and planning. She oversees the congressionally mandated IT capital and strategic planning requirements of the department. She guides the development of enterprise architecture (EA) for State and a joint EA for State and the United States Agency for International Development (USAID). She also handles the e-government portfolio, an initiative to make U.S. agencies more accessible and cost-efficient.
After ten years in private industry as a programmer and systems analyst, Fedak joined State as a foreign service specialist in the late 1980s. She was particularly interested in living and working in other countries.
Before her current job she spent two years in the department's center for administrative innovation. She developed and launched the "Ask Admin Knowledgebase," which makes the know-how of State's many experts available to anyone in the department.
In her earlier foreign service assignments, Fedak was posted to Singapore, Moscow, Bonn and Canberra, as well as Washington, DC. Her family was always with her, and benefited from State's spousal employment assistance and education for children. Throughout her career, "Supervisors have always been flexible and understanding," she says. And she finds it "very exciting to research and plan for the next move."
Fedak earned her 1979 BSCS at LaSalle University (Philadelphia, PA) and a 1984 MBA from the University of Denver (Denver, CO). She's a graduate of the State Department's first class of systems managers in 1987. Last year she received a CIO certificate from the National Defense University at Fort McNair (Washington, DC).
Verna Brown: CIA exec assistant
Verna Brown serves as the executive assistant to Dr Donald M. Kerr, deputy director of science and technology. The directorate of science and technology (DS&T) that she helps him manage is the R&D arm of the Central Intelligence Agency (CIA).
At DS&T, engineers, scientists, computer pros and foreign media analysts conduct technical collection ops, provide tech support to agents and collect and process intelligence. DS&T also develops and operates covert intelligence gathering devices.
Brown's job is providing management support. She tracks the progress of fast-moving issues. She's also responsible for strategic planning and review, researching key problems and finding solutions. "It gives me a bird's-eye view of what's going on, the role DS&T plays in the agency and the intelligence community," she says.
Brown earned a BSEE at Southern University (Baton Rouge, LA) and an MSEE at George Washington University (Washington, DC). Before joining the CIA she was a QA engineer for a defense contractor. She's been with the agency for sixteen years, holding a variety of jobs.
She began as an analyst assessing foreign defense radar, and moved to telecom development and analysis. She started in management on a team assessing cyber threats. She spent the year 2000 as senior intelligence briefer to the deputy secretary of state and the National Security Council's special assistant to the U.S. president for intelligence support.
Brown calls her current job her proudest accomplishment. Her big career disappointment, she says with a laugh, is "not being assigned spy gadgets like James Bond's Aston-Martin. A shoe phone would be nice, too," she adds.
In a senior position like hers, work/life balance can be a challenge. "My wonderful husband picks up the slack," she says. "My kids think it's cool that Mom works for the CIA."
In the future Brown hopes to move back into management, overseeing more technical work. But for now, "This is a fulfilling career," she says. "I'm proud to contribute to helping the agency achieve its mission of keeping the country safe."
Elizabeth Kyle-Bowsbey: info ops analyst at Johns Hopkins APLElizabeth Kyle-Bowsbey is an information operations analyst and acting section supervisor for the Johns Hopkins University Applied Physics Lab (JHU APL, Laurel, MD). She picked the title herself, she notes, looking for something short enough for people to remember.
Kyle-Bowsbey uses applied analysis to quantify security, she says. The objective is to move the work from an art form to more of an engineering discipline.
Her team comes up with metrics to quantify data integrity, and to assess info assurance risks on the Global Info Grid, which integrates the DOD, military networks and more. She and her colleagues are also involved in internal R&D, and are just beginning to be sponsored by potential government agency customers.
Kyle-Bowsbey has a degree in math with a CS minor from Hood College (Frederick, MD), and an MS in math from Lehigh University (Bethlehem, PA). When she graduated from Hood, she says, most math majors became teachers, and she did too for the first few years. But she started reading about cryptography and ultimately changed her career direction.
She's been with APL four years now and likes the work: staying current with technology, taking on more responsibility, and moving up within the organization.
She also enjoys public speaking and has given some high-profile presentations, including one to government sponsors at the Pentagon. "If your technical training is strong and you can write and speak well, you have a big edge," she declares.
Marlayna Tuiasosopo: homeland security at General Dynamics C4
Marlayna Tuiasosopo is an EE at General Dynamics C4 Systems (Scottsdale, AZ). The General Dynamics business unit is an integrator of secure communication and info systems and technology. It specializes in command and control, communications networking, space systems, computing and info assurance for defense, government and select commercial customers in the U.S. and abroad.
Tuiasosopo has been with the company for six months. She works in the national communications and homeland security section as part of the space and national systems business area.
Her projects include developing land-based mobile communications systems for the government: she tests communications equipment, does technical oversight of subcontracts, uses and develops tools to predict tower-coverage potential, measures system performance, analyzes data and does troubleshooting.
While this is Tuiasosopo's first full-time job, she did a college internship at Northrop Grumman where she designed and tested digital circuits and learned about the defense industry. "I love every part of communications and wanted that to be my career," she says.
"Electrical engineering is a complex field, but I feel my college programs have given me enough background to be confident in any task my boss may assign me." She is applying just about everything she learned in her MS program. "I look at my textbooks and notes every day," she says.
She has a 2003 BSEE from Stanford University (Stanford, CA) and a 2005 MSEE with a focus on communications systems from the University of Southern California-Los Angeles. While at school, she tried out for the crew team, made the varsity squad, and won an athletic scholarship. Crew is not a popular sport in California's Bay Area, where Tuiasosopo grew up. "Before going to Stanford I had never heard of crew," she admits.
Tuiasosopo's parents were born in Samoa. Her cousin is NFL player Marques Tuiasosopo.
Tuiasosopo realizes that she's a role model for other Samoans. "There aren't enough Samoans in college, and unfortunately, I've never met another Samoan EE," she says.
While in grad school, she taught a high school class for the Mathematics Engineering Science Achievement (MESA) program, which helps educationally disadvantaged students excel in math and science. "I feel a deep passion to reach out to the community," she says.
A lot of Tuiasosopo's social life includes other young people from the company. She also enjoys volleyball and plays in a league.
Tuiasosopo plans to stay technical and keep on learning and growing. "General Dynamics has been very supportive of my career," she says. "It's the right company for me."
COMPUTER & INFO SECURITY OPPORTUNITIES
Check the latest openings at these diversity-minded companies
|Company and location
|Booz Allen Hamilton
|Global strategy and technology consulting
|Central Intelligence Agency
(CIA, Washington, DC)
|Collects, evaluates and disseminates foreign intelligence
(Los Angeles, CA)
|Digital television, broadband satellite/network services, global video/data broadcasting
|Federal Bureau of Investigation
(FBI, Washington, DC)
|National security and criminal investigation
|General Dynamics C4 Systems
|Secure communication and information systems and technology integration
(Santa Clara, CA)
|Computer, networking and communications products
|Johns Hopkins University Applied Physics Laboratory
|R&D for government and commercial customers
|Information security, availability and integrity products
|U.S. Department of State
|U.S. foreign affairs agency
Back to Top