#WeCyberToo: Zilphia Martin, Cyber Defense Threat Analyst

Editor’s note: #WeCyberToo Talent Spotlights cover women of color in cyber so our daughters can see women who look like them thriving in the field.

Meet our 4th #WeCyberToo Talent Spotlight, Zilphia Martin IV, Cyber Defense Threat Analyst at Secure 24.

She wears many hats, and has had the opportunity to focus on both the technical and non-technical aspects of IT security.  A high level overview of her responsibilities are listed below:

  • Implementation / Transition of new security and compliance platforms
  • Security Awareness / Compliance Training Support (HIPAA, FTI, PCI)
  • Security Metrics Reporting
  • Vulnerability Lifecycle Management.
  • Assisting in contract review for security services
  • Technical Policy/ Process Creation  and Security Documentation
  • Technical Process Oversight and Troubleshooting

The function that absorbs the bulk of her current workload is vulnerability life cycle management. This area spans everything from discovery to customer communication and remediation and requires constant vigilance to ensure that all moving parts remain in place.

How did you end up in cyber security?

I think my experience is unique, in that I knew I wanted to work in IT very early- as in 7th grade/middle school. I spent the majority of my time solving computer related issues at home and I was certain that this field would be a good fit.

By the time I was in high school in Berkley, I sought out a technology program at Oakland Schools Technical Campus and spent half days learning Networking,  Hardware, Security, etc.

After graduation in 2012, I attended the University of Detroit Mercy for by BA in Computer Information Systems. While there, I was selected for an internship at Secure-24 and have moved from help desk intern, to security intern, to security analyst, later becoming a security and compliance analyst and finally part of the cyber defense team.

What is the most difficult challenge you have faced as a woman in a male dominated field?

Challenge 1: Being too passive

As the only child of a widowed educator, I had the luxury of being very passive all throughout school and most of my life. I never had to be assertive to get things done and it never occurred to me that I’d have to change this approach.

I can remember, in the early years at the office, being very quiet during meetings. At one point I had  someone pass over me while conducting conference call introductions and later having to raise my voice to ensure my proposal was heard.

Challenge 2: The little minority

As luck would have it, I was placed on a team of 8 individuals where I was the youngest, the only African American and the only female–that’s a triple minority in case anyone lost count. While my team never did anything to make me feel unwelcome, the absence of having someone-anyone- who looked like me did present a challenge.

Editor’s note: this is reason #9,249 why gender diversity is not enough.

How did you overcome said challenge?

Solution: Support from MCWT and management

By applying and receiving a scholarship from the Michigan Council of Women in Technology, I was ushered into a realm of intelligent and tech savvy women who were key players in their organizations and eager to mentor younger professionals.

I was also blessed to have very perceptive managers who were aware of my abilities, saw my potential and did their best to place me in positions where I could grow.

By the second/third year the CSO sat me down during a one on one and said “I’m going to teach you to be assertive”.

It was after this meeting that my focus changed to include projects / implementation of key platforms and my role was transformed. I was required to collaborate across teams, provide solutions and make decisions. All of this collectively caused me to became a resource and less of a wallflower.

A reader of Danyetta’s Magana’s Talent Spotlight suggested asking future interviewees to share failures because those have a bigger impact than just feel good stories. Do you have a failure that you would like to share?

I can remember being a senior in high school and studying for normal exams and AP finals while I was prepping for the CompTIA A+ Exam. Hindsight makes it clear that I was overtaxed and running on fumes. However, my 18 year old self would never acknowledge this and continued to press forward.

Needless to say, I crashed!

My immune system tanked and I  ended failing the 701 and 702 (both  needed for the A+)  -in the same week. Naturally, this left me fairly distraught, because up till this point, I had never failed anything before, (class, test, quiz, you name it I passed with flying colors) and yet here I was with two failed cert exams.

How did you turn that failure into an opportunity?

For me the failure was a huge turning point.  I was not only stronger because I had finally experienced a failure (and lived through it) but I became aware that I needed to  pace myself while I reached for my dreams. Even us wonder women have our limits!

With these new lessons under my belt, I was incredibly determined to conquer this obstacle. I was able to take the exam again and passed!!!

What advice would you give someone looking to enter the information security field?

Do not ever be afraid to be the “only one”, whether that is the only female, the only individual still in college, etc. There are always people rooting for you and for your success. Link up with a good mentor and be frank about your concerns, chances are they have already encountered that particular challenge and will help you to get through it.

Be prepared to move at the speed of light! At times you may get whiplash from the amount of changes being thrown your way, do not panic! Security and IT in general are fields where you are going to be involved with cutting edge technology and required to solve problems (in a week or less) that did not exist 3 months ago. Yes, this will challenge you, but it can ultimately be the most rewarding experience of your career.

What formal education, skillsets, and/certifications do you recommend that people start with to stand out among other candidates in the cyber security field?

I will always advocate for a formal education coupled with a cert approach! Certs (Security +, CEH, CISSP) are wonderful and will add to your income, however, most companies will provide opportunities to pursue certification during your employment.

I personally found that my bachelors degree from the University of Detroit Mercy gave me an added level of polish, enabled me to have a strong research foundation- something mandatory for the security field, and communicate more effectively with clients and my peers.

Editor’s note: Security executives cite communication skills as the most in demand skill set for professionals. See my Tripwire State of Security Ace Your Papers and Advance Your Careers article for tips to succeed.

Can you provide a high-level overview of your career path if someone wanted to pursue a similar route?

  • High School/ Technical Education Campus
  • CIS undergrad/ intern
  • Junior Security Analyst
  • Security Analyst
  • Security Controls, Governance and Privacy Analyst
  • Cyber Defense Threat Analyst

Are you planning to pursue your CISSP? Why or why not?

Actually this is a cert that is on my list, post grad school! I do not hold the CISSP, but I have been told that it sets individuals apart and provides an advantage for those seeking management level positions. I am sure that after I take the exam, I will be loaded with good advice and pitfalls to avoid!

What project(s) are you most proud of?

 
Outreach: Women in Tech and Career Tech Advisory

As someone who has been abundantly blessed, I am always on the lookout for ways to pay it forward!  I consider female empowerment in STEM and removing the stigma of technical education centers to be at the top of my list.

In April of 2016, I was invited by Dr. Rita Barrios and Instructor Melaney Lambert, to speak to the Girls Leadership Club at Hilbert Middle School. As the Michigan Council of Women in Technology has already proven, working directly with females at critical points (ages 7-14) helps end the cycle of girls being systematically steered away from STEM.

The discussion at Hilbert focused on barriers and struggles related to working in a male dominated field, empowered the girls to stay active in math and science, and career options in technology.

In January and February of 2017, I had the opportunity to be an Industry Partner and contributor to the Advisory Committee for Oakland Schools,  providing feedback on the curriculum and certifications offered at their technical campuses.

We also brainstormed solutions around dispelling the stigma of attending technical campuses and how to gain the support of schools and parents. After all,  it was having a well-rounded K-12 education, with  extensive access to hands-on technical training, that acted as a critical step toward thriving in college and attaining a rewarding career as an IT professional.

Compliance Tool Implementation (Back to Industry)

During 2016, I  had the unique opportunity to implement two new web based compliance solutions. The first tool enhanced our ability to meet export controls as an MSSP. The second was designed to provide insight as to how our controls mapped across the vast  landscape of standards, guidelines, regulations.  I was required to spearhead the following aspects for both projects:

  • Stakeholder Identification
  • Requirement(s) Acquisition
  • System Architecture
  • Training: US Staff/ Off shore staff
  • All Documentation
  • Ongoing Development / Maintenance / Integration

Thank you so much for providing your insights! How would you like readers to contact you?

LinkedIn: Zilphia Martin

Email Address: [email protected]

About Zilphia Martin IV

Zilphia Martin IV, is a 22 year old security enthusiast and Cyber Defense Treat Analyst for Secure-24. She is also a graduate student, in the University of Detroit Mercy’s 5 year program, who will complete her studies in May of 2017. Her graduate degree focuses on Intelligence Analysis (counter terrorism) and her Undergraduate Degree is in Computer Information Systems. Her goal is to take her knowledge of counter terrorism and blend it with IT, so that she can assist in predicting and mitigating  the cyber threats of the future.

Additionally, Zilphia is the recipient of several awards and achievements including:

  • University of Detroit Mercy’s Undergraduate Award for highest GPA (by major)
  • Honorary Member of Alpha Iota Delta
  • National Technical Honor Society

Lastly, she is member of the Michigan Council of Women in Technology, a former MCWT scholarship recipient  and enjoys empowering young girls who show an interest in IT. Her other hobbies include cooking and baking- because brownies are a great way to achieve cross team buy in, annual hikes in Colorado, playing the clarinet  and tinkering with her raspberry pi.

Editor’s note: Women of color were noticeably absent from most of the top women in cyber and top security bloggers lists in 2016. I applaud the work of those who were celebrated because the recognition is certainly well-deserved.

However, I want to expose students in my demographic to women who look like them. They need to know that we are out here ready to help them navigate the complexities of this field.

I also want to create our own “Top Lists” to celebrate our accomplishments just in case future lists exclude us, inadvertently or otherwise.

I’m also using these opportunities to present alternative stereotypes and build bridges.

We are not waiting any longer to be chosen. We are choosing ourselves as of February 2017 because gender diversity is not enough.

Share the love!