By Sean McCormack, Operations Director for The Cyber Scheme
I’ve always admired people who knew exactly what they wanted to do, who followed a very specific and well defined and often well thought through education and career pathway.
I have never been like that, and so at the age of 52 and 28 years into my working career I have landed in a position that suits me and takes advantage of all the skills and education amassed over those 28 years. Surprisingly, technical expertise isn’t one if the skill sets required.
For those who don’t have insight into the wonderful world of ‘Cyber Security’, it’s fair to say that it’s a large and complex beast (imagine saying you work in the ‘car industry’ or example – that could mean anything designing wing mirrors through to windscreen insurance). I’m involved in the Vulnerability/Penetration Testing/Red Teaming side of things, in an industry that is fairly young and not well understood by the population at large.
There are many and varied highly technical career paths in this area that require more than a passing interest and competence in IT. There is a plethora of technical qualifications that elevate individuals to practitioner and ultimately advanced levels. Remuneration for these highly technical and qualified individuals is attractive and highly skilled people are well rewarded.
Supporting these technical individuals is similar to other industries sectors: Cyber consultancies need Finance, HR, IT, Marketing and also Operational support to ensure the highly prized Penetration Testers are put to good use earning high fees. This is the path I’ve taken since not really knowing how to make best use of a Mechanical Engineering degree after graduating in 1993.
I’m now Operations Director at The Cyber Scheme and have responsibility for all areas of the business from an operational point of view; procedures, processes, projects (internal and external), reporting, systems. None of this is particularly technical, yet each area has it’s own skill set, language and can be a career direction in its own right. I’m in an environment rich in technical expertise and niche domain knowledge, with colleagues who have highly prized skills and competencies. Rather than compete with them on their playing field I contribute to the success of the organisation in other ways.
What I’ve learned over the years (and this has taken a long time to crystalise) is that I really enjoy having problems to overcome and green field projects to start from scratch. Having too much to do and not enough time to do it is just a bonus! I also seem to thrive when I have a number of different activities on the go at once, which might seem insurmountable at first. My pseudo technical skills are good enough to get me to a point where I ask the right questions and allow the real technical people to shine with the all-important detail. If I was to give advice to those even thinking about a career in Cyber Security, I’d say go for it, safe in the knowledge that there are multiple career paths including both technical and non-technical.