In line with Echelon's value of People with Personality, we are excited to continue our Cybersecurity Champion series, where we spotlight the incredible individuals who make up our team. Each month, we share the stories of professionals whose talent, dedication, and unique perspectives help keep organizations secure.
Meet Sterling Giralmo, SIEM Engineer at Echelon Risk + Cyber. Sterling's path into cybersecurity began with a tour of duty in the United States Coast Guard, where he developed the discipline, resilience, and adaptability that continue to define his work today. Now focused on helping organizations build and optimize their security monitoring capabilities, Sterling brings a mission-driven mindset to everything he does.
1. You served in the United States Coast Guard before moving into cybersecurity. What was that transition like, and how does your military background shape the way you approach your work today?
Transitioning from the Coast Guard into cybersecurity was definitely a challenge because I was not only moving from military to civilian life, but also into an entirely new field. I knew I wanted to build a career in cybersecurity, so I set a clear goal of earning my degree and breaking into the industry. That focus and determination helped me complete a four-year degree in three, and I've continued to prioritize learning and professional growth ever since.
My military experience continues to shape how I approach my work today. The Coast Guard taught me discipline, resilience, adaptability, accountability, and integrity, qualities that are essential in cybersecurity. I take ownership of my responsibilities, stay adaptable in facing new challenges, and remain committed to delivering the best possible results for our clients every day.
2. As a SIEM Engineer, you're working close to the technical core of security operations. What does that actually look like day to day, and what makes it interesting to you?
A large part of my day to day involves helping clients build and optimize their security monitoring capabilities. That includes integrating log sources, developing detection and correlation rules, creating dashboards and reports for visibility, and implementing SOAR workflows to automate repetitive security tasks and improve response times.
What makes the work interesting to me is that SIEM is really at the center of an organization's security operations. Companies have countless systems and tools generating data every second, and a SIEM provides the ability to centralize, correlate, and make sense of that information. Without that visibility, it's difficult to identify threats, detect anomalies, or understand what's happening in your environment. I enjoy helping organizations improve that visibility and build more effective detection and response capabilities because it directly strengthens their overall security posture.
3. Are there any cybersecurity trends or emerging technologies that you're particularly excited about or concerned about right now?
AI is definitely the trend I'm watching most closely right now. I'm excited about how it can improve security operations, especially in SIEM environments where it can help teams process large amounts of data, identify patterns that might otherwise be missed, and assist analysts with threat detection and investigations. I think AI has the potential to make security teams more efficient by helping them prioritize what matters most and respond to threats quickly. As organizations continue to generate more data, tools that can help make sense of that information will become increasingly valuable.
At the same time, it creates new challenges and a new attack surface. Attackers are already using AI to make attacks more effective, and organizations now have AI systems that need to be secured as well. So while I'm excited about the benefits AI can bring to defensive security, I'm equally focused on the risks and the need to secure AI responsibly.
4. What is one piece of advice you'd give to someone aspiring to get into cybersecurity today?
One piece of advice I'd give is to focus on building a strong foundation first. Cybersecurity spans a lot of areas: networking, operating systems, system administration, threat detection, risk and compliance, and more. Understanding the fundamentals is critical.
Once you have that foundation, I'd recommend exploring the different specialties to see what genuinely interests you. Cybersecurity is constantly evolving, and there's always something new to learn. Choosing an area that you're passionate about will make it much easier to stay motivated, keep developing your skills, and build a successful long-term career.
5. Are there any specific resources or communities you've found helpful in your cybersecurity journey?
There are a ton of resources that have been helpful throughout my career. One book I'd recommend is The Cuckoo's Egg, which tells the story of one of the earliest documented cyber investigations and provides awesome insight into the origins of modern cybersecurity. For hands-on learning, TryHackMe and Hack The Box are excellent for building foundational knowledge and developing practical skills.
Beyond technical resources, I think it's important to engage with local professionals in the industry through meetups, conferences, and professional groups. That will give you the opportunity to learn from others, gain different perspectives, and build valuable connections and relationships within the industry.
6. What have you come to appreciate most about being part of Echelon?
What I've come to appreciate most about Echelon is the people. The people here are incredibly talented and knowledgeable in their respective disciplines. What really stands out, though, is everyone's eagerness to continuously learn, improve, and be the best at what they do, while also being willing to help their teammates succeed. There's a real sense that we're all one big team in the same fight, working toward a common goal. And that's something I truly appreciate about being here.
7. Outside of work, how do you like spending your time?
Most of my time outside of work is spent with my family. I have two young kids and an amazing wife, so if I'm not working, there's a good chance I'm spending time with them. But beyond that, I enjoy getting outdoors, watching and playing sports, and unwinding when I can with some video games. Spending time with my family is what I'm most passionate about outside of work.
8. What does being a Cybersecurity Champion mean to you?
For me, being a Cybersecurity Champion means being committed to continuous learning, leading by example, and helping others succeed. Cybersecurity is constantly evolving, so it's important to stay curious, continue developing your skills, and face new challenges head on. It also means sharing knowledge, supporting your teammates, and keeping our clients at the center of everything we do. We believe that privacy and security are fundamental rights, and being a Cybersecurity Champion means always giving your best to help protect them.
Curious about a career in Cybersecurity? Discover more about Echelon's team, culture, and open positions.