Case study: Neil BoulterNeil Boulter, Security & Risk Manager at Experian UK fell into a job he liked and with the support of this team has progressed his career in security, an industry he says is an integral part of every business process and solution.
Security & Risk Manager, Experian UK
After I left school I went to college to study OND engineering but after a year I dropped the course and got a job with TSB Trustcard, (Credit Cards), as a Customer Services Agent.
Initially I worked in Statement Mailing and Payment Processing and then moved to the Customer Service role and after that moved onto Collections and overdue accounts and assessing people for Credit Limit increases.
After three years or so I decided to change roles completely and took a Shift Operations role in the Data Centre. I spent two years working shifts and I started to understand about the Computing Services that we were managing.
From this I took a new role in the Data Centre as a Junior Security Analyst managing Mainframes and AS400’s. I spent 7 years in the role and was supported greatly by my boss.
I stopped doing and started talking about it.
After a couple of years I had an interview for Fidelity Investments. I was offered the job as a Security and Business Continuity Manager. So I stopped doing and started talking about it! It was a very different role and it took a bit of time to get to grips with a consultancy type role, but it was a great way to learn and again I had a supportive boss.
After two years I decided to move location. I did a brief 3 month stint with the Alliance & Leicester before moving to Experian in late 1999, as a Risk Specialist. (An area I’d started to get interested in over the previous few years.) I then moved back into Security and worked with the Corporate function and by 2006 ended up managing the Consultancy and Operational teams.
I then moved into one of the Experian Business Units as a Security and Risk Manager where I am now responsible for all aspects of Security, from Client engagement to Product design and have been heavily involved in the Verify product, (for GDS), over the last few years. I also manage a team who cover Risk for the Business Unit, Business Continuity, ITDR for our hosted solutions and PCI DSS, ISO27001 and FCA regulation requirements.
Security isn’t a small profession; it’s huge and no one person can be an expert in every part. I strongly believe that security is just a part of business, like finance, or sales. Everyone has a role to play and I’m there to provide guidance in any area of business to ensure we end up with a secure, process, solution or service.
What I enjoy is the variety, the chance to be involved in every aspect of a business and to provide people with the knowledge they need to do business in a way where they understand the risks, have taken the steps they are comfortable with to mitigate those risks and know how to handle any issues that may occur.
I have a bit of phobia about exams so I’ve never been keen to go back and do them, but in the modern world it’s almost impossible to escape the need for such things so in 2006 I gained the CISSP qualification. I’m looking at the CISM qualification, and you never know, one day I might even do it!
Learning in a work context has always worked well for me and that phobia has always deterred me from college but that’s not to say it’s a bad idea.
Security is an integral part of every business process and solution
I never knew what I wanted to be when I grew up and I kind of fell into the job and found that I liked the work and I had a level of independence that I enjoyed. One of the things that makes security interesting for me is that it’s an integral part of every business process and solution, so you get to see a lot of the business and how it works.
Advice to others
Getting into a large organisation gave me the opportunity to see the huge range of jobs that existed and allowed me to find something I enjoyed by succeeding in the job I was doing , which in turn allowed me to move internally.
What you are good at is what will get you in the door.
But my advice wouldn’t be, ‘go get a job’, it’d be ‘play to your strengths’. If you are good at studying and getting those qualifications, go for it; If you are not an academic but have a talent for communicating, or computing, or cooking, then work on it and make it better. That might mean an exam, or it might mean some job experience, but what you are good at is what will get you a foot in the door, and once it’s open, you might well find that there are other things that you are good at that you’ve just never had a chance to do before!