Life at Deloitte
Journeys to cyber security - what does it take?
Different perspectives, one passion
When it comes to choosing cyber security as a career path, a common misconception is that a computer science degree is a must. While having an information technology background is helpful, a successful career in the security space does not depend on it.
Some of our brightest cyber security minds jump-started their career without a computer science degree. Instead, they were armed with a curious mind, an affinity and passion for the subject and the ability to easily adapt to new situations. When asked why they chose Deloitte and what inspires them about their profession, this is what they had to say:
Cyber security careers at Deloitte
Find open positions
Anna Czajkowska, Trainee, Cyber
While moving to Switzerland to study Business Administration at the University of St. Gallen, I never imagined my internship would be in a technical environment. Curiosity and the willingness to learn new skills and acquire some new knowledge made me apply for the student-run consultancy ESPRIT St. Gallen. Shortly after, I began to work besides University. By coincidence, I became aware of the Women in Cyber Initiative run by Deloitte, which by that time was looking for women to take part in the GSCP Cyber Strategy Challenge. Out of curiosity, and the awareness that the importance of data protection is increasing with the ongoing digitalisation, I decided to be part of this exciting journey. The Challenge showed me that the technical capabilities were not as crucial as I assumed they would be, but what matters the most is general curiosity and willingness to solve problems.
Amazed of how broad the field of cyber security seemed to be for me, I decided to join Deloitte for an internship to deepen my knowledge and to be part of a team where every single individual has a diverse background and is very ambitious and passionate about their work. Despite several challenging projects, foremost considering the technical aspect of my role, every day I have learnt something new. This kept me not only motivated, but it has driven me to give each day 100%.
Sofia Martinez Gomez, Trainee, Cyber
At the beginning of my mechanical engineering studies, I had no idea how my career would develop and where I would end up professionally. During this exciting journey, I have been shaping my path steered by what I enjoy the most. I started my Master’s in Robotics, Systems and Controls at ETHZ, where I discovered my passion for medical devices. Nowadays, these devices are intertwined with technology, and therefore have a strong relationship with engineers. It is fascinating to think that technicians constitute a key component in the health care industry, being able to improve people’s daily lives. As an example, heart disease patients can have better lives through the coordination of several elements. Their pacemakers ensure a functioning heart, while their smartwatch tracks their heartbeats and their doctor remotely processes the data that is being received. Connectivity to the internet and interconnectivity between devices is a great advancement, but it also brings with it a number of cybersecurity challenges.
Deloitte opened the door to cybersecurity for me, in a way that perfectly complemented my passion for medical devices. Together with a strong team of professionals from the Deloitte’s Cyber team, I now support health care companies tackle their challenges in cybersecurity. In addition, Deloitte also gave me the opportunity to work while finishing my Master’s at ETHZ. This combination of academic and professional experience provided me with the right balance to climb an incredible learning curve and to grow my interest in cybersecurity even more. My team has always strongly supported me throughout this experience, showing me how everything is possible. Because of this support, I decided to continue my path within Deloitte’s Cyber team, where I can approach new opportunities every day in this ever-changing field and I can pursue my ambitions.
Paulina Ptasinska, Consultant, Cyber Risk Services
I have no doubt I am in the right place. Four years ago, I joined Deloitte Poland and after a recent transfer, the Swiss firm has welcomed me to in its Cyber Risk Services team. Every day feeds my interest, as I have the opportunity to gain new skills and grab opportunities that strengthen my professional and personal growth.
I now work in the sub-team that deals with all privacy topics and help my clients to improve their privacy and regulatory compliance posture. Since joining, I’ve learned that designing and implementing meaningful security solutions requires a broad understanding of numerous factors, including law, strategy, resource planning, technology, trends, risk appetites – and of course the client itself. Having a technical background is important, but it is not sufficient. Our Cyber Risk Services team consists of a diverse group of people, from IT experts to business and regulatory specialists. I really appreciate having the opportunity to collaborate with these amazing people - inspiring cyber security leaders, keen to share their unique knowledge and experience. By working together, we are well placed to tackle a wide range of cyber challenges. Nothing motivates me more than working in a team that where everyone helps each other out when confronted with a challenge.
Stephanie Barry, Cyber Risk Analyst, Deloitte Business Security
"It’s been an amazing ride! With a background in data analysis, I joined Deloitte in the UK in 2015. At the time, I was part of the Quality and Risk Operations department where I developed my skills in information security risk. One year after joining the team in the UK, I seized the opportunity to join Deloitte’s internal security team in Switzerland. I was excited to build upon my risk background and become a cyber risk analyst. My new team in Switzerland helped me define a development plan, which included technical training, such as information system, cloud and networking security courses, as well as women in leadership courses.
As I look back on the time I’ve spent in this role, I feel that I’ve achieved so much more than I ever could have imagined, in a field that I originally hadn’t considered entering: I’ve contributed to many cyber initiatives, while working with a variety of stakeholders at various levels, and with multiple Deloitte firms from around the globe.
There’s no doubt that the technical aspect of my role has at times been daunting, but the prospect of overcoming these challenges has always driven my desire to keep on learning, and my progress keeps me motivated every day. The world of cyber risk is fascinating, and having come from a risk background, I feel as though cyber security has in fact been a natural next step. In addition, I’ve gained first-hand experience in effective communication and collaboration, which is absolutely necessary in providing pragmatic security services. Now, I’m really excited to develop further professionally and help Deloitte innovate securely!"
Maria Pisa, Senior Manager, Cyber Risk Services
“My Deloitte journey started with risk analytics and ultimately brought me to the field of cyber and privacy, which I am passionate about. But it’s not just the exciting field of cyber and privacy that makes me enjoy my job so much; it is much more. Three key things stand out in particular:
- The diversity of the work: As privacy team we are responsible for translating legal and regulatory requirements into policies, roles and responsibilities for our clients. Further, we also get to design and implement processes, functions, and technical measures to secure information. To round it up, we analyse data and systems and assess their implementations. And when we are asked to find gaps, threats and vulnerabilities of such systems to help ensure regulatory compliance, my risk analytics background comes to play again as well.
- The many opportunities to grow and develop as an individual: In the cyber team, I can be who I am and I get the support I need to become the best I can be. This allows me to grow in areas that I find exciting and learn about things that ignite me.
- An amazing team: The cyber team is comprised of a diverse mix of incredibly smart cyber risk professionals from across the globe. We enjoy taking on new challenges as a team, solving them by playing to each other’s strengths and capabilities. The combination of trust, respect and a common passion for our work makes the collaboration in this team something I look forward to every day.
It's really the complete package of exciting work, opportunities, and an inspiring team that makes being a part of the cyber team and being a woman in cyber so thrilling. I can’t wait for the next steps of the journey that lie ahead!"
Elisa Papa, Assistant Manager, Cyber Risk Services
“I am a physicist by trade who is passionate about data. After several years in the academic research and data science field it was time for a change. My increasing interest in data management and data security led me to joining Deloitte's Cyber team, where I now get to deep-dive into these topics while working on exciting client engagements. In this role, I have already had the opportunity to work on challenging privacy 'transformation' programmes for clients, which aimed at ensuring data protection, in particular around personal data, by translating multi-faceted regulatory requirements into technical and organisational measures for an appropriate use and processing of the data.
Being part of the Cyber team is a unique and rewarding experience because the learning and developing never stops. Every day, I am surrounded by a dedicated and very diverse group of cyber security specialists and data protection experts who all strive to reach one common goal: navigate the complex IT landscapes of international companies, understand the technologies in place and the risks associated with them to be able to find the best solutions for our clients.”
Yasmine Deryckere, Senior Consultant, Cyber Risk Services
"As a data protection specialist I am passionate about translating legalese data protection requirements into comprehensible and easy to implement GDPR solutions for companies across all industries. This regulatory rollercoaster allows me to obtain new insights and skills on a daily basis, which sparks continuous learning and growth and ensures I never get bored.
I joined Deloitte Cyber because I wanted to be part of a dedicated and ambitious team of privacy and security professionals who have in-depth expertise in cyber transformation programmes across large scale companies. For new joiners, the team promotes on the job learning, applauds and rewards people that are proactive and values all team members’ point of view, irrespective of seniority.”
Patricia Egger, Senior Consultant, Cyber Risk Services
"I’m a mathematician who’s passionate about people. My first exposure to security was in a cryptography course I took in high school. Later, in university, I loved that crypto had its roots in some pretty complex math, but at the same time, was used by everybody, every day. That’s what keeps me going today: the relationship and dependencies between the science of security and people. What some may not realise is that security is as much of a technical and technological topic as it is a human topic; and I think that’s what makes the field so interesting.
After my first year at Deloitte Cyber Risk Services, I can say that I have never felt bored. In addition to all the interesting client projects (spanning from Identity and Access Management to Privileged Access Management and Cyber Security Risk Assessments), I also have the opportunity to lead the Swiss chapter of Deloitte’s EMEA initiative that aims at reducing the gender imbalance in the field of security, a cause I care deeply about. Supported by both my senior management and my peers, I have been given a platform to make an impact that matters; a privilege that I do not take for granted."
Fiona Koller, Trainee, Cyber Risk Services
"During my bachelor studies at the University of St. Gallen in International Affairs, I decided to write my thesis on the topic of cyber risk and security for Small and Medium-Sized Enterprises (SMEs) in Switzerland. I chose this topic because it was an emerging issue and there was not much information about it at the time of my research. Afterwards, and despite some initial doubts due to my lack of technical skills, I applied for a traineeship in Deloitte’s Cyber Risk Services team. The goal was to gain hands-on experience and to determine whether it could be a potential career path for me in the future.
I am now part of an ambitious and passionate team working towards the greater good in providing companies with the best possible solutions in this dynamic and fast-growing field. I have had the privilege of working alongside and learning from extremely talented data privacy and cyber security specialists. I enjoyed working on a variety of diverse and complex client projects ranging from GDPR support to cyber security gap assessments. The team here promotes learning on the job and, over the past few months, I have been given increased responsibilities and client exposure.
Looking back, my initial concerns now seem unfounded, as I experienced the interplay between technical and non-technical skills and how crucial both are to complete successful projects. The interconnectivity of the human and the technical factor is integrated into our team and the work we do every day. A few months into my cyber risk journey at Deloitte, I see myself continuing on this career path with additional training and I am very excited about the opportunities and the challenges of the future."