Scorecarder Spotlight: Anna Livingston
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
Name: Anna Livingston
Role: Senior Solutions Architect
Tell us a little about yourself and your professional background.
I started my career as a cyber security headhunter for a third-party recruitment firm. After working in the industry for about a year I decided to make a move to the vendor space and started as a Business Development Representative with SecurityScorecard. When I expressed interest in moving to a Sales Engineering role it was definitely seen as a unique move for a BDR, but the team at SecurityScorecard was super supportive. I completed additional self-study to complete my Security+ and built skills around the platform before I started the role. Now I’m in my 3rd year as a Senior Solutions Architect and love each day of the job and the new challenges it brings.
In my personal time I like getting away from the computer and spending time outside, usually snowboarding, mountain biking, or just hanging out at the beach which is only a few steps away from my apartment.
What is the CISSP, and what made you decide to take this course and certification as part of your educational path?
CISSP stands for Certified Information Systems Security Professional. The CISSP certification demonstrates the ability to design, implement, and manage a cybersecurity program.
The CISSP exam covers a range of topics, including:
- Security and risk management
- Asset security
- Security architecture and engineering
- Communication and network security
- Identity and access management (IAM)
- Security assessment and testing
- Security operations
- Software development security
Since I started learning about cybersecurity, I’ve always been hungry to gain more knowledge. The CISSP is definitely seen as a “must have” within the industry so after completing a number of certifications (CEH, AWS certifications, SSCP, etc.), I felt that it was the appropriate next step. I’ve always really enjoyed the nitty gritty of learning how things work, understanding concepts such as how networks function or how a certain vulnerability can be exploited, but this test was a bit different. It was more focused on understanding risks and how to appropriately approach them from the lens of a manager. There was a lot more focus on understanding governance and compliance than previous exams I’ve taken. Even though it was different from previous exams, I wanted to try out this certification to test out some skills I hadn’t needed previously.
What key takeaways and learnings did you get from this experience?
During my day-to-day, a lot of my work focuses on solving problems for customers around our defined solutions and working with the SecurityScorecard products. Sometimes this can be a bit siloed when it comes to the world of security as a whole. The CISSP uses 8 domains to segment the content for the exam, they cover a number of topics such as Identity and Access Management, Software Development Security, and Security and Risk Management. Studying for this exam gave me a wider lens to view the security landscape versus what I encounter in my daily work at SecurityScorecard.
How will you apply this information to your role/to SSC?
Since the world of cybersecurity is constantly evolving, it’s important to stay on top of your education as a Solutions Architect to bring a wealth of knowledge to conversations with customers. Possessing an informed perspective about how things are changing in the industry and new challenges that are arising is critical. The customers we work with don’t just typically focus on SecurityScorecard all day long; they are usually responsible for a variety of tools and wear multiple hats within their organizations. Being informed about all security domains and having an understanding of how security managers make decisions will definitely help better understand problems that customers bring to the table.