Name: Shashana Campbell
Title: Manager, Cyber Risk Advisory
Employer: Grant Thornton LLP
Location: Philadelphia, Pennsylvania, U.S.A.
Education: Master of Science in Information Systems from Drexel University and Bachelor of Science in Management Information Systems from Pennsylvania State University
Years in IT: 7
Years in information security: 7
Cybersecurity certifications: CISSP, CISA
How did you decide upon a career in cybersecurity?
I began my career in risk consulting, providing IT Auditing and Advisory service. I think once you build a foundation in understanding, assessing and implementing IT security controls, the next step is learning how to further strengthen those controls and protect your efforts. It was really an exciting way to further bring value to my clients and to expand my knowledge and skills.
Why did you get your CISSP®?
I wanted to expand my knowledge and thinking to truly understand effective security as it relates to protecting an enterprise and its assets. To me, the CISSP is unique in that it extends beyond the technicalities and focuses on the application of that knowledge and tools to actual on-the-job issues and risks. It allows you to effectively and efficiently identify risks in order to evaluate how to mitigate them.
What is a typical day like for you?
I am a consultant and as such, there is no “typical” day – each assessment varies. I am constantly juggling multiple projects and clients and at times, I am assisting with different security goals and concerns. The one thing that could be considered typical is that I am always facilitating meetings, both internally and with my clients. My main objective is to understand my clients’ business and their concerns, because without that I cannot begin to offer tailored solutions.
Can you tell us about a personal career highlight?
One highlight in my career would be a recent recognition from a client who told me they thought of me as a trusted advisor who puts their best interest and security goals first. That gave me a sense of fulfillment and made me think that I am truly upholding the values of my profession.
How has the CISSP certification helped you in your career?
The CISSP is a recognized certification and that common body of knowledge really sets the stage for interacting with others. Once it became known that I had my CISSP, other professionals in the field, as well as new clients, began to approach me with the confidence that I would at least understand certain topics and be able to speak to aspects of their environments and discuss various security concerns.
What is the most useful advice you have for other cybersecurity professionals?
I believe that in our evolving profession, we should never get too comfortable. We should always strive to be better and never stop in our quest for learning. This is an exciting, fun and challenging career path that is always changing, and therefore requires a certain level of commitment. We must never assume, and always make sure we truly understand the threats and risks so that we can properly address them.
Interested in becoming a CISSP? Find out how to certify.