From Administrative Assistant to Senior Security Analyst

In the rapidly evolving world of cybersecurity, representation, resilience and continuous learning shape the future of the field. Few stories capture this more powerfully than that of Alexis Sands, CC, a Senior Security Analyst at ISC2, who has spent more than 16 years growing within the organization and helping secure some of the industry’s most critical initiatives. Her career path - from administrative assistant to a trusted cybersecurity leader - is a testament to the power of mentorship, advocacy and courage.

 

Sands began her career at ISC2 not in a technical role, but as an Administrative Assistant. Over time, exposure to seasoned professionals and hands‑on projects sparked her interest in cybersecurity. Working in an organization with its finger on the pulse of the cybersecurity workforce, she began to see how her analytical strengths could align with technical problem‑solving. That realization became her launching pad.

Her transition was not an overnight leap. Instead, it was shaped by curiosity, mentorship and consistent exposure to cybersecurity environments. By surrounding herself with professionals who believed in her potential, Sands built a solid foundation that led her into a formal security role and, eventually, senior leadership.

How Mentorship and Sponsorship Shape a Career

For Sands, mentorship wasn’t optional; it was transformational. Mentors shared real-world perspectives, challenged her thinking and offered the feedback needed to grow. But just as important to her journey were her sponsors, those leaders who actively advocated for her when new opportunities arose.

Beyond individual relationships, ISC2’s environment of learning added momentum. Alexis benefited from:

• Professional development programs
• Advanced cybersecurity training
• Conferences and industry events
• Cross-functional collaboration opportunities

These experiences broadened her understanding of security challenges and helped her connect cybersecurity strategy to broader business goals.

The Skills that Matter Most in Cybersecurity

According to Sands, cybersecurity success is about far more than deep technical knowledge. The most essential skills include:

1. Analytical Thinking – understanding risk, identifying threats and seeing beyond surface symptoms
2. Clear Communication – translating technical details into business impact
3. Stakeholder Management – influencing decisions and building alignment across technical and non-technical teams
4. Collaboration and Leadership – driving security initiatives in partnership with cross-functional groups

To refine these capabilities, Sands seeks feedback, mentors others and regularly participates in tabletop exercises, alongside other professional development experiences. She also stays current with emerging technologies and evolving attack techniques, as well as professional certifications. Sands earned the Certified in Cybersecurity credential and is working toward the SSCP.

The Reality of Being a Woman in Cybersecurity

For Sands, one of the most misunderstood aspects of cybersecurity is how much of the work revolves around influence and communication, not just technical depth.

“There’s a common misconception that success in cybersecurity is purely about being the most technical person in the room,” said Sands. “In reality, the ability to explain risk, justify priorities and influence decisions across the business is just as critical. For women, this can be challenging when expertise is questioned more frequently or when contributions are overlooked until echoed by others.”

Sands emphasizes that diverse perspectives aren’t just “nice to have”—they make cybersecurity teams stronger and more effective.

Building a More Inclusive Cybersecurity Workforce

We asked Sands what makes her feel positive about the future for women in cybersecurity.

“More women are stepping into senior technical, leadership and decision-making roles. This creates powerful representation and clearer pathways for those coming up behind them. Seeing women lead security operations, architect complex systems and influence policy is changing long-held perceptions about who ‘belongs’ in cybersecurity.”

Representation is one of the strongest catalysts for long-term change. When women see other women succeed, it creates pathways and confidence for those beginning their journey.

Advice for Women Pursuing Cybersecurity

Sands' message is clear, direct and empowering: “Don’t wait until you’re 100% ready. Go for it!” Confidence is built through opportunity, not the other way around. Alexis encourages women to get hands-on experience early in their career, find mentors and sponsors who can help guide you and accelerate your growth and earn certifications.

Global 50x50 Women’s Summit Taking place on March 18, 2026, the Global 50x50 Women’s Summit is a virtual event which will bring together women and allies from every corner of the cybersecurity ecosystem to explore how inclusive leadership, intentional sponsorship, and meaningful mentorship open doors to opportunity and reshape the talent pipeline. Supported by ISC2 and The Centre for Cyber Safety and Education, this event builds on the work of the Global 50x50 Initiative towards a future where women make up 50% of the cyber workforce by 2050. The Summit will highlight the actions needed to create a more resilient and sustainable cybersecurity workforce for all. By attending this live event, you are eligible to receive 3.5 CPE credits. Additional credits can also be earned with on-demand viewing. Find out more and register now.