2 minute read
Joyce Tiwari
Information Security Manager at Tarabut Gateway
Joyce Tiwari spent ten years as a senior infrastructure engineer with NHS Professionals, a UK Government-owned company that provides staff to the UK’s National Health Service. In that role she encountered the security challenges of cloud computing services, which led to a change of career path into cybersecurity.
“Cloud was easy. You could get an environment set up in minutes, but what we were missing were the right levels of access control, port misconfigurations etc,” she explains. “As I started cleaning up environments, setting up security groups, assigning roles etc, my interest in security grew.”
So she decided to study for ISACA’s Certified Information Security Manager (CISM) qualification. The first COVID lockdown provided the opportunity and a copy of the CISM guide by Peter H Gregory and the audio book by Phil Martin provided the means.
“I love reading and listening to books. That’s usually the best way for me to gauge if I like a given subject,” she says. “I listened to the book whenever I got a chance and used my wardrobe doors as a whiteboard to make notes if I wanted to read further about a topic etc.”
BECOMING ISO27001 CERTIFIED
With the CISM certification under her belt Tiwari went on to gain the International Board for IT Governance Qualifications’ (IBITGQ) ISO27001 Certified ISMS Lead Implementer (CIS LI) qualification, which required a different approach. “My ISO27001 exam preparation was different. There were no audio books. I decided to record my own notes, so I could listen to them on my walks around the garden.”
Having gained cybersecurity qualifications Tiwari took on a security architect role at NHS Professionals before moving to her current role of information security manager at Dubai headquartered Tarabut Gateway. She is based in Watford UK, just north of London.
The company claims to be the largest open banking platform in the Middle East and North America. It provides a set of open APIs that, “allows money and information to flow securely, instantly, and at a low cost.”
Tiwari says, because Tarabut provides services in multiple jurisdictions, “there are different cybersecurity frameworks we need to comply with, which is a little challenging but interesting at the same time.”
To meet this challenge Tawari has built her own mapping between ISO27001+ NIST and CFSs of the region.
She has no regrets about making the shift from infrastructure engineering into cybersecurity and was well-supported to make the transition. “I feel very blessed, as I had the guidance I needed right at home when I decided to make the move. When I spoke to my husband about planning to move to InfoSec from infrastructure he said, ‘go for it’.” Both Tiwari’s infrastructure engineering and cybersecurity roles are very different to her prior educational achievements: she holds a master’s degree in geography from the Osmania University in Hyderabad, India, gained in 2002. She “picked geography because I loved the subject, and I still do,” and “started working in IT Infrastructure because I liked it.”
Given her career journey, it is perhaps no surprise that her advice to anyone aspiring to a career in cybersecurity is: “nothing can stop you from switching your career as long as you put in the effort and don’t give up.”
www.linkedin.com/in/joyce-tiwari-3a42a4224