Navigating Cybersecurity and the World: A Journey of Growth and Mentorship
In line with Echelon’s value of People with Personality, we are excited to announce a brand-new initiative under our content umbrella designed to spotlight our incredible team members, called Cybersecurity Champions. Through these monthly features, we aim to shine a light on the amazing individuals who drive our success and embody the spirit of our company.
“What I learned very early on from the role models that I had is the same advice that I give to people that I mentor now: be very proactive, curious, and continue learning.”- Shir Butbul
Shir Butbul, Senior Consultant for vCISO services, has made an extraordinary impact at Echelon since joining the team. Starting her career in GRC (Governance, Risk, and Compliance), Shir has continually expanded her leadership and soft skills, culminating in co-founding the Women in Cyber employee resource group. This initiative reflects her dedication to mentoring and uplifting the next generation of women in cybersecurity. Shir’s passion for continuous learning extends beyond Echelon RiIsk + Cyber, as she frequently shares her expertise at industry conferences, encouraging curiosity and proactivity in others. Join us as we dive into her inspiring journey.
Q: What brought you to Echelon Risk + Cyber? We love to hear about your journey and what attracted you to join our team.
SB: I studied information systems and after graduating, I spent a lot of time exploring different options and talking to others who had the same degree to understand what types of jobs were available in the field. I was fortunate to connect with someone who saw potential in me for a role in GRC and recommended that I take some courses to explore it further. Then I worked for different companies, startups, and consultants on GRC initiatives.
A couple of years ago, I applied for a position at Echelon, went through the interview process, and learned more about what working here would be like. I realized that joining Echelon would be a great opportunity to advance my career, enhance my leadership and soft skills, and work with a diverse range of clients.
Q: What does a career in cybersecurity consulting look like? What is something that you learned on the job that they didn't prepare you for at school?
SB: The main thing that I can think of is the regulatory aspect and the frameworks. When I started my first job, I had to quickly learn about the frameworks we were using and the regulations the company followed.
I also had to adjust to working with different personalities and stakeholders and communicate effectively with all of them. Time management is also crucial in consulting; you need to ensure that you help each client progress over time and pay attention to their needs.
Q: According to the Society of Women Engineers, women represent only 29.2% of the STEM industry. How does it feel to be part of this small group and make such a significant impact?
SB: It’s incredible to see how much progress we've made. When I graduated ten years ago, the industry was very different; women made up only about 8 to 13% of the cybersecurity field. I was one of the few women in my computer science classes and initially felt unsure about fitting in, as I didn’t have much in common with many of the male students.
I was fortunate to have role models. At my first job, the head of IT was a woman, and she was a huge inspiration to me. In my second job, most of the leadership was also female, which was encouraging and showed me that there was room for advancement. As I progressed, I realized it was my time to become that inspiration and give back to others.
When I joined Echelon, a colleague and I started the Women in Cyber employee resource group. This initiative allowed us to focus on supporting the community, inspiring the next generation of women, and helping new female employees advance within the company. We’ve seen great results, including an increase in the hiring of women.
Q: What's the best career advice you ever got?
SB: What I learned very early on from the role models that I had is the same advice that I give to people that I mentor now: be very proactive, curious, and continue learning. I think that's what I've seen from anyone who is successful in this field, they push themselves to kearn and expand their skill set. When working with mentees now, I ensure that they have a very structured approach to what their goals are and what they want to accomplish, and then make progress towards those goals, learn, be curious, and ask questions.
Q: We've been told that you like to travel a lot. How many countries have you been to? Is there anything you've learned during your travels?
SB: I've been very fortunate to travel to 28 countries. My top three are Cape Town, South Africa; Mexico City, Mexico; and Lisbon, Portugal. I think what I've learned is that going out of your comfort zone really pays off. Pushing yourself to go to different places and have different experiences is so invaluable.
Q: Do you have any resources you go to that have helped you succeed in your role that you want to share?
SB: Yes, WiCyS, has a mentorship program, scholarships for certifications, an annual conference, and virtual talks, that's a huge resource. Also, at the beginning of my career, I was more involved with ISACA, which was a really good way to network and learn about trending topics in the industry.
Q: What does being a cybersecurity champion mean to you?
SB: To me, a cybersecurity champion is someone who goes above and beyond to give back. It's not just about doing the client work, but also about making a positive impact on the community, their team, and the cybersecurity industry as a whole.