Six years into my professional career I decided to make a career change and move into the consulting space. I had worked as a governance, risk and compliance (GRC) Lead for various companies throughout my career, which gave me the opportunity to work with consultants on various engagements. I was always very intrigued by the idea of becoming a consultant one day, so when the opportunity presented itself, I was excited to take on this new challenge to grow professionally.
Looking back on my experience with Echelon Risk + Cyber five months later, here are five things I have learned:
Becoming a Trusted Advisor
A month into my employment, Echelon hosted a workshop about how to become a trusted advisor. The workshop touched on a concept I intuitively knew - being a good advisor does not only come down to having credibility. Echelon places an emphasis on building trustworthy relationships with our clients, to ensure successful client engagements.
I learned that there are four components to earning trust:
- Credibility – The words we say, the skills and credentials we bring, and the way in which people experience our expertise make people trust us.
- Reliability – The actions we take, our predictability, and the ways in which people find us dependable make people trust us.
- Intimacy – The extent to which people feel they can confide in us and perceive us as discreet, empathetic, and safe all make people trust us.
- (Low) self-orientation – The more people feel we are focused on them, rather than on ourselves, the more they trust us.
A trusted, effective advisor can provide reassurance, calm the client’s fears, and inspire confidence by giving valuable advice. This means getting the client from point A (what they know and understand now) to point B (an advanced state or deeper understanding and knowledge).
Lastly, a trusted advisor builds strong relationships by practicing principles of relationship building that apply both in personal and professional life, such as being understanding, thoughtful, considerate, and supportive.
Professional Development: The Learning Never Stops
As an advisory consultant I have had the opportunity to work on many different types of client engagements in a short period of time. Anything from conducting audit readiness assessments and developing incident response plans, to tabletop exercises, writing policies and much more.
Taking on different types of engagements for different types of clients has pushed me out of my comfort zone, and I found myself tackling problems that I have never had the exposure to before.
The learning goes beyond the practical knowledge gained from catering to clients’ real-world problems. Echelon places an emphasis on professional development and encourages all employees to expand industry knowledge by obtaining professional certifications, attending cybersecurity related events, and staying up to date on cybersecurity news or conducting research to become thought leaders.
Taking Charge of my Career: The Importance Of Setting Goals
At the beginning of each year Echelon employees complete a goal setting exercise on a firm level, department level and individual level. On an individual level, employees are required to determine overarching goals for the year and break those goals down by quarter.
Throughout conducting this exercise there is constant sharing and collaboration. I was so inspired to see what goals my colleagues set for themselves and was immediately seeking opportunities to partner with them.
This exercise creates such a collaborative environment for a remote workforce. Working through my goals for Q1, I noticed that by working on shared goals with my colleagues I can build strong relationships with various team members.
We are instructed to come up with goals that are directly and indirectly related to our day-to-day work. Anything from program development, creating new client offerings, certifications that we want to obtain, conferences we want to go to, or simply an article we want to write.
Having the support to work on goals beyond my day-to-day work has given me the opportunity to truly think about how to take charge of my career and shape my brand as a consultant. For example, after publishing my first article about security awareness and training earlier this year, I was inspired to take that initiative a step further and am now thinking through how to develop client offerings in that realm.
There is something so fulfilling about knowing that my goals can help shape the firm and future client engagements.
Giving Back: Using Echelon Risk + Cyber To Make A Positive Impact
Beyond the freedom to guide my own career, Echelon fosters an environment of freedom to guide and make a positive impact on the cybersecurity industry.
Within my second month of employment, a colleague and I decided to launch a Women in Cybersecurity employee resource group (ERG) at Echelon. The response was overwhelmingly positive, and so many colleagues wanted to take part in this initiative. It feels great to be able to give back to the cybersecurity community through Echelon and to champion a cause that is dear to my heart.
The most impactful initiative I got a chance to contribute to was building out Echelon’s apprenticeship program, where we place a focus on hiring individuals traditionally under-represented in cybersecurity. I am thankful to be in an environment that allows me to create opportunities and inspire others in my field.
Diversity Is Created
At this point, I imagine some of you might be as excited as I was to pursue a career in cybersecurity consulting, but you also might be wondering if you have the right experience to pursue this type of career. I also had similar thoughts initially; there is something a bit intimidating about the idea of taking on the responsibility of guiding clients through various types of problems.
To my surprise, and after getting to know my colleagues better, I realized that there is no typical direct path to becoming a consultant, and that diversity in this profession is valued for several reasons:
- Diversity of experience is valued because different team members can contribute to various projects in different ways.
- Diversity of knowledge is valued because we can share knowledge with one another to grow professionally and solve client problems more efficiently.
- Diversity of backgrounds (race, gender, age, culture etc..) is valued because it creates a community that can offer different perspectives, thoughts, and approaches to client management.
At Echelon specifically, I found that diversity is encouraged, as my team members are always seeking out ways to challenge their ways of thinking.
In closing, I found that consulting at Echelon Risk + Cyber has helped me advance professionally in more ways than I could imagine. I am working in an environment that pushes me to grow and step out of my comfort zone as well as give back and make a positive impact on the cybersecurity community.