4 minute read
Reshmi Hariharan
Governance, Risk and Compliance Technology Specialist at Microsoft
Reshmi Hariharan is a governance, risk and compliance (GRC) technology specialist with Microsoft, based in Sydney. It’s a career destination she has arrived at from a degree in electronics and communications engineering and, she says,
“mostly by saying ‘yes’ to all the opportunities that came my way even if that did not make sense immediately.” The only thing that mattered was: “is it different from what I’m doing now, and do I get to learn something new.”
Her initial role in the industry was in marketing, not in cybersecurity. “I was given an opportunity to join a cybersecurity firm as a researcher for developing marketing and thought leadership content,” she says. “A few months later, I was given an option to join the governance, risk and compliance team. I started helping out with information security assessments and then gradually built my skill and got certified as PCI AQSA [Associate Qualified Security Assessor] and ISO 27001 LA [lead Auditor].”
Down the track she plans to gain ISACA’s Certified Information Security Manager (CISM) certification and Certified Data Privacy Solutions Engineer (CDPSE) certification, and says her membership of ISACA also provides an opportunity to network with peers in the industry and gives her access to thought leadership content.
A PIVOT INTO CYBERSECURITY
When Hariharan gained her first cybersecurity role it represented the realisation of a long-held interest. “When I was pursuing my undergraduate degree in electronics engineering, there was one subject on computer networks and security that got me interested in the basics of security, but I did not have any clear vision of working in cyber back then. I started my career and then pivoted into cyber a few years later. I was working as a researcher and, many times, the topics included cyber. I would think, “oh that’s interesting.”
She says such pivots into cybersecurity from other skill sets are common. “People pivot to cyber from different walks of life, bringing in varied sets of expertise. There is room for everyone. The key is adaptability and an open mind. You can always find roles in cyber that relate to your skillset and values throughout your career. For me, there is always change and something new to learn.”
Hariharan says she did not have a clear vision of the roles she wanted, but was clear about what she wanted from each of her roles. “The roles must align with my values and help me broaden my skill sets. Above all, it is important that I make a meaningful contribution to the people around me.” As to her choice of employer, Hariharan says the most important thing she would look for would be “a company culture where everyone can be their authentic version of themselves, can be part of something bigger than themselves, and have the support of peers whenever there is a need.”
industry certifications to demonstrate your interest and understanding. And always, be open to the idea to pivot career interests.” “One misconception that I had when I was younger was that I needed to know coding, which is not the case. From my experience, the roles in cyber continually evolve and change. So start when you can. It doesn’t matter where you are on your journey as long as you are open to learn, curious and adaptable.”
Other important factors would be flexibility in work location and a level of autonomy that reflects trust in employees. Her advice to others: “Don’t fixate on one role but rather be open and curious, make the best of all the opportunities given to you, and one day you will be able to connect all the dots.
CYBER IS FOR EVERYONE
“Cyber is for everyone,” Hariharan says. “One misconception I had was that I needed to be a nerd in coding to break into cyber, which is clearly not the case. My view is that cyber is a vast ocean and there is room for the diverse skill sets people can bring in.
“One misconception that I had when I was younger was that I needed to know coding, which is not the case. From my experience, the roles in cyber continually evolve and change. So start when you can. It doesn’t matter where you are on your journey as long as you are open to learn, curious and adaptable. In her current role, Hariharan says every day is different. “In every work week, I will have a couple of customer meetings where I get to understand their cybersecurity governance, risk and compliance requirements and propose how Microsoft can help solve these challenges. The rest of the work week is mostly spent on internal strategy meetings, personal upskilling, professional development and working on diversity and inclusion causes that each of us care about at Microsoft.”
She adds: “I enjoy the time I spend with my customers to understand their business problems, and consulting on the right solution while staying grounded on how Microsoft can help from a technology perspective. I find it meaningful knowing I am having an impact in simplifying someone else’s business problems and putting into action my past experiences and current knowledge. I find it rewarding to be able to work in a safe and healthy environment that is fun, kind and puts employees at the centre.”
“There is no one-size-fits-all course to pursue. Given whatever you study in the curriculum, there is so much out in the real world. My suggestion would be to speak with people who are doing the roles you are considering, get started with an internship, get some
www.linkedin.com/in/reshmi-hariharan-a0a62465
