Meet the Team: Security Consulting

26. August 2019

Photo: Katharina Imgram (on the right), Security Consultant, and Maximilian Müller, Senior Security Consultant

Security has a thousand facets. Find your niche in IT Security.

IT Security is the hype topic of our time. The job descriptions are manifold and often filled with hardly understandable buzzwords. In our interview series, veterans and novices of usd give insights into their work and thus into the different areas of IT security. We talked to Katharina Imgram and Maximilian Müller about their department Security Consulting.

Katharina, can you explain to us what your Security Consulting Team does?

Katharina Imgram: Our team advises companies of all sizes and from various industries on all aspects of information security. Our work ranges from technical security consulting and organizational consulting to operational support for specialist teams on our clients’ side. We’re always dealing with new exciting topics and challenges, which makes for a varied working day with plenty of room for personal development.

You have a Bachelor’s degree in industrial engineering with a focus on logistics. Why did you apply for a job in IT Security in general and our Security Consulting Team in particular?

Katharina Imgram: I wasn’t looking for IT security jobs specifically, I just happened to come across the job advertisement for Junior Consultant Information Security at usd. I could see myself as a consultant, because the job is varied, you get insights into very different subjects and companies and have no fixed task. usd is looking for colleagues who are committed and motivated, enjoy IT security and are interested in familiarizing themselves with new topics. That appealed to me right away.

Maximilian Müller: I studied computer science and IT security. But our team members have very different professional backgrounds and degrees, for example, in security management, electrical engineering or law.

Max, you haven’t been working at usd and on the Security Consulting Team for long yourself. Nevertheless, you happily volunteered to be Katharina’s Buddy.

MM: I always enjoyed working with and tutoring other students during my time at university. So when we were asked who wanted to be Katharina’s Buddy, I thought: “I could do that. That would be fun. It’s also a good exercise for the future if I want to take on a leadership role someday.” And that’s why I volunteered. So Katharina is my first beginner – or as they’d call it at German universities: My first “Ersti” (laughs).

KI: Having a dedicated contact person on my team when I first joined usd helped me a lot. I could approach Max with every question I had, which was especially helpful during my first few days. And I also had a reliant lunch partner (winks).

How are new members of your team initiated?

KI: Besides the usd onboarding program “Become a Hero” and the team’s internal Wiki, every new team member gets their own Buddy, a kind of “friend”, who supports with organizational things and helps with worries or challenges. A senior or managing consultant takes care of the professional training. They act as a coach and support new team members with their first projects.

How does a new team member make the leap from theoretical training to practical project business?

MM: The best way to learn the job is always through practice. That’s why we gradually involve new colleagues in our ongoing projects by putting them in charge of sub-projects. You start off by doing the more simple tasks, but you quickly learn that these are also important for the success of a project and you get to see that you actively contributed and you can be proud of that.

As consultants in your department, you often work from your clients’ offices for longer periods of time. Does this affect the team spirit?

MM: Not really, no. It’s nice when you come back to usd in between assignments or after finishing a project. It’s a little like coming home to your family. To keep everyone in the team updated, we all meet every four weeks at our Neu-Isenburg office.

The job of a consultant is often met with the prejudice that you cannot reconcile your private and professional lives because you travel a lot or work for clients in other cities. Would you say that applies to your daily work?

KI: I am still studying on the side and therefore have to combine private life, job and school. But that’s also possible. Travelling is part of my life as a consultant, of course, but that’s one of the reasons why I decided to do it. Compared to our colleagues from the PCI Security Services team, however, we in the Security Consulting Team don’t travel as much. We have many clients who are based locally and regionally – maintaining close proximity to our clients is important to us. And working from the usd offices or from home is just as much a part of our daily business.

If you could choose your ideal new colleague, what qualities would this person have?

MM: As a consultant you work with people on a daily basis. That’s why social skills are essential for our job, as well as professional competence. You should also enjoy encountering and having to familiarize yourself with new situations and technical questions on a regular basis.

KI: Above all, qualities such as reliability, sense of responsibility and empathy are important to have as a consultant. But I also think that a sense of humor doesn’t hurt.

MM : Our Talent Management team does a great job in this regard. I don’t think that there’s anyone here at usd who doesn’t actually fit. We get along great with all of our colleagues, no matter which department they work in.


In the first interview of our series “Meet the Team”, Nur Ahmad and Bastian Pütz give insights into their department PCI Security Services.

Also interesting:

PCI DSS v4.0: INFI Worksheet Discontinued

PCI DSS v4.0: INFI Worksheet Discontinued

The Payment Card Industry Security Standards Council (PCI SSC) announced it is discontinuing the Items Noted for Improvement (INFI) Worksheet. INFI, a template for documenting items for improvement, had been introduced with PCI DSS v4.0. Effective immediately, QSAs...

The Surprising Complexity of Finding Known Vulnerabilities

The Surprising Complexity of Finding Known Vulnerabilities

IT security professionals need an efficient and reliable solution for identifying known vulnerabilities in a software product, given its name and version. Our colleagues at usd HeroLab place high demands on such a solution. They evaluated several available solutions...

Categories

Categories