“Trailhead has been an invaluable resource for me to dive deep into different cybersecurity topics and broaden my knowledge base.
Mariel Townsend
Cybersecurity Manager
Miami Beach, FL, United States
Meet Mariel, change maker and Certified Information Systems Security Professional (CISSP).
What motivated you to start a career in cybersecurity risk management?
I have a background in economics and data analysis and was working on a project evaluating the effectiveness of government IT programs at the White House. During that time, the Office of Personnel Management (OPM) breach happened in which hackers stole sensitive background investigation information from a government system containing data on millions of government personnel. I led the effort to determine how many people had been affected by the attack. From there, I was offered a job working full time on the White House’s Cybersecurity Team, which oversaw cybersecurity policies for the entire Federal government.
How did you end up in your current role?
I learned everything I know about cybersecurity on the job. You may think that you need to have a technical background to work in cyber, but there are actually many diverse paths you can take. I had strong analysis, project management, writing, and strategic thinking skills that helped me succeed in my job working at the White House. I also had the opportunity to get my CISSP which helped me hone my security skills.
“When I was working at the White House, teamwork was a huge part of how I was able to be successful. I needed to earn the trust of executives, and enlist the help of technical experts across teams to recommend solutions.
What qualities will help someone succeed in a cybersecurity risk management career?
Working in risk management requires you to have strong analytical, problem solving, and coalition building skills. Technical acumen is important, but if you are not able to win the trust of the stakeholders who are responsible for implementing protections you won’t be able to truly understand the organization's risk posture and create buy-in for improving it. In the past a lot of cybersecurity professionals were afraid to be honest about risks facing their organization because they were worried about budget cuts and a host of other concerns. Today most organizations understand that cybersecurity isn’t a problem to be solved but a risk to be managed. Being able to analyze these risks using hard data, and make recommendations couched in business terms will help you succeed in this role.
What advice do you have for someone starting out in this field?
Don’t be intimidated by jumping into a new field. I think a lot of people, and especially women, tend to suffer from impostor syndrome, and think they aren’t qualified or capable to take on a task unless they meet every single one of the requirements. Cybersecurity is a field that is always changing, and can benefit from input from people with a diverse set of backgrounds and skills. There are tons of opportunities for training and certifications, and since the field is always changing there is always something new to learn. Do what you can to educate yourself about opportunities, and when you find the right one, don’t be afraid to apply! Think about how your current experience fits with the skills and strengths needed to succeed in the role and be explicit about that in your application and interview. There are so many exciting opportunities out there, there’s bound to be one that’s right for you!
Fun Facts
Who are your heroes?
José Andrés
Favorite hobby?
Surfing or anything else near the beach
Do you have a motto?
Atrévete. It means “Dare yourself” in Spanish
Meet more security professionals