Just a Standard Blog
You don’t have to be a coder or have a technical background to work in cybersecurity. Cybersecurity is a diverse and fast-evolving career field. Cybersecurity professionals work in threat analysis, project management, law, research and development, auditing or other fields.
NIST has a diverse cadre of cybersecurity professionals working to protect networks and set standards that keep us — and our data — safer. Below are three of their stories.
Interested in jump-starting your own cybersecurity career? Visit the Cybersecurity Career Week page and NIST’s careers page to learn more.
Before joining NIST, I spent 12 years shaping technology policy for the U.S. Senate Commerce Committee. One of my notable achievements was spearheading the Senate passage of what ultimately became the CHIPS and Science Act.
I then joined NIST in a role that eventually led me to lead the NIST Cybersecurity Framework program. This framework is considered the gold standard in cybersecurity. I didn’t have a technical background at the time, but I’ve expanded my knowledge through hands-on work and certifications. Honestly, diving into NIST's cybersecurity publications is an education in itself!
I now serve as director of NIST’s National Cybersecurity Center of Excellence (NCCoE). I lead a collaborative hub where government and industry work together to solve cybersecurity challenges using integration of standards and technology. About half my time is spent engaging with partners and attending conferences representing the NCCoE. The other half is dedicated to working with my NIST colleagues and tracking the progress of our diverse projects.
Throughout my career, I've sought opportunities to push the boundaries of technology and innovation, while making them more beneficial to society. A big part of that is translating complex, technical issues into something meaningful for broader audiences.
The best part of working at NIST is seeing the tangible impact of our efforts. At the NCCoE, we work alongside hundreds of organizations to solve real-world cybersecurity challenges facing businesses today. NIST also gives us the independence and flexibility to pursue solutions that align with our expertise, allowing us to make a meaningful difference in the cybersecurity issues most interesting or important to us. Seeing the impact of our team is truly rewarding.
Learn more about NCCoE’s efforts to keep your genetic information safe:
I had an interesting career pathway that led me to the cybersecurity field.
After graduating with an environmental science degree, I worked extensively in the environmental science field. When that career path dried up, I applied for a variety of jobs. One of those was an entry-level administrative job with Science Applications International Corporation (SAIC). In my interviews, a female vice president said to me, “I see you have some computer experience. Would you like to be a system administrator?” I didn’t know what that job meant, but I said, “Sure.” I got the job and immediately went to the bookstore to get as many introductory books as I could get on computers. The only computer experience I had was programming on a Commodore PET in middle school and using a Windows 95 computer to check email and write papers in college! I learned a ton on that job. Not only did I pull cables and set up network closets, but I also took apart many different computers to troubleshoot.
I worked as a system administrator for a few years and obtained my master's while working full-time. I went from contract to contract to do cybersecurity consulting for various federal government organizations. I worked in network administration, policy writing, risk and impact analysis and cybersecurity disaster recovery planning. I also got my feet wet in the dot-com field.
In 1999, I helped SAIC determine what computer systems could be affected by the Y2K rollover. I made plans, ran scenarios and conducted exercises on what could happen if Y2K led to computer Armageddon. I stayed up in the SAIC Command Center watching the clock tick down, minutes and seconds. When nothing happened, I took a nap under my desk after working 24 hours straight. WHEW!
I was later hired at NIST to work on standards, presenting NIST and federal guidance updates to stakeholders and running the group then known as the Federal Computer Security Managers Forum. I am currently performing research on phishing and human-centered cybersecurity. I love this new position because it blends my passion for computer and human-centered research.
I have experienced firsthand being one of the very few women in science and cybersecurity throughout my personal, educational and professional career. I’ve attended many cybersecurity conferences where I’m just one of a handful of female attendees. I am also a mom to a daughter who loves science.
Just like the woman at SAIC who took a chance on me earlier in my career, I feel it is my duty to continue and give back to the women who have helped me get to where I am today. I have jumped at every opportunity I can to help support women in science, technology, engineering and math (STEM). As soon as I joined NIST, I joined the Women in STEM organization and am currently serving on the Women in STEM Executive Board.
I love working at NIST because it allows me to pursue many of my other passions, including mentoring, leadership training, and diversity, equity and inclusion. Everyone I’ve encountered at NIST is so courteous and willing to go the extra mile to help each other. I also enjoy the openness and willingness of NIST management to accept and answer questions. NIST has given so much to my family and me. My husband also works for NIST, and my daughter attended NIST’s child care center. I can’t help but give back by “paying it forward.”
After college, I started out as an intern at a public relations firm, and then I made my way into government contracting and consulting — doing communications projects for federal agencies and Fortune 50 clients for several years.
I finished up my master’s degree in communications, and I was offered a job on a cybersecurity contract and never looked back. I love cybersecurity because every day is different. The projects are interesting, and the work is so important.
At NIST, I am the communications director for cybersecurity and privacy and serve as a subject matter expert on engagement, coordination and the development of communication materials. I bring a unique perspective to NIST because of my background in crisis communications, public relations, cybersecurity and scientific research.
Recently, I helped with the release of the NIST Cybersecurity Framework 2.0. I worked behind the scenes on some of the publications, tools and communications planning efforts. It was such an exciting and important project, and I had a chance to work alongside people who were really enthusiastic and proud of the work.
Getting to work with such smart, motivated and inspiring people is the best thing about working at NIST. I have been at NIST for 10 years now and am continually impressed by my colleagues and honored to work with them.
To celebrate Cybersecurity Career Week, join the many events, check out our resources or join in the discussion on social media.
Google translation of this comment:
Valuable information in dealing with security
Cyber and how to transform
Congratulations to all NIST staff, especially the Cybersecurity working group and its internal areas. I am trying to set up a SOC at the University where I work. The CSF has been the nucleus of what I intend to bring as regulatory compliance. If I can successfully complete the SOC project, I hope one day I can showcase my work based on yours.
Thank you very much for your work.
معلومات قيمه في التعامل معالامن السيبراني وكيفيه تحو