Life at Deloitte

Journeys to cyber security - what does it take?

Different perspectives, one passion

When it comes to choosing cyber security as a career path, a common misconception is that a computer science degree is a must. While having an information technology background is helpful, a successful career in the security space does not depend on it.

Breaking the glass ceiling and sparking change

Some of our brightest cyber security minds jump-started their career without a computer science degree. Instead, they were armed with a curious mind, an affinity and passion for the subject and the ability to easily adapt to new situations. When asked why they chose Deloitte and what inspires them about their profession, this is what they had to say:




Cyber security careers at Deloitte

Find open positions

Kate Wong, Manager, Cloud and Infrastructure Security, Cyber Risk Services

I began my career in IT Consulting in Hong Kong without a specific focus but was keen on exploring different roles and domains. It wasn’t until my third year of working that I got involved in Cloud Computing. At this point in time, we were already in the trend where many industries in the city saw significant Cloud adoption but most importantly: they rapidly recognised the benefits in using that technology. As my clients’ views were aligned with that, I started working on migrations to different Cloud service providers. While performing these engagements, I often wondered how security measures would change when a company, who was used to hold all their most important data in-house, had them residing to a third-party provider.

As more similar thoughts continued to draw my interest, I went down the rabbit hole and decided to naturally allocate more and more time, developing my knowledge on Cybersecurity – specifically on Cloud Security. Being in this industry, you are naturally challenged for growth and improvement since hackers don’t take time-off when you are on holiday. Here at Deloitte, I am very proud to be in a team of passionate mindsets. We continuously inspire confidence to each other, which in-turn, enables ourselves to deliver meaningful value to clients.

May Randall, Senior Consultant, Resilience and Vigilance, Cyber Risk Services

Coming from a non-technical, non-computing and definitely non-cyber background (I completed a BSc in Geology and an MSc in Management) I never thought I would end up working in Cyber. My journey into Cyber was somewhat serendipitous, starting in 2019 in the summer between my BSc and MSc, when I applied for an internship with Deloitte UK on the recommendation of a friend. Since I applied fairly late in the application window, I was not able to choose which service line I wanted to intern in: instead, I was automatically assigned to the one that had a place remaining – the Cyber practice!

During this time, I rotated around the different capabilities within Cyber (e.g. Incident Response, Data Privacy, Strategy, Application Security etc.) and also got my first experience working on an actual project for different energy clients around the UK. When my internship came to an end, I was interviewed for the conversion to the graduate scheme and so my journey with Deloitte continued, with my place secured for after I finished university.

Fast forward a year to September 2020 and I joined Deloitte full-time on their graduate scheme and became part of the Cyber Incident Response team. My day-to-day included helping on real-life incident response projects and providing training to clients to help them be better prepared to respond to cyber attacks; after all, it’s no longer a question of “if” but rather “when” regarding companies falling victim to a cyber attack.

After nearly two years in the UK team, I was able to transfer to the Swiss Cyber practice where I now sit in the Resilience and Vigilance team. In both the UK and Switzerland, it has been the team and the people I work with that has really stood out for me. I have worked on challenging projects, but there is always help when you need it and I know that there will never be a client challenge great enough that we cannot face together.

Floriane Gilliéron, Consultant, Data Protection & Privacy, Cyber Risk Services

I studied Communication Systems at EPFL to understand which mechanisms are ensuring that whenever I send data over the internet it doesn’t get lost or read by malicious people. Along the way of solving these questions, I became more and more interested in aspects of cyber security that were not only about securing the data, but also about securing the people behind it. Having reliable encryption and communication mechanisms is not enough, it’s also important to regulate how companies are using their client’s data. This passion for privacy eventually brough me to the Data Protection & Privacy team at Deloitte, where I now have the opportunity to work on exciting and challenging projects for various clients. With a job constantly pushing me to learn, I’m guaranteed to stay up to date with the latest technologies and trends. This is especially important in a fast-moving field such as cyber security.

Another thing I particularly enjoy about my job at Deloitte is the people I’m working with. After six years in a technical university, I find it very enriching to be collaborating with colleagues from various academical backgrounds, bringing more perspectives than the engineering one, which is more than needed to solve such complex challenges. The cyber team is made of motivated and dedicated people, creating an ideal working environment. I’m always excited to start a new day, as I’m convinced to have found the right place for me!

Jasmin Rubin, Senior Consultant, Resilience and Vigilance, Cyber Risk Services

Becoming part of Deloitte’s Cyber Risk Services Team was a career path I never imagined in my wildest dreams. With a Bachelor and Master’s degree of Arts in my pocket, I started working for the Swiss Department of Defence and later the Swiss Department of Foreign Affairs (FDFA). During these five years, and especially while coordinating the politico-military dimension of the Organisation of Security and Cooperation in Europe (OSCE), the topic of Cyber became somewhat omnipresent: From hybrid warfare to so-called “Confidence building measures in Cyber” - Cyber was “where it’s at”.

At the same time, I became responsible for the COVID crisis management within the Eurasia division of the FDFA. Realising how much effort efficient crisis management requires, I started looking for jobs where I could make an impact in that field. And that is how I joined Deloitte’s Cyber team; a team full of diverse people with different backgrounds – a place where I can learn new things by simply having a coffee with someone. Working in Cyber has been nothing short of an exciting ride with almost endless opportunities on exciting and challenging projects – a journey I can recommend to anyone out there, wanting to make a difference in their working life.


fiona koller women in cyber

Anne van Eck, Assistant Manager, Data Protection & Privacy, Cyber Risk Services

While I was studying law and business at the University of Leiden in the Netherlands, I always felt that something was missing. In my third year I therefore helped to set up a Legal Tech initiative, by combining legal and technical knowledge. And it paid off! Today, I am advising clients on legal and technological matters – and this is what I still love doing. The combination of my legal, business and tech background allows me to think broader and consider more than just one angle of a client challenge (e.g. legal concerns).

At Deloitte I love working in our multidisciplinary and diverse team. People from various backgrounds and nationalities make up our cyber team. I think diversity is key to being innovative and having different perspectives on certain challenges that clients may face. We are always open to helping our clients grow and taking on new challenges. If there is one thing I have learned working for Deloitte in the past few years, it is that anything is possible, as long as you go for it. And that is what I will continue to do in my future as a woman in cyber at Deloitte.

Laura Mati, Manager, Cyber Risk Services

After having studied Economics in Milan and Business Journalism in Beijing, I came across cyber security almost by accident when I joined Deloitte (although “there are no accidents” Master Oogwa, Kung Fu Panda, would wisely whisper). One of my first projects allowed me to design operating models and set up global hubs for the delivery of cyber security services for various Swiss based global organisations.

Just as much as my initial involvement was accidental, the choice to move to cyber security was unreservedly deliberate. I completed the Certificate of Advanced Studies in Cyber Security at ETH Zürich and moved from Strategy & Analytics in Consulting to the Cyber team in Risk Advisory.

What fascinates me about cyber security is the wide spectrum of fields one could pursue without ever leaving the cyber domain – cryptography and mathematics, law and privacy, national security and international relations, compliance and regulations – all tightly glued together by technology.

With a background in outsourcing and shared services large-scale transformations, I am looking forward to exploring and pushing forward the thinking around cyber delivery models, alongside our clients. As the maturity of cyber services grows, so does the importance of delivering them in the most effective and efficient way.



Stephanie Barry, Cyber Risk Analyst, Deloitte Business Security

"It’s been an amazing ride! With a background in data analysis, I joined Deloitte in the UK in 2015. At the time, I was part of the Quality and Risk Operations department where I developed my skills in information security risk. One year after joining the team in the UK, I seized the opportunity to join Deloitte’s internal security team in Switzerland. I was excited to build upon my risk background and become a cyber risk analyst. My new team in Switzerland helped me define a development plan, which included technical training, such as information system, cloud and networking security courses, as well as women in leadership courses.

As I look back on the time I’ve spent in this role, I feel that I’ve achieved so much more than I ever could have imagined, in a field that I originally hadn’t considered entering: I’ve contributed to many cyber initiatives, while working with a variety of stakeholders at various levels, and with multiple Deloitte firms from around the globe.

There’s no doubt that the technical aspect of my role has at times been daunting, but the prospect of overcoming these challenges has always driven my desire to keep on learning, and my progress keeps me motivated every day. The world of cyber risk is fascinating, and having come from a risk background, I feel as though cyber security has in fact been a natural next step. In addition, I’ve gained first-hand experience in effective communication and collaboration, which is absolutely necessary in providing pragmatic security services. Now, I’m really excited to develop further professionally and help Deloitte innovate securely!"


Elisa Papa, Manager, Cyber Risk Services

“I am a physicist by trade who is passionate about data. After several years in the academic research and data science field it was time for a change. My increasing interest in data management and data security led me to joining Deloitte's Cyber team, where I now get to deep-dive into these topics while working on exciting client engagements. In this role, I have already had the opportunity to work on challenging privacy 'transformation' programmes for clients, which aimed at ensuring data protection, in particular around personal data, by translating multi-faceted regulatory requirements into technical and organisational measures for an appropriate use and processing of the data.

Being part of the Cyber team is a unique and rewarding experience because the learning and developing never stops. Every day, I am surrounded by a dedicated and very diverse group of cyber security specialists and data protection experts who all strive to reach one common goal: navigate the complex IT landscapes of international companies, understand the technologies in place and the risks associated with them to be able to find the best solutions for our clients.”


Fiona Koller, Senior Consultant, Cyber Risk Services

"During my bachelor studies at the University of St. Gallen in International Affairs, I decided to write my thesis on the topic of cyber risk and security for Small and Medium-Sized Enterprises (SMEs) in Switzerland. I chose this topic because it was an emerging issue and there was not much information about it at the time of my research. Afterwards, and despite some initial doubts due to my lack of technical skills, I applied for a traineeship in Deloitte’s Cyber Risk Services team. The goal was to gain hands-on experience and to determine whether it could be a potential career path for me in the future.

I am now part of an ambitious and passionate team working towards the greater good in providing companies with the best possible solutions in this dynamic and fast-growing field. I have had the privilege of working alongside and learning from extremely talented data privacy and cyber security specialists. I enjoyed working on a variety of diverse and complex client projects ranging from GDPR support to cyber security gap assessments. The team here promotes learning on the job and, over the past few months, I have been given increased responsibilities and client exposure.

Looking back, my initial concerns now seem unfounded, as I experienced the interplay between technical and non-technical skills and how crucial both are to complete successful projects. The interconnectivity of the human and the technical factor is integrated into our team and the work we do every day. A few months into my cyber risk journey at Deloitte, I see myself continuing on this career path with additional training and I am very excited about the opportunities and the challenges of the future."


fiona koller women in cyber

Find out what other team members across Europe say about their career in cyber:

Did you find this useful?