Name: William Davies
Title: Senior Technical Security Architect
Employer: Vodafone
Degree: B.Sc. (Honors) Computing and Information Systems
Years in IT: 15+
Years in cybersecurity: 9
Cybersecurity certifications: CCSP, CISSP, CESG Certified Professional – Senior Information Assurance Architect, CESG Certified Professional – Senior Security & Information Risk Advisor, BCS Practitioner Certificate in Information Assurance Architecture, formerly CESG Listed Advisor (CLAS)
How did you decide upon a career in cybersecurity?
I studied for a B.Sc. in Computing and Information Systems at university, before the time of high speed internet connectivity, when chats via IRC and online gaming were considered geeky, not cool. It was here that I established that IT security in general was poorly represented, despite being a fundamental requirement of any information system. In my early career, I focused heavily on ensuring good security became a fundamental part of the systems I interacted with.
Why did you get your CCSP®?
As a security architect providing advice and guidance, it is vitally important that I can speak from a position of authority, backed with certification. The CCSP certification is an important factor in demonstrating to those I interact with that I have formally been recognised by a reputable body as a subject matter expert in this field.
What is a typical day like for you?
My day job involves providing technical security architect guidance and risk management to design, build and run a number of protectively marked U.K. HMG Public Sector IT systems that Vodafone are contracted to operate. I’m also heavily involved with the security architecture as part of the development of new services and products for internal Vodafone systems and enterprise customers.
The main challenge is the ever changing landscape of threat to the confidentiality, integrity and availability of the customer information assets that I’m responsible for maintaining as part of my role.
Can you tell us about a personal career highlight?
In April of this year, Vodafone were accepted into the U.K.’s CESG Certified Cyber Security Consultancy scheme. It was my application and successful interview as the senior security architect that enabled this. Vodafone was the first telecommunications business to be certified under the scheme, one of only a small number of organisations that have so far achieved this gold standard. This is of huge benefit for my personal reputation within the cybersecurity industry, as I am responsible for overseeing all work carried out under this scheme.
How has the CCSP certification helped you in your career?
CCSP certification has provided new skills and knowledge to apply to both new and existing services offered by my employer, Vodafone, ensuring that cybersecurity is built in from the ground up.
The CCSP allows me to carry out my role with professionalism, and to gain recognition from colleagues, customers and the IT security industry. It was a key part in demonstrating my expertise and professionalism during the application to join the U.K.’s CESG Certified Cyber Security Consultancy scheme.
What is the most useful advice you have for other cloud security professionals?
I believe it is vitally important that all cloud security professionals spend some hands-on time with those that design, build and support IT services. Knowing how they operate, their environments and key challenges enable a cybersecurity specialist to tailor the most cost effective, pragmatic and safe solutions. It also builds trust with those that design, build and operate a service - trust that enables good informed risk management for the life of a service.
For more information about the Certified Cloud Security Professional certification training seminars, visit https://www.isc2.org/ccsp-training/default.aspx.