Shireen Syed, Chief Information Security Officer Company at Western Sydney International (Nancy-Bird Walton) Airport

What is your Job? The job of a CISO is to set the organisation’s cyber security strategy, provide direction, lead cyber risk management, oversee security operations, ensure compliance and governance, build and lead the security function and educate and influence the organisation towards cyber safety.

The most important part of a CISO’s role is enabling an organisation to do business in a digital world in a safe way.

What does a normal day look like for you? Lots of meetings! Typical activities include reviewing the delivery of the cyber security program, performing risk assessments, providing advice to the organisation on cyber security matters, resolving incidents and issues, working with different teams to improve cyber practices, updating policies and procedures and lots of board reporting.

What is your favourite part of the job? In cyber security every day is different, there’s always something to learn and a challenge to solve.

How did you get to where you are today? Lots of cyber security certifications, passion for cyber security and learning as much as I can from the people around me.

Cyber security may seem very technical; however, the best cyber security practitioners can balance business needs and cyber risk and make decisions that help an organisation achieve its mission and objectives.

What qualifications do you need to apply for your job? The key qualifications for cyber security governance roles are CISSP, CISM and CISA. These qualifications show that you have knowledge of a broad range of cyber security domains and how they come together. Other than that, it’s mostly experience that helped me obtain the CISO role at WSI.

What character qualities do you think suit this position?

Someone who is:

• Calm when things go wrong. In cyber security you anticipate incidents all day every day. Sometimes the incidents are big and bad and other times it’s a false positive. In either scenario, it’s important to remain calm so that your team can respond to those incidents in the best way.
• Listens to others. Cyber security can be challenging and complex and there’s no way that one person can know everything. It’s important to listen to others and value their knowledge and contribution to get to the best security outcome.
• Strong decision maker. Often you have to make decisions quickly and with little information. This requires an understanding of which risks matter, which risks are acceptable and where to invest limited resources.
• Strategic thinking. A CISO must see the bigger picture, not just security but also business objectives, customer experience, risk appetite and technology transformation.

What is involved in the training for your job or for the qualification you gained to get your job?

The qualifications I have competed include Bachelor of Commerce, Master of Business Administration, CISSP, CISA, IRAP Assessor and SABSA.

If you could go back and give your younger self some advice, what would it be? Learn something with every spare moment that you have.

What advice would you give younger girls wanting to start a career in Aviation?

It’s unique, it’s fun and you can physically see what you’re contributing to everyday.

You miss 100% of the chances you don’t take.