By Chief Editor and Blog Manager- Amanda-Jane Turner
Thanks to Amy O’Connor from WithYouWithMe for enabling this article series on veterans and to Steph for agreeing to be featured in this Profile of Veterans article.
In her twenties, Steph commenced software development as a hobby, while
her navy husband was on extended deployment. A woman with an amazing variety of
interests, up until recently she played
Women’s Roller Derby where her player name was “Secure Socket SLayer” (SSL) and
her player number was 443. For those not into computer networks, this is a pun
on port 443 the standard port used for websites that use SSL. Embracing
her creativity, Steph also does ballet and plays the violin. In addition to studying software engineering, Steph
also completed a course on computer
networking which she really enjoyed. Learning about how networking components
could be manipulated in certain ways to create unintended reactions, she became
absolutely obsessed with learning about this and how hacking works. Subsequent to
these courses, Steph then studied for a bachelor of Information Technology
Network Security, where she was awarded as a gold disruptor in the Australian
Computer Society’s Student of the Year Category, and completed a summer
internship in a Security Operations Centre.
Currently working full time as a Senior Security
Analyst, she conducts a vast range of security activities, including incident
response, vulnerability management, risk assessments and threat intelligence. She
is enthusiastic about her role and shared that there is always something new to
do every day in an ever changing environment and threat landscape. When asked
what she sees as challenged in security, she explained that often organisations
view security as a product to sell rather than everyone’s priority. Prior to
her current role, Steph conducted penetration tests and vulnerability assessments
as a WYWM Cyber pentester. She has had diverse experience in cyber security including
working as a digital forensics analyst (acquisition, triage and analysis of
digital evidence) and a delegate at the OECD in 2017 to conduct research into
the financial sector’s global threat landscape.
Steph thoroughly enjoys pentesting and said that
her dream job would be a role that includes penetration testing, red teaming
and security research. With her primary passion in this work being offensive
security Steph loves discovering ways to exploit systems and developing
creative ways an attacker may compromise or interact with a system. Ultimately she wants an amazing role in
security to lead advance adversary simulations, crafting simulated attacks that
will encompass social engineering, physical security, research into advanced
persistent threats and in-house vulnerability and exploitation research and
development. Steph loves learning new things and is currently obsessed with
custom network protocol reverse engineering and vulnerability discovery through
protocol analysis. Sharing challenges to her getting her dream job, Steph spoke
about a lack of security maturity in Australia where organisations do not fully
understand the looming threats globally and the best ways they can be mitigated.
She stated that by combining strategic, operational and tactical threat
intelligence with advance adversary simulations the we can place ourselves in a
much better position to decrease Australia’s ‘cyber’ attack
surface.
Citing development and training from an employers
as meaning a lot to her, she states that a big factor for her when seeking
employment is one that offers the option to develop employee skills, gain
certifications and offer highly skilled mentors. Mentors are important to Steph
and she believes that there is a lack of technical mentors throughout Australia
interested in mentoring up and coming pentesters and red teamers. Steph would
love to see more involvement from mentors willing to assist with development in
this area.
There are however organisations and people who are
willing to support people gain employment in the cyber security field, and
Steph stated that the biggest help she received in gaining employment was
through WithYouWithMe. As a defence spouse she moved around a lot and although she already
had a lot of technical ability and passion in security she didn’t understand her
worth within the job market – WYWM helped Steph understand this. Another big
factor in helping Steph gain employment was immersing herself completely into
security, taking every security course she could find and becoming active
within the security community.
Steph was asked if there was any individual or
organisation she would like to promote and she shared the following:
“I want to promote the
hackers helping hackers charity – they send disadvantaged and individuals from
minority groups to security conferences around Australia. I also want to
promote the amazing security community throughout Australia – all the security
Cons (bsides, crikeycon etc) put on by volunteers from the security community.
And the Security community events like SecTalks and InfoSec. “
If you want to connect with Steph you
can find her on LinkedIn.
 |
| (c) AWSN 2018 |
Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.
