Jolin John, CC, shares her career journey experience and how she is using skills from her former role as she pursues a new cybersecurity career path.

Jolin John, CCIn my current role as a manager in cybersecurity compliance, I’m responsible for handling the standards refresh management, ensuring our segment stays ahead in the ever-evolving landscape of cybersecurity regulations and best practices. I’ve been in this position for a year now, but my journey in cybersecurity began much earlier.

Prior to stepping into compliance management, I spent nearly seven years as part of the anti-fraud team. My primary task was to prevent and detect Account Take Over (ATO) fraud within our contact center and operations team. This role was both challenging and immensely rewarding. Our team successfully maintained a ‘zero money out the door’ streak, a feat achieved through the careful selection and implementation of operational controls and monitoring tools. We also focused on creating awareness among customer service representatives, training them to identify red flags during calls and disbursement requests.

Securing customer accounts gave me an immense sense of accomplishment, especially since the majority of our clients were over 65 and particularly vulnerable to fraud. The work we did not only protected our clients' finances but also their peace of mind. This experience deepened my commitment to cybersecurity and sparked my interest in broader controls implementation. I wanted to become a subject matter expert (SME) contributing to the drafting of different standards and policies, ensuring that we not only comply with regulations but also go above and beyond to secure data and ensure its appropriate use.

Recognizing the need for formal credentials to advance my career, I decided to pursue the Certified in Cybersecurity (CC) certification from ISC2. Coming from an accounting and sales background, I lacked extensive technical knowledge in cybersecurity. This certification was the perfect stepping stone to bridge that gap and establish my credibility in the field.

Preparing for the certification was a rigorous process. I balanced my work responsibilities with studying, using a variety of resources, including study guides, online courses, and practice exams. The most challenging aspect was grasping the technical concepts that were entirely new to me. However, the structured learning path provided by the certification program helped me build a solid foundation in cybersecurity principles and practices.

Earning the CC certification has been a pivotal moment in my career. It has not only validated my knowledge and skills but also opened doors to new opportunities within my organization and the broader industry. I now feel more confident in my ability to contribute to cybersecurity initiatives, particularly in the areas of compliance and policymaking.

Looking ahead, my goal is to continue expanding my expertise by earning additional certifications. I’m particularly interested in pursuing a role in cloud security architecture, where I can leverage my compliance background to design and implement secure cloud solutions. Policymaking remains a passion of mine, as it involves creating a delicate balance between generating revenue and ensuring robust security measures.

In summary, my journey in cybersecurity has been one of continuous learning and growth. From preventing fraud to managing compliance standards, each step has reinforced my commitment to protecting sensitive information and supporting my organization’s security objectives. The CC certification has been instrumental in this journey, and I am excited about the future possibilities it has unlocked for me.

Jolin JohnCC, has 13 years of experience in various key areas within the financial services and insurance industries. She has held business development, risk management, privacy and cybersecurity governance roles, with responsibilities for client relationship management, Account Take Over (ATO) investigations and operational controls implementation. Her cyber security work spans a little over a year in governance oversight ensuring compliance with standards and protecting organizational data.