Career Notes 8.8.21
Ep 61 | 8.8.21

Alyssa Miller: We have to elevate others. [BISO]


Alyssa Miller: Alyssa Miller, Business Information Security Officer for S&P Global Ratings.

Alyssa Miller: I need to go back to when I was really young, but I laugh because this was definitely not the career I saw myself landing in. I mean, there was a time, I wanted to be an astronaut , a fighter pilot , a lawyer. Ultimately I enrolled in university initially in a pre-med major. Three semesters of college level chemistry later, what, can I change my major to a year and a half into this? And that's when I stumbled across computer science.  I had been hacking computers since I was 12, and programming even longer than that. I changed schools and major to get into more of an MIS degree to bring in more like the business side of it.

Alyssa Miller: I was that little four year old who took all her toys apart to figure out how they worked or to just see if I could take them apart and put them back together. I wanted to see how things were constructed. Like how does this actually work? Like this is a really cool thing.

Alyssa Miller: I was still in college when I got my first full-time tech job. I'm in the middle of a degree program in computer science. I knew how to program already. Companies were desperate for programmers, so I actually landed with a large financial services company  as a programmer on their electronic payment systems. That was really my start. When you're, you know, 19 full of piss and vinegar, it's kind of a weird culture shock moving into that world while you're still in college. 

Alyssa Miller: I worked for that original company for 15 years. After nine years, I got asked to join their penetration testing team, which is how I finally actually landed in security. I, had been hacking computers since I was 12, but never realized that that could be a career. I dropped into that role and honestly accelerated pretty fast . By the time I was 31, I was leading the entire vulnerability management program and security testing program for a Fortune 200 financial services company. After 15 years, I kind of seen enough of financial services. I wanted to know what the rest of the world was doing so I got into consulting. 

Alyssa Miller: I joined a reseller in their security consulting and leading that practice and had some challenges, honestly, from a career perspective. Specifically, I got passed over for a promotion that the incumbent who was leaving had recommended me for to multiple levels of the org. Things where I didn't feel like I got treated fairly. That really kind of crushed my self confidence. And so I kind of took a step back, got into an individual contributor role as an application security consultant, which was great. My goal was I was going to focus on the public speaking side that I was really enjoying. I was going to travel internationally a whole lot more. And then three months after I joined the organization, this little thing called COVID popped up.

Alyssa Miller: This role where I'm at now, this business information security officer role at S&P came up just through my network that I have developed on social media. It was an opportunity to do something really amazing to take over security leadership for an entire division of S&P. And to be able to jump into that role was a pretty exciting change.  

Alyssa Miller: My leadership style actually can be summed up in an article I wrote on LinkedIn and  the title of it is "Bosses demand, leaders inspire." I learned this from my very first salary job. And that's really my goal. I mean, I want to hire people who are intelligent, who have potential to grow and to be amazing and wonderful. I want to help them be amazing and wonderful because the more amazing and wonderful. The better I can do my job. I view myself as the one, that's there to give them a vision, give them some direction with some objectives. And leave it to them to really drive us forward and challenge me when they think that direction isn't the right way to go, or they think, you know, we should accomplish it in a different way.  You work for the company you work with me.

Alyssa Miller: I'm a big proponent that we have to elevate others. The, the cliche of, you know, the rising tide raises all ships. It's true. My focus has always been on the security community, right? I mean, I'm, I'm a child of hacker culture. I'm hearing that from people in the community that, you know, the efforts that I and others are making are having an impact on them.  The reality is there are so many people in this community now who are just committed to really trying to elevate others and really help improve the welcome nature and the diversity quite honestly, of this space. I say this a lot. Infosecurity is about problem solving. It's not about technology and to improve problem solving, you need those diverse perspectives You can talk diversity of thought all day long. But diversity of thought does not come from having 20 white male CIS heteros in a room. They can't speak to the experience of a black woman or a Hispanic man or a transgender woman. We can't deny that you know, the culture you come from shapes your experiences in a very real way.  We need those varying perspectives and you will not get that when everyone in the room looks the same.

Alyssa Miller: It can be hard to navigate. How do I go in there and have a conversation in their language and approach things their way without necessarily compromising my ideals and you know, how do I stay true to myself?   We need to be able to understand their motivations, speak to their motivations and show them how we bring value to what it is that's most important to them because that's how we're going to get, you know, security to be a higher priority and to be addressed the way that we all know it, it needs to be done.