Women in Information Security: Valerie Thomas

In my last interview, I spoke with Jen Fox. She’s a Senior Security Consultant who specializes in compliance.

This time, I had the pleasure of speaking with Valerie Thomas. She has a lot of expertise in both penetration testing and industrial cybersecurity.

Kim Crawley: Please tell me about your cybersecurity role and how you got there.

Valerie Thomas: My current role is an Executive Consultant with Securicon, which equates to the lead technical consultant of the penetration testing group. The majority of my time is spent performing penetration testing and vulnerability assessments of various software and hardware, also known as hacking all the things. Securicon is heavily involved in industrial control systems (ICS) and supervisory control and acquisition (SCADA) spaces, so I spend a lot of time in power plants and other critical infrastructure facilities. My niches are physical penetration testing and social engineering, which means that I get paid to break into buildings.

I wasn’t aware that ethical hacking was a career option until my senior year of college after reading The Art of Deception by Kevin Mitnick. I graduated with a Bachelors Degree in Electronic Engineering and immediately began seeking a network security position. However, this was in the early 2000’s before cybersecurity was a mainstream career field, so a lot of knowledge was obtained by knowing someone who could teach you about ethical hacking and vulnerability assessment. I entered into a Department of Defense internship program for network engineering and basically sought out those who could educate me.

Read the entire cool interview at the source.

Source: tripwire

Topics: software vulnerability, The Art of Deception, ICS, industrial cybersecurity, penetration testing, SCADA, security career, Valerie Thomas, ethical hacking, industrial systems, IoT, keynote speaker, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

PCI Testing: Everything You Need To Know

Penetration testing is crucial for businesses to help ensure that their security posture will stand against threat actors. For businesses that handle ..

Read more ›

The 4 Phases of Penetration Testing

So, you’ve done your research on penetration testing and are ready for the pentest engagement. But before you choose just any pentesting vendor, it’s ..

Read more ›

What is Web Application Penetration Testing?

Is your company in the process of developing a new application? There are a lot of moving parts involved in developing and deploying cutting-edge appl..

Read more ›