Name: Renju Damodaran
Title: Senior Manager, Cyber Risk Services
Employer: Wipro Limited
Location: Boston, MA
Education: BS, Information Systems from BITS, Pilani.
Years in IT: 20
Years in cybersecurity: 16
Cybersecurity certifications: CISSP, CISA, SABSA SCF
How did you decide upon a career in cybersecurity?
Back in the day (early 2000s), I was involved in setting up IT infrastructure for a startup company. I started interacting with information security professionals from external consulting firms and developed an interest in security as a profession. I learned BS7799 framework and landed an information security officer role in ING Vysya Bank (now known as Kotak) at India in November 2003.
Why did you decide to pursue your CISSP?
I was initially influenced to pursue the CISSP by senior leadership. Many of the very distinguished individuals I worked alongside with on the global ING team had the CISSP certification. When I started learning more about the certification, I found the domains to be wide and deep enough to set a benchmark in information security knowledge. I realized that pursuing the CISSP would fuel my growth in the organization.
In cybersecurity, no two days are the same – what is your main role in your organization?
My current role as part of the Cyber Risk Leadership team in North America are mainly centered around providing cyber risk advisory services to our clients and expanding the organization’s network and services.
Tell us about a project that you were particularly proud of –
One project that stands out to me is one I delivered in Wipro during 2009. I was part of a multi-million-dollar engagement in the U.S. managing security consulting engagement end to end. This involved development of security strategy, polices and standards, and managing work of other consultants.
What impact has the CISSP had on your career?
After acquiring the CISSP certification in 2004, I received several attractive opportunities, both internal and external. One external offer, PwC, stood out and looked promising for my career, so I decided to pursue it. After maintaining the CISSP for 15 years, I believe that it still helps me to sell who I am and gain attention with distinguished colleagues and individuals. I see a lot of weight, confidence and importance given by customers to consultants who are CISSP certified. Maintaining the credential is very important for onboarding resources for security/risk-related consulting work.
What advice would you give to those who are thinking about pursuing cybersecurity as a career?
Cybersecurity as a career offers a plethora of opportunities. My advice is to understand your current strengths and where you want to be, short term and long term, in cybersecurity. For example, if you have an application development background and interested in cloud computing, looking at cloud security as a short-term goal could work better for you.
What advice would you give to those aspiring to get their CISSP?
The CISSP certification is self-explanatory in the cybersecurity industry. It helps an individual benchmark and improve knowledge in information and cyber security to a continually improving framework and brings visibility in leadership circles.