Sharon Stephens, CISM, CEH, CDPSE

I attribute my success to hard work and a strong desire to succeed. It hasn't always been the easiest, and there have certainly been roadblocks and times where I've been told no, whether it was a particular job or maybe I didn't get the position that I'd hoped for. But I still believed that I had the skills and the attributes and determination to keep going. I also think it's important to align yourself with those that can champion on your behalf when you're not in the room. That's made a real difference in my career.

The best career advice I've ever received is an old saying: it's not necessarily what you know, but it's who you know. This really hit home for me when I landed my position at Dell Technologies. It was because of someone I had worked with 20 years prior who remembered me. As Dell was standing up a new cybersecurity professional services practice, this person came across my profile on LinkedIn and reached out saying they didn't know if I remembered them, but we had served together in the military 20 years ago. They told me I had done this really emotional intelligence thing and helped them in a situation with some of their paperwork, and they always had fond memories of me for helping them out through that tough situation. They saw I was doing cybersecurity and getting ready to exit the military, and asked if I wanted to have a conversation about joining Dell. We had a 2-hour conversation that day, which led me to an interview with the hiring manager, and that's how I started my career at Dell after I retired from the military. So building and maintaining those relationships really matters.

I do a lot of mentorship with different individuals, and what I've found most challenging is that it's super difficult in the market for entry-level security professionals to make it past the recruiter's scan and even just get an interview. All these organizations say entry-level, but they're really looking for some level of experience. So how do you make yourself seen and visible against those challenges? I try to be creative and offer suggestive advice. First, go out and find an internship and build those relationships, because that's potentially going to lead to an interview to land that job. If that's not an option, look for volunteer opportunities where you can expand upon your academic knowledge and include some practical work experience. And third, pursue IT certifications. Just having a degree isn't enough, because you're being compared against those that have IT certifications. These are practical ways to gain credibility and stand out in a competitive market.

AI is the biggest challenge in my field right now. I'm a defender of the network, and AI can be a problem. If you think about threat actors across the globe, it's pretty easy for them to breach into a network. It's kind of like an ant coming into your house - how do you keep an ant out of your house? It's very difficult. And with the leverage of AI in today's environment, it makes that challenge exponential. You have to defend AI by countering with AI from a defensive mechanism. So what we're really focused on is how do we securely integrate AI adoption and cybersecurity defensive strategies without introducing more vulnerabilities or holes that threat actors can exploit. That's the real challenge we're facing.

Organization is super key for me - it's something I pride myself on, and I look for those attributes in others. I also value a strong work ethic, being reliable and accountable, and having good communications skills. Even if you have a bad message to convey, strong communication skills are foundational. And I think having an eagerness and willingness to learn is critical. We can't stay stagnant, particularly in the IT field. It's continually evolving, and AI is making that evolution happen at an even more rapid pace, so you have to be committed to continuous learning.