We all know that cybercrime is a growing global phenomenon, brought on by us living in a more connected digital world which is borderless, ungoverned, in some respects lawless, and difficult to police.
Every new technological development offers benefits but also presents risks and vulnerabilities. As well as using technology and processes to combat these, Quantexa focuses on educating colleagues by providing regular security awareness training and updated news releases, promoting a “shared responsibility” culture.
Quantexa’s Information Security team has three core functions, which are Governance, Risk and Compliance (GRC), Security Operations (SecOps), and Business Continuity (BC). All functions work with various departments to ensure that we are helping and supporting the wider business, and that our Information Security solutions are up to a high standard.
In this article, we find out what being an Information Security Analyst is all about.
Meet Khasad...
Prior to joining Quantexa, I studied Ethical Hacking and Cyber Security at Coventry University, achieving a 1st Class degree. I also completed a placement year in the Information Security team at PrettyLittleThing.com, completing similar tasks to my current role.
In May 2023, I celebrate four years at Quantexa, where I started as a Junior Information Security Analyst in what was then a fairly small Information Security team. Since then, I have learnt and progressed within my role as the team has expanded and matured.
How do you normally start your working day?
Firstly, by having breakfast as it sets me up for the rest of the day! Then I catch up with the team every morning or afternoon over a Teams call and respond to emails. I also check my calendar to see what’s scheduled for the day.
Due to Quantexa’s flexible hybrid working policy, I generally work at the office at least once a week so that I can meet with other team members and colleagues from across the business.
How would you describe a typical day?
Most of my work is focused on GRC, which involves a number of things. Firstly, supplier assurance, which can includes reviewing the security posture of new suppliers by performing due diligence and gathering relevant documentation. Secondly, risk management, which includes reviewing current risks identified across the business and meeting with various departments to explore these. Thirdly, collaborating with internal stakeholders to prepare for external compliance audits such as ISO-27001. I also review and update governance policies and standards to reflect business changes and requirements.
The Information Security team meets three times a week and it’s a great way for us all to get together, discuss current projects and tasks, highlight any challenges, as well as share ideas.
It’s a really friendly and supportive team, and most importantly, we all get along and work together to achieve our goals.
Due to the number of ongoing projects, it’s important that we keep abreast of how these are progressing.
What do you enjoy most in your role?
I enjoy the flexibility, the freedom to express my ideas and opinions, and the close relationships I have with my manager, my team, and other senior colleagues. At Quantexa we have access to a vast pool of skills, knowledge, and experience, which I believe is a huge bonus!
Information Security plays a vital role for Quantexa and our clients. Both consider Information Security as a priority when working on projects.
This shared focus on security is a real comfort and it also inspires me to go the extra mile to ensure that Information Security is at the forefront in everything we do as it is taken seriously.
Working with other teams and departments is critical within my role so that I can explain the importance of Information Security. We’re mindful that Information Security isn’t at the forefront of everyone’s mind given as everyone’s naturally focused on their own work. So, it’s important to raise awareness and strike a balance.
We take a collaborative approach to achieving our Information Security goals.
What are you main goals as an Information Security Analyst?
My main goals are to help protect Quantexa, especially given the speed at which we’re growing, to be available to others who need help and assistance, and to deliver and continuously enhance our Information Security strategy.
We’re promoting a culture where Information Security is not seen as a barrier but as something that enables and sustains the business.
I’m also aiming to enhance overall security and improve our defenses against potential security threats through additional research, training, and working closely with experienced colleagues.
What are your most memorable moments?
My most memorable moment is seeing Quantexa mature from the year when I started to where we are today. This is a massive achievement for Quantexa and it’s both humbling and exciting to have been part of this journey.
We have managed to grow and mature the Information Security function and how our team contributes across the business to deliver our solutions, whilst informing the wider teams about the changes and improvements. This plays a vital role in our overall success.
Being able to gather feedback from others at Quantexa has helped me to learn and grow as an individual, especially at this early stage of my career. I’ve also gained exposure to areas of work which may reap benefits later.
What do you think are the most important attributes of an Information Security Analyst?
The most important attribute within my role is being able to see things from another person’s perspective when trying to enhance our Information Security posture, as it helps to provide mutually beneficial outcomes.
We also need to have a pragmatic approach when dealing with Information Security requests so that we can explore solutions that minimize or ideally avoid any disruption.
What are you excited about?
I’m excited about Quantexa’s future, as I’ve seen it grow from a small company to a scale up organization whist I’ve been here. I wonder what the next steps are…let’s wait and see!
