Senior Cyber Security Consultant at Capgemini
“I've been able to use the knowledge from the course to directly benefit my clients"
Rebecca currently works for Capgemini as a Senior Cyber Security Consultant. She is putting into practice what she learned at the University of Warwick on a daily basis.
What have you been doing since finishing your MSc in Cyber Security and Management?
I have been leading projects in the Energy, Utilities and Financial Services sectors as a Cyber Security Architect. Every day I'm able to put my learning from Warwick into practice, to help develop solutions which adhere to the recognised Cyber Security International Standard ISO27001. I'm in a great position as I understand both the security and the business requirements of my clients. I'm able to implement cyber security products and services including Security Incident and Event Management (SIEM), Privileged Account Management (PAM) and network segregation services in a professional and secure manner.
At the time of the WannaCry release, I had just taken over the operational role of Cyber Security Manager for a Utilities company that is part of the Critical National Infrastructure. There, I was responsible for the overall security management, including review and risk/threat assessments, security incidents and coordination of response. I worked with the security team to improve the security posture of the client estate by liaising with the Security Operation Centres (SOCs) on matters regarding SIEM, Incident Detection and Prevention Systems (IDPS) and Anti-Virus (AV) protection.
A very important part of my role is to produce high-quality client reports - taking complex information, disseminating it and presenting to the Chief Information Security Officer (CISO) at main board level each month. I would say that I was particularly well prepared for this, thanks to the regular post module assignments we produced following each module at Warwick. It's a lot of work while you're learning, but invaluable when you then have to apply that skill in the workplace.
Tell us a little about your career before you came WMG.
After gaining a Master's degree in Physics back in 2002, I worked in a number of different roles before joining QinetiQ Ltd, where I led an ethical hacking team. In 2009 I started my own consultancy, helping organisations manage their mergers and acquisitions. Then, in 2013, I was offered a role with Pharos Group Ltd, one of my clients, as General Manager. As well running recruitment operations and expanding the team, I grew the business to achieve a 30% increase in gross margins.
So, at that stage why did you decide to study for an MSc?
I had been thinking about it for a few years, to be honest. I wanted to get back into cyber security and of course, with the industry evolving so quickly, I needed to update my technical skills. I liked the look of the course in WMG right away – particularly because of its strong links to industry. You only have to look at the companies involved in the programme to understand the benefit of that. I was also particularly attracted by the business management angle alongside the technical modules on the WMG course.
Did the course live up to your expectations?
Actually much more than I expected! What surprised me most was the number of people from industry who came in to talk to us about what they do and the challenges they face. Every one of them was absolutely fascinating to listen to and what they said proved how relevant each module is to business. Having the chance to discuss things with them was a huge positive for me. It helped me to understand to apply what I was learning theoretically into the real business world. It brought everything to life.
What did you think of the course structure?
The course structure is definitely designed to prepare people for a working environment. Each module is delivered over an intensive week of learning that provides a wealth of information. Then, as I worked on my post-module assignment, I was able to research the subject in more depth and present my findings in a document that would be relevant to someone at board or ministerial level – in other words, someone without in-depth technical understanding. This is real life! It’s exactly what you do as a consultant: research and analyse information, then make your findings meaningful to a particular audience and their business priorities. Everything seems to build towards preparing students for a consultancy role; I kept coming across that.
Was there anything else you particularly enjoyed?
Group working was a really beneficial experience. Being given business scenarios and working together to devise solutions – once again this replicates what happens in the working environment. That’s particularly true given the breadth of nationalities on the course. In fact, we had students from every continent. Being able to collaborate with people with different skills, backgrounds and experiences is really important in a global business environment. I also forged friendships that I know will last for the rest of my life.