Galia Maranon joined IBM in May 2015. As a Senior Consultant in the Cyber and Biometrics Services group, she works on new laws like Health Insurance Portability and Accountability Act (HIPPA) which require protecting the confidentiality, integrity and availability of patient information in the digital era. She strategizes in proactively countering threats to sensitive data, and empowers the teams to be security conscious and become able to identify threats.
In this interview, Galia shares why she chose a career in cyber security, her experience working in IBM, and some of the projects she is working on.
Why did you choose a career in Cyber security?
Not only is cybersecurity one of the fastest growing fields out there, the relevance of the jobs we do has never been greater. The need for professionals who understand Security needs is growing and in high demand. A career in Security is rewarding because you can be a jack of all trades since it covers everything from forensics, to networking, application security and policy. You will never be bored and there is always so much to learn. That is very fulfilling.
What attracted you to join the IBM Security work force, and how has your experience been so far?
What attracted me was IBM’s long history as a leader in technology. So far my experience has been very positive. I constantly meet professionals (both in Security and other fields) who are always willing to listen and help out if they can. I’ve learned so much from their experience and wisdom.
As a woman at IBM working in the field of Security, what about the IBM culture makes the company a compelling place to work?
Very quickly I was introduced to other women in Security that I could reach out to for anything. As a woman of color, I was also introduced to communities within IBM dedicated to diversity. This shows the company’s commitment to creating an inclusive culture.
More about your role in Cyber security
What are some of the exciting Cybersecurity projects you are working on?
I’m still on the first project I was assigned. I work for a US state and have helped their Medicare/Medicaid system adhere to CMS and HIPAA compliance. In addition, I am the HIPAA focal and DS&P SE for the project.
Cyber security has become a global concern. Can you describe one of the top threats in your opinion and how you’re helping to fight it during your day to day work?
I believe that the first line of defense is always the people. Educating staff about social engineering, phishing, and being security conscious helps alleviate/reduce internal risks. When staff is empowered with knowledge and how to handle potential breaches or fishy situations we can stave off many threats. Whenever I interact with our project resources or client staff I always bring up ways in which Security measures can help or raise awareness on how to spot threats. This inevitably leads to great conversations on other ways to protect data.
In your view, how does the fact that IBM is a global company help it deal with security threats worldwide?
Because of our worldwide footprint, we have access to security data across various markets. We can see threats in the financial industry, in government (both federal and local) as well as commercial spaces such as energy, technology and retail. Being able to leverage subject matter experts across different fields is a powerful tool at our hands. In my project, I have been able to work with other consultants in other states that also have CMS and HIPAA compliance needs. Their knowledge and experience has helped us shape solutions for our client.
What internal support have you enjoyed as a woman working in IBM Security?
Definitely the WISE community – it has allowed me to connect with many great and inspiring speakers. There are accomplished women in the field who provide inspiration to stay in this dynamic field. WISE also provides some great opportunities to work with other women in Security throughout IBM, outside of my practice. Finally, I found some events and articles by the Network for Emerging Women Leaders community to be helpful and informative.
Advice for women who want to build a career in security
Do you need to be a hacker or cyber-security expert to work at IBM Security?
Absolutely not. I think you just need to be curious and have a love of learning. Like I said before, Security covers so much ground that most any previous work experience can be leveraged. Of course, it doesn’t hurt to have certifications etc.
What advice would you have for women looking to break into a technical or non-technical, security role?
Breaking into a technical security role just requires experience with the technology (i.e. networking, application development, programming, etc). A certification such CISSP or CISM/CISA is always a plus. The only non-technical (or less technical) role I’ve had is doing compliance work which just requires patience and stamina to get through the massive literature on controls and implementation.
If you are interested in building a career in Security, visit the IBM Security careers page.
Discover what you can do at IBM. http://ibm.com/jobs/security