Liberty IT’s Damian Tumanowicz on the value of practical experience in cybersecurity and why it’s important to avoid unnecessary stress in his profession.
For cybersecurity professional Damian Tumanowicz, the “dynamic nature” of the cybersecurity sector is what he enjoys most about his job, as it keeps him motivated and engaged through continuous learning.
“From analysing and responding to security incidents to identifying emerging threats, there is a constant stream of diverse tasks,” he said. “This variability keeps the work exciting and prevents monotony.”
Tumanowicz has worked at Liberty IT for six years, beginning in 2018 in an IT helpdesk role. Today, he is a senior cybersecurity analyst in the company’s security operations centre (SOC).
‘Cybersecurity is not just a job for me; it’s a passion’
If there is such a thing, can you describe a typical day in the job?
A typical day on the job can be diverse and filled with various tasks and responsibilities. It usually begins by scoping the threat landscape. This involves checking emails, security feeds, news updates and reviewing any alerts queues from security monitoring tools. This helps in staying informed about any potential security incidents, vulnerabilities or emerging threats.
We start the day with a stand-up meeting where we discuss the progress of ongoing incidents, alerts and projects.
Much of the day revolves around the incident response cycle. We handle and respond to security incidents based on their priority. This involves investigating alerts, analysing suspicious activities and conducting in-depth analysis using a variety of tools.
Throughout the day we frequently interact with colleagues from other teams, such as threat intelligence, incident response or IT operations. Collaboration and communication are crucial for sharing information, coordinating efforts and gathering insights to effectively respond to incidents. This may involve consulting with colleagues on specific security issues or providing updates on ongoing investigations.
Another aspect of an analyst’s workday is documenting findings, investigation steps and any actions taken. This documentation ensures accurate record-keeping, assists in future incident analysis and supports compliance requirements.
The day typically concludes by reviewing the overall progress of ongoing investigations, addressing any pending tasks and ensuring proper handoff of incidents or relevant information to the next shift.
What skills do you use on a daily basis that are specifically helpful in cybersecurity?
As an SOC analyst, one skill that is essential to my work is problem solving. I regularly encounter complex challenges and incidents that demand a systematic approach to analyse the root causes, devise suitable solutions and implement effective mitigation strategies. Through critical and creative thinking, I am able to develop innovative methods to confront security threats.
Analytical thinking is another skill that plays a significant role in my day-to-day responsibilities. I am frequently tasked with scrutinising vast amounts of data, detecting patterns and identifying anomalies. This analytical mindset empowers me to make well-informed decisions based on the insights derived from thorough analysis. By leveraging this skill, I can uncover potential vulnerabilities and threats, allowing for proactive and strategic security measures.
By honing my communication skills, I can foster better collaboration, build trust and ensure that security measures are properly understood and implemented.
What are the biggest challenges when working in cybersecurity, and how do you navigate them?
I face various challenges in the field of cybersecurity, including maintaining a work-life balance and avoiding the tendency to see everything as suspicious.
Cybersecurity is not just a job for me; it is a passion. However, this can sometimes blur the boundaries between work and personal life. The nature of my work makes me highly attuned to potential threats and risks, even outside of work. However, it is crucial to maintain a healthy perspective and not succumb to unnecessary stress or paranoia.
To navigate this challenge, I rely on my structured approach to risk assessment. By distinguishing between real threats and everyday occurrences, I can stay vigilant without allowing it to overshadow other aspects of my life.
Practicing mindfulness and engaging in activities that promote relaxation help me maintain a balanced mindset.
‘Gain practical experience – it is invaluable in cybersecurity’
Do you have any productivity tips that help you through the day?
Coffee, tea and yerba mate. But in seriousness, start your day by prioritising your tasks. Identify the most important and urgent ones and create a plan or to-do list. Having a clear roadmap of what needs to be done helps you stay focused and organised.
What skills and tools are you using to communicate daily with your colleagues?
Most of our communication is very dynamic in nature; we mostly rely on instant messaging, and collaboration tools such as Slack and Microsoft Teams allow for quick and efficient communication, enabling seamless collaboration on projects, sharing updates and seeking immediate assistance or feedback.
How has this role changed as the cybersecurity sector has grown and evolved?
The field of cybersecurity has witnessed significant advancements in recent years. The sector has become more dynamic and complex with the rapid advancement of technology. The arms race between threat actors and defenders has intensified. SOC analysts now face new challenges posed by emerging technologies, such as artificial intelligence (AI) and machine learning.
It is essential for SOC analysts to be adaptable and continuously update their skills and knowledge to understand and mitigate the risks associated with these technologies. This includes staying informed about the evolving threat landscape and the potential use of AI by both threat actors and defenders.
Another thing that has changed is that there has been a greater emphasis on collaboration and information sharing among cybersecurity professionals. SOC analysts now work more closely with other teams, such as threat intelligence, incident response and vulnerability management. This collaboration allows for a more holistic and proactive approach to cybersecurity.
What advice would you give to someone who wants to work in cybersecurity?
Cybersecurity is a rapidly evolving and demanding field that requires continuous learning and dedication. It’s essential to have a genuine interest and passion for the industry. Passion for the field will sustain your motivation and drive to excel in cybersecurity.
Gain practical experience – it is invaluable in cybersecurity. Look for internships or entry-level positions that provide hands-on experience in areas such as incident response, vulnerability management or threat intelligence. Develop soft skills. In addition to technical skills, cultivate soft skills such as communication, critical thinking and problem solving.
Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.
