Fostering curiosity in cybersecurity

Curiosity is what compelled Quratulann “Annie” Jamshed to explore the world of cybersecurity.

When discussing how the field of cybersecurity inspires curiosity, Jamshed references the depth of the industry.

“I compare it with an ocean,” she says. “There are so many things that you can do within cybersecurity.”

Jamshed started her career with a bachelor in Electrical Engineering. As she was studying, she found herself growing curious about how systems and data were secured during a computer networks course.

“I suppose I had the security mindset from the beginning,” Jamshed says. “Because I was asking these questions.”

After she graduated, she found that there was a lack of opportunities in her home country, and she was unable to find a job within the electrical engineering field. Instead, she started a teaching career, which she stayed with for three years. However, she soon realized that this wasn’t the path for her.

“I just wasn't interested in electrical engineering anymore,” Jamshed says.

After moving to the United States, she discovered that the University of Houston in Houston, Texas was offering a master’s degree in Cybersecurity. So, she enrolled in the university, obtained her Master’s degree, and took her first steps into the world of cybersecurity.

Venturing into the world of cybersecurity

Jamshed gained more than a degree during her time at the University of Houston. Though a friend, she learned of the Women in CyberSecurity (WiCyS) conference. After looking into the conference, she decided to attend, where she had the opportunity to experience women-led keynotes and workshops.

“It was just amazing,” Jamshed says. “I got to see so many women that had already overcome [many challenges].”

While at the conference, Jamshed learned that WiCyS had a goal to start student chapters at universities. Inspired by the time she’d spent there, Jamshed returned to the University of Houston and founded the student chapter at her school. Even after her graduation, she maintained a close connection with the student chapter in order to support and sustain it.

After graduating, Jamshed was offered a position in Governance, Risk and Compliance (GRC). However, starting off her career in GRC didn’t feel like the right path.

“Right away, you do want to get hands-on experience, and that you're going to get from the security operations center,” Jamshed says.

So, Jamshed instead sought a security operations center analyst position, which she found through Schlumberger. Although she began as a Cybersecurity Operations Center Analyst, she spent the next four years rising through the ranks.

She gained valuable skills during this time, citing various tools and experiences she gained along the way.

“I used to do incident response, I worked with various tools like security incident and event management tool, vulnerability management tool endpoint security tool, so it gave me a lot of exposure,” Jamshed says while recounting her previous work experience. “I became a threat intelligence champion during that time as well. And we would do forensics, so it was very hands-on.”

This experience led her higher up the security career ladder. Eventually, she earned her current role as Vice President — Security Architect at JPMorgan Chase & Co. Although her role isn’t as hands-on as her previous positions, she still finds value in those experiences to this day.

“I can I can go into the system very confidently, and I feel like a lot of people get intimidated [at the thought of] breaking things, whenever you're working with a new tool,” Jamshed says. “I don't have that fear in me. And I think that's because of the experience that I gained from the security operation center.”

Building her cybersecurity career is not the end of Jamshed’s story, however. After gaining experience in the industry, she was inspired to begin building something new. She decided to establish the Houston Affiliate for WiCyS.

While discussing her decision to create the WiCyS Houston Affiliate, she said, “I think it just made more sense for me to start something that was more for the professionals, because now I had been in the industry for two years.”

After reaching out to former students of the University of Houston and members of the student affiliate, Jamshed constructed a team to establish the Houston affiliate.

“Whether it was starting the student chapter, or whether it was starting the affiliate, you need to have like-minded individuals who are also interested in doing the same thing,” Jamshed says. “You need those leaders.”

Today, Jamshed is the President at the WiCyS Houston Affiliate, where they strive for women to be recruited, retained and advanced into the world of cybersecurity. Jamshed emphasizes the roles that cooperation and teamwork played in the successful establishment of the WiCyS Houston Affiliate, saying, “Thankfully, I had those women around me,” Jamshed says, “and that's how we started the Houston affiliate.”

Valuable insights for prospective cybersecurity leaders

“So what advice would I give to someone who is looking to get into the cybersecurity field? The very first one I will say is, be curious,” Jamshed says. “Be curious and explore cybersecurity.”

Jamshed believes that curiosity is a key element in a fulfilling and successful cybersecurity career. She mentions that many people seem to have preconceived ideas about what the field of cybersecurity looks like, and so they never investigate it further.

“I think the first thing that comes to their mind is, ‘it's a hacker sitting behind a computer in a dark, and he's trying to hack,’” she says. “That's not the only thing that you can do in cybersecurity. There's so many things that you can do.”

Another point Jamshed emphasizes is that a degree in cybersecurity isn’t always required to get a job in the field. Instead, she encourages those interested in the field to consider entry-level certifications that may get their foot in the door.

“If you look back 20 years or 30 years, at that time, there were no degrees that were even being offered for cybersecurity. And so, a lot of the professionals that we see here — senior professionals — they don't have degrees in in cybersecurity.”

She emphasizes the importance of research and preparing for the role you want, stating, “Once you come across something that really interests you, I would recommend looking up that role. And find out whatever those requirements [are]. What are the tools that are required as a part of that job?”

Finally, Jamshed highlights the value of mentorship. She believes that those who network with leaders in an industry or role they desire will see a lot of benefits.

“I realized the importance of mentors, and I was fortunate that I found these mentors,” she says. “So having mentors that can guide you and can be there to give you advice helps and goes a long way.”