Blog
CISSP Spotlight: Samana Haider
Name: Samana Haider
Title: Manager, Forcepoint Security Labs
Employer: Forcepoint
Location: Dublin, Ireland
Education: MSc Computer Science
Years in IT: 15
Years in cybersecurity: 7
Cybersecurity certifications: CISSP
How did you decide upon a career in cybersecurity?
I started my career in IT in the education sector where I was a lecturer at a university back home in Pakistan. I started working in HP managing SAP administration. I got the opportunity to work with one of the leading Irish banks where I was responsible for implementing security controls for SAP administration and ensuring SOX compliance. The security aspect of that job was always fascinating and exciting for me which lead me to work in a security operations role with the bank’s fraud department. I was eager to learn new skills about dealing with threats that are out there. This passion lead me to expand my skills and knowledge in security domain and then I started working for Forcepoint.
Why did you get your CISSP®?
The CISSP is a well-recognized certification that can back your skills as a security expert in the domain. I thought it would give me the edge to advance in the ranks, and would endorse my commitment to be a security professional. Also, I wanted to fully understand the era of security not just limited to my job. The six-hour long exam sounded challenging, and I love a challenge. I decided to lock myself in and just self-studied and passed the exam. A lot of credit also goes to my family for their support during my studies.
What is a typical day like for you?
I manage a team of highly professional and technical security researchers, so a typical day for me varies a lot. Besides providing leadership and direction to my team, a typical day involves malware analysis, researching threats and reviewing competitor’s strategies/blogs which is key to staying on top of what’s happening. A typical day for me also involves writing analytics and signatures to update our product’s protection proactively. I also deal with high-end escalations, as well as helping our colleagues in sales with technical assistance.
Can you tell us about a personal career highlight?
I want to share this ordeal: one of our existing client wanted to move to a different security vendor and contacted us in Security Labs through our sales. The task was to provide distinctive incident logs on how our product would be the best solution for what they required and that would distinguish us from our competitors.
I took this challenging task upon myself and was supported by one of my colleagues. I analysed the logs and correlated the information against the protection we provided them, mapped threats to the threat life cycle and prepared a report showcasing our value to them as our customer, i.e. how we protected them from various threats on a day-to-day basis and what the consequences can be if the protection is not there. This really impressed them, and as a result we won the deal back. The log analysis report which was done by me, became very popular and is being used extensively by our sales team to win back clients. I presented my analysis method and techniques to my colleagues in the U.S. as well and they too have adopted it.
How has the CISSP certification helped you in your career?
It has helped me a great deal in better understanding different domains and having insight to the required technical knowledge which has helped me when working on different projects within my current role. I understand the technical terms, and am able to better manage and communicate with different stakeholders including engineering and DevOps. It has helped me communicate complex requirements and actions in layman terms when necessary.
Last, but not least, since passing the CISSP exam I have attracted the attention of employers and recruiters along with their respect, which provides great self-satisfaction. It has greatly enhanced my self-esteem as a security professional.
What is the most useful advice you have for other cybersecurity professionals?
Cybersecurity is the future so we need to prepare ourselves TODAY for a better and SECURE TOMORROW. With the advancement of IoT, more and more companies adopting cloud solutions leading to data privacy and security concerns and the innovative ways in which cyber criminals are attacking, requires organizations to be well prepared. We as cybersecurity professionals are at a critical juncture, facing challenges to stay ahead of the cyber criminals. We need to position ourselves in a way where we work together as a community, sharing knowledge and constantly innovating to stay ahead of these gangs, thwarting any attacks that come our way.
Do you have additional thoughts to share?
I would like to make a comment on the gender inequality issue that our cybersecurity industry is facing. I would strongly suggest women joining the cybersecurity workforce. I am considering personally volunteering to reach out to local schools and colleges and share my experience with young girls and women to encourage them to consider cybersecurity as their chosen career.
Aspiring to be a CISSP? Download the Ultimate Guide to the CISSP .