Miranda Sumey has been with IBM for almost two years now. As an Analyst in the Security Intelligence group, she provides proactive threat intelligence to clients and makes customized recommendations to help clients prepare for and respond to emerging cyber threats. Her team is responsible for making proactive recommendations to clients to help protect them from current or emerging cyber threats by analyzing their data and logs (IDPS, firewall, SIEM, endpoint, etc) to identify potentially malicious traffic.
In this interview, Miranda shares why she chose a career in cyber security, her experience working in IBM, and some of the projects she is working on.
As a new hire, what made you decide to join IBM Security? How has your experience been so far?
When I was first hired, I was deciding between two very good offers: both offered similar benefits and a work-from-home opportunity. I chose IBM over the other one because on top of that, they’ve got more than 100 years in the technology space and are a widely-respected household name. I felt that IBM offered better opportunities to learn and grow in my career, and so far I’ve been right! I don’t regret my decision for a minute.
As a woman at IBM working in the field of Security, what about the IBM culture makes the company a compelling place to work?
IBM Security should be at the top of every woman’s list of great places to work. Security is so hot right now, and there’s tons of careers all over the globe for technical and non-technical women alike. IBM offers amazing flexibility and a great networking group called WISE (Women In Security Excelling) that helps connect you with women in all sorts of career tracks.
More about your role in Cyber Security
Why did you choose a career in Cyber Security?
For me, cyber security was a perfect marriage between my two fields of study: computer science and international affairs. It always amazes me that the same problems playing out in the real world are mirrored in the virtual – organized crime, intellectual property theft, even espionage! It’s always changing and challenging, so you’ll never be bored.
Cyber security has become a global concern. Can you describe one of the top threats in your opinion and how you’re helping to fight it during your day to day work?
Right now the biggest threats for my clients is ransomware – a malicious software that encrypts files (thus preventing access) and asks for a sum of money in return for decryption. The weakest link in most organizations is the users, and it’s almost inevitable that at some point, someone will click on something bad. My team and I try to protect our clients by making recommendations like regular, external backups of data, filtering incoming email for executables, restricting macros, keeping anti-virus up-to-date, enabling appropriate IDPS signatures, creating new rules for clients’ SIEM (Security Information and Event Management) tools like IBM’s QRadar, and monitoring for known bad-reputation IP connections.
In your view, how does the fact that IBM is a global company help it deal with security threats worldwide?
IBM has Security Operations Centers (SOCs) and clients all over the world, and are often able to identify trends in malware targeting, for example, in our European, Asian, or South American counterparts, even before they hit the U.S. Our Trusteer team has identified and published alerts on Tinba, Dridex, and Goznym by drawing on our vast troves of global data.
How has IBM helped you in your career?
Not lying when I say that joining IBM was the best thing I’ve done so far in my career. I spent my first year working on multiple clients in very different industries, and had broad exposure to a lot of different cyber threats/trends – I learned a ton and believe that my personal growth was faster in that one year than at any other previous position I’ve held. I recently found out I’d been selected for a management position I applied to and am now managing the very same team I started with – so I can honestly say IBM has given me a world of opportunity and the ability to learn and grow within the Security organization.
What internal support have you enjoyed as a woman working in IBM Security?
The WISE community has been excellent at fostering new connections and inspiring me to get involved in helping attract and retain talented women into the field! I was one of the first to sign up after the launch of WISE was announced. It’s great to connect with women in all different roles in security – volunteering for side projects like these has given me the opportunity to meet women I might not have otherwise met. Participating in WISE presentations is a great chance to learn about what others are doing too. Women are still very much the minority in IT roles, and security roles specifically – and it’s crucial that we support each other, network with each other, and learn from each other.
Advice for women who want to build a career in security
What advice would you have for women looking to break into a technical or non-technical, security role?
On the tech side, it depends on where you are career-wise. If you’re still in school, I strongly encourage you to take a coding or networking course! I didn’t go to school planning to study computer science; it all kind of snowballed after only a single class (trust me, it pays off – I eventually won a full scholarship for CS!). Even if you hate it, it’ll build valuable skills! If you’re midcareer, you can always start looking at industry certifications like the CISSP. And no matter what age, have fun and play – set up your own virtual machines or a mini-lab at home. There’s tons of ideas on the internet and YouTube for where to start!
If you are interested in building a career in Security, visit the IBM Security careers page.
Discover what you can do at IBM. http://ibm.com/jobs/security