Early days and how I got to where I am today
My job involves making sure that the systems and platforms that CGI builds and operates on behalf of our clients are secure. This requires me to know what information is processed and stored, and what might motivate someone to launch an attack to compromise such information (either by stealing or corrupting it). Assessing and managing information risks, and using that analysis to design and build the technical and procedural security to protect the information is, in essence, what a security architect does.
After 15 years as a civil servant, I moved into the corporate sector, starting with American Express before joining CGI. And I’ve made it my mission to manage information risk efficiently.
The impact we make
Some of my work is on behalf of United Kingdom Government departments. The information they store and process is amongst the most sensitive there is out there. Defending and securing this information is challenging but hugely rewarding. I feel that my team and I are making a positive difference to the lives of all UK citizens. At CGI we are motivated to play our part in securing the UK’s Critical National Infrastructure and in so doing protect our fellow citizens.
This is our focus, but by doing this we also enhance CGI's reputation, and this in turn opens up opportunities for the company as well as for our members.
A notable win
A current project involves us working to deliver better technology and information to UK law enforcement. Here, I lead a team of nine cyber security professionals. There is a need for speedy delivery - we have to assess and manage security risks promptly, enabling a really important project.
A major win came last Spring when we succeeded in moving our first ‘beta' products into operation in a very short time. Speaking with our end-user clients, I was delighted with their positive “more like this, please” feedback and encouragement. This is, after all, what we’re here to do: we ensure that security does not impede but enables.
The most interesting thing I’ve learned at CGI
As CGI consultants, we need to understand how our client’s business works as well as impart our technical discipline. This includes ‘bidding’ to potential clients. If we do not win new business, then our company doesn’t prosper.
The most interesting thing I’ve learned here is the design and delivery of a very large tender involving satellite systems with complex security requirements. It was super insightful to understand the risks, controls and oversight that goes into constructing bids and making sure they meet our client's requirements. As always, this was accomplished with the support of fellow members and access to a massive library of online support materials and ongoing guidance.
Giving back to my community
I am particularly happy that CGI enables me to give back to our community. My church provides extraordinary support to the homeless, refugees and other vulnerable people in the local community and I am delighted to use my skills to support them. This could be drafting security plans, ensuring that they can do everything they need to with tech support and, of course, ensuring the information they retain is secure. They would not normally be able to afford such services which makes me happy that I can contribute in a meaningful way.
Adopting new learning techniques
Working and learning online is very different from traditional classrooms. With instructor-led online courses, there’s always a temptation to look at emails or complete urgent work. When you do an online course that is self-paced, this creates flexibility but you could be tempted to ‘skip through’ to the end.
I’ve found ways to overcome the challenges presented by new learning techniques through personal discipline. I treat courses as a learning privilege and approach them with humility, treating them with the utmost respect, refusing distractions, and staying resolutely focused.
Being a security architect has been immensely fulfilling. Hopefully, this gives you a glimpse into what this might look like for you. For open roles, please head to our careers page.