11 minute read

Parul Mittal

Senior Manager - Tech Risk at Bendigo and Adelaide Bank

Parul Mittal landed in Melbourne from her native India in 2014 with her husband, and not much else: no relatives, no friends, no job and, without permanent residency, no immediate hope of getting one.

“I realised how alone one is without family, friends and a job, she says. “But I learnt that if you’re authentic, people will value you and will want to build relationships with you.”

Mittal used her time waiting for permanent residency productively: she studied for and passed the CISSP exam and worked to develop her network. “I attended IT security conferences and forums to get to know more people around me. It was an interesting time where I had to build my network from scratch, and it was not easy.”

However, she has succeeded in spades. She gained her first IT job, as a senior risk consultant in financial services with EY, within a year of arriving. Today she is Senior Manager – Tech Risk with the Bendigo and Adelaide Bank and a SheLeadsTech brand ambassador, working to increase the representation of women in technology leadership roles and the tech workforce through mentorship, professional development and leadership training.

“I want to bring a change in the mindset of people that IT security is not just a man’s place,” she says. “With my initiative in SheLeadsTech, I target to bring that change with more participation in events like GoGirlGoIT, or a session on how STEM can pave a way forward for young girls, especially in the field of science and technology.

“Women’s perspective is missing. We need to make women more aware of what cybersecurity is and what a career in it could mean to them. This awareness should start from the schools and not when women start looking for jobs, then it could be quite late.”

A BIG ROLE IN BANKING

Mittal’s role at the Bendigo and Adelaide Bank is “to drive governance, oversight and continuous improvement of the technology risk management practices of the business and first line risk teams,” she says.

“This includes supporting the oversight and continuous improvement for the frameworks, policies, procedures and tools; providing challenge, influence and oversight of technology risks, controls, and processes; providing independent monitoring and reporting over the technology risk profile of the bank; providing technical support and advice on technology risk; and working effectively with stakeholders to ensure technology risks are monitored and escalated as per the risk management framework.”

While Mittal might have arrived in Australia without a network, she came well-equipped with qualifications and experience: an MSc in computer science, an MBA in information technology and experience as a senior consultant with Genpact Axis Risk Consulting, based in Mumbai. In that role, she travelled the world, providing services to some of the world’s largest companies. “Travelling and working across the world made me more confident and a strong communicator,” she says. “It removed biases I had about different people and cultures and made me more of a people person.”

AN IMPORTANT FIRST MENTOR

Her first job after completing her MBA was with ICICI Prudential Life Insurance, also in Mumbai, as a project manager providing advice on internal control process compliance. It was there that she encountered the Sarbanes-Oxley Act (SOX), and her first mentor. “He built my foundation on work ethics, which I still value to this day, and I am still in touch with him,” she says.

This role also determined her future career path. “I would say my first job paved the path forward for me and since then, I have worked across all lines of defence. I got introduced to the world of SOX, audit etc. It was a different facet of IT, which I had not encountered before. It was a great learning experience in terms of what risk and controls are and why these need to be assessed and why they are critical to be analysed.” She embarked on her IT career because it seemed like a good idea at the time. “During the early 2000s a couple of us decided to pursue a degree in computer science without much background, because IT and computers were quite the buzzwords then. Everyone who got into it seemed to have a bright future. So our parents happily agreed.”

Her transition from studying IT to employment in IT was rapid and led her into cybersecurity. “I was recruited on the university campus. My aspirations at that point were to become successful in my job. I had no specific expectations. I did not choose the field of risk and security when I started my first job. My boss did that for me, and I cannot thank him enough. I was just happy to have landed a job in a good organisation while I was still on campus, studying.

A CAREER IN CONSULTING

Mittal says, since that initial role, the majority of her work experience has been in consulting. “I can say that this has transformed me. It made me more conscious of the impact I was making on organisations and how I was enabling them to achieve their strategies. Whether this was restricted to the delivery of client’s work or the decisions I took on behalf of the organisations, this enabled me to be self-aware and more focussed on what I wanted to achieve with my career.

“Today, I’m in a leadership role with a big bank and with senior executives relying on my acumen to make wise decisions for the bank based on overarching strategies.”

www.linkedin.com/in/parul-mittal-cisa-cissp-88718154

TALENT BOARD

Gabriela Guiu-Sorsa

WHAT POSITIONS ARE YOU LOOKING FOR?

Cyber Security Consultant, Information Security Analyst (Operational)

PREFERRED STATE

Queensland

WHAT KIND OF ROLE?

Cyber Security Governance, Risk and Compliance (GRC) or operational roles that will enable acquired skills from previous roles, I am ready to learn new things.

WHAT'S YOUR EXPERTISE?

Flexible, resilient, agile learner and curious professional with strong work ethos, excellent problem-solving ability; solid experience in governance, risk and compliance, incident management and response in various industries, +15 years in operations management, process improvement and premium service delivery.

ISMS implementation projects and gained exposure to ISO 27001 and 31000, supporting government organisations, critical infrastructure such as mining, health care, education and private business to achieve cyber resilience and protect their most valuable assets. I have gained experience in developing and reviewing organisational security standards, policies and procedures, regular audit procedures, practices, processes and systems.

ISF, CSF, IS18 and NIST frameworks always crossed paths in each project when supporting government organisations, critical infrastructure such as mining, health care, education and private business to achieve cyber resilience and protect their most valuable assets by creating Standards, Policies, Procedures and Guidelines for security controls operationalisation. In my past work experience prior cyber security consultancy, I have been exposed to Business Continuity Plans in Maritime sector – where I have been actively involved and managed security incidents, disaster management such as floods, fire, life loss, Incident and Evacuation Exercises, large evacuations via shore or water.

This experience now translates into very valuable soft skills – critical thinking, working under high pressure, decision-making capabilities, empathy.

Facilitation of workshops, seminars, working groups, public speaking are situations where I feel extremely comfortable as well.

DM ON LINKED IN

WHAT'S YOUR IDEAL WORK ENVIRONMENT OR BENEFITS REQUIRED?

Team oriented environment, where professional development and continuous learning is encouraged and supported. I acknowledge after my first 14 months of cyber security experience, there is so much more to learn, I have the drive, determination and curiosity to step into new cyber topics and I am acquainted with hard work.

I bring real world experience from the various industries where I have worked previously, especially from the maritime industry, where I have learned problem solving, resilience and flexibility, working well under high stress and having the clarity of making decisions under high pressure circumstances.

I am looking forward to what the future will bring, embracing new technologies, new certifications and new knowledge to add value to an organisation where passion, integrity, professional development and team work are supported and encouraged.

Manavjeet Kaur

WHAT POSITIONS ARE YOU LOOKING FOR?

Full time/ Contract

PREFERRED STATE

NSW (Sydney, or remote/ flexible)

WHAT KIND OF ROLE?

Information security analyst/ Cyber Security Analyst, Security awareness training Specialist. Cyber Security Consultant.

WHAT'S YOUR EXPERTISE?

Dynamic, resourceful, and engaging technical professional with solid knowledge of Programming languages/Platforms including Java, Android, Python, Unity, C#, and C /C++, Data Visualisation, and Business Analysis. I have more than twenty years of leadership experience in process improvements, product lifecycle management, and building training/education programs from the ground up based on specific needs. I have designed and delivered Cyber Security awareness courses at Australia's university and RTO levels.

DM ON LINKED IN

WHAT'S YOUR IDEAL WORK ENVIRONMENT OR BENEFITS REQUIRED?

I have worked in various environments, from casual and laid-back to fast-paced agile. I believe in a collaborative environment, where the team members have a strong sense of camaraderie and a good work ethic, an environment that helps transfer knowledge into skills for individual and organisational growth.

Grace Imani

WHAT POSITIONS ARE YOU LOOKING FOR?

Contract, Part-time and Full-time

PREFERRED STATE

I love Perth however for the right position I will willingly relocate.

WHAT KIND OF ROLE?

Information security analyst, Risk management professional, SOC analyst (I have developed an interest in this area and I'm slowly upskilling). I am looking for a role that provides some guidance that coupled with my passion and determination will help me grow as a professional.

DM ON LINKED IN

WHAT'S YOUR EXPERTISE?

Cyber security, Analytics, Problem-solving, Machine learning, Project management, Customer service

WHAT'S YOUR IDEAL WORK ENVIRONMENT OR BENEFITS REQUIRED?

An environment where you feel motivated to grow and improve. A place where everyone is welcome. A place where your superiors not only delegate, but also lead.

TALENT BOARD

Liam Harmon

WHAT POSITIONS ARE YOU LOOKING FOR?

Full-time, Part-time or 1-2 days training / volunteer work a week.

PREFERRED STATE

Queensland

WHAT KIND OF ROLE?

Open to anything, ideally cloud/cloud security.

WHAT’S YOUR EXPERTISE?

Many years experience in customer service and print production/management. All my time in the print

DM ON LINKED IN

industry has refined my eye for detail and quality and has grown my interpersonal and relationship building skills.

WHAT’S YOUR IDEAL WORKPLACE ENVIRONMENT OR BENEFITS REQUIRED?

My ideal work environment is where people are doing their best, passionate to improve and willing to help each other showing a good team spirit. Training and support from colleagues and employer, as well as some flexibility in the work structure.

Saber Attar Motlagh

WHAT POSITIONS ARE YOU LOOKING FOR?

Cyber Security Forensics, Information Security Analyst/Cyber Security Analyst

PREFERRED STATE

New South Wales

WHAT KIND OF ROLE?

I am interested in roles that are more on the investigative side of Cyber Security, for example, roles looking at attacks that happened or trying to analyse/ predict future attack methods. However open to most roles in the cybersecurity world.

WHAT'S YOUR EXPERTISE?

I have worked in the IT industry for 3 years now (despite only being 22). This includes time spent working in Level 2 support at a bank in Australia and working as a web designer/SQL developer for a small IT firm. However, I am more interested in Cyber Security and I graduated with a Bachelor of IT majoring in Cyber Security. I am in the process of studying Comptia's Security Plus.

REACH OUT ON EMAIL

WHAT'S YOUR IDEAL WORK ENVIRONMENT OR BENEFITS REQUIRED?

An ideal work environment would be one that is expecting and pushes me to be my best, but also relaxed and not super rigid in structure. Room for growth is very important to me and hybrid work (home/office) is preferred but not essential. No specific benefits are required.

IN EACH ISSUE WE WILL PROFILE PEOPLE LOOKING FOR A NEW ROLE AND PROVIDE DETAILS OF THEIR EXPERTISE. IF ANY MEET YOUR REQUIREMENTS, YOU CAN CONTACT THEM VIA LINKEDIN.

Al Mamun Mahbub

WHAT POSITIONS ARE YOU LOOKING FOR?

Preferably mid-level. Full-time

PREFERRED STATE

Victoria

WHAT KIND OF ROLE?

Any cybersecurity position, if relevant training is offered.

DM ON LINKED IN

WHAT'S YOUR EXPERTISE?

13+ in IT, new to security

WHAT'S YOUR IDEAL WORK ENVIRONMENT OR BENEFITS REQUIRED?

Hybrid work environment

Priya Kaul

WHAT POSITIONS ARE YOU LOOKING FOR?

I’m looking for an entry-level role

PREFERRED STATE:

Victoria

WHAT KIND OF ROLE?

Blue team roles

DM ON LINKED IN

WHAT’S YOUR EXPERTISE?

I possess a high level of stakeholder management and analytical skills

WHAT’S YOUR IDEAL WORK ENVIRONMENT OR BENEFITS REQUIRED?

Flexible working environment and option to Work From Home.

Arthur Mapisa

WHAT POSITIONS ARE YOU LOOKING FOR?

Full-time, part-time or casual

PREFERRED STATE

NSW ACT SA TAS VIC

WHAT KIND OF ROLE?

Cybersecurity Consultant, Security Assurance Analyst, Penetration Tester, Cybersecurity Analyst, Cybersecurity architect or similar.

DM ON LINKED IN

WHAT’S YOUR EXPERTISE?

Entry-level Vulnerability management, Medium-level Web security, Entry-level penetration testing, Entry-level IT Governance and Risk compliance.

WHAT’S YOUR IDEAL WORK ENVIRONMENT OR BENEFITS REQUIRED?

An environment where I can work well as part of a team and express my innovative skills

This article is from: