In celebration of this year’s Cybersecurity Awareness Month theme – See Yourself in Cyber – we are spotlighting five VMware security pros to ask them five questions about their career path.
Dr. Amelia Estwick is director of threat research at VMware. Based in Washington, D.C. Dr. Estwick is a seasoned cybersecurity professional with over 20 years experience. She is responsible for leading VMware’s global multidisciplinary threat research and analysis teams focused on large-scale malware and telemetry analysis, malware reversal, threat hunting, applied threat intelligence, and 24/7 Managed Detection and Response.
Dr. Estwick is a seasoned cybersecurity professional with over 20 years of combined military and government IT experience within the U.S. intelligence community, including 10 years directly leading strategic and tactical cyber threat operations at the National Security Agency Threat Operations Center (NTOC). Prior to joining VMware, Dr. Estwick was the Director of the National Cybersecurity Institute at Excelsior College.
Dr. Estwick is a National Physical Sciences Consortium Fellow, a U.S. Army Gulf War Veteran and is frequently highlighted as an influential woman in cyber, most recently recognized as one of the Top 100 Women Know Cyber by Cybersecurity Ventures and 2021 Women Veteran Trailblazer by the Veteran Affairs Center for Women Veterans. Dr. Estwick is the co-founder for the Women in Cybersecurity Mid-Atlantic Affiliate, a regional professional development organization established to promote, educate, recruit, retain and advance women in cybersecurity.
1. How did you get involved in cybersecurity?
After I completed high school, I enlisted in the U.S. Army as a 74C – Telecommunications Operator, a specialized job within the Signal Corps focused on Information Security (INFOSEC). I started my pathway in the early 90’s, so this was before “cyber” was a part of our everyday vernacular. My INFOSEC training in the US Army’s Signal Corp at Fort Gordon, GA, coupled with several overseas assignments in communications security and operations security during the Gulf War, were precursors to my cybersecurity career.
2. Explain your career path. Did you take any detours?
During my military to civilian transition, I enrolled in undergraduate studies at Southern University and majored in mathematics/computer information systems. I wouldn’t call studying these disciplines a detour, but while I was pursuing my studies full-time, I attained part-time work in various clerical and business roles that were tangential to cybersecurity; such as, office manager for a chimney sweeping and check cashing company. These opportunities provided vital lessons in all aspects in managing a business, to include finance, personnel, and business operations. Upon completion of my undergraduate studies, I continued on the cybersecurity career pathway as a civilian in various technical roles within the DoD Intelligence Community before I transitioned to higher education. It was through these experiences I acquired an appreciation on how multi-faceted, multi-disciplinary a cybersecurity career can be.
3. Was there anyone who has inspired you in your career to help you see yourself in cyber?
My family inspires me everyday, they are my biggest cheerleaders! Besides them, I’ve had several mentors and sponsors on my pathway who encouraged and inspired me to persevere and reach for the stars. One particular person I want to honor is Professor Sharon Stephens. Professor Stephens was my first computer science instructor in undergrad and she was a powerhouse! Professor Stephens was an African-American woman engineer who had a successful career at IBM, but decided to leave corporate America to teach at her alma mater (Southern University) and give back to the community. She was a driving force, ensuring I was exposed to all the necessary resources to be successful in my academic and life journey. Under her tutelage, I had opportunities to intern at NASA, Department of Energy, and competed in various academic competitions. Professor Stephens understood my passion to further my education and she relentlessly pushed me to apply for various graduate fellowships which led to my National Physical Sciences Consortium Fellowship award to pursue my graduate studies in computer science with a focus on computer security.
Unfortunately, in 2018 Professor Stephens passed away, but I’m grateful she was here to witness me earning my master’s and doctorate degrees in computer science, in addition to leading a successful cybersecurity career. To this day, I still feel her presence when I’m experiencing any challenges…. her mantra, “Don’t listen to the naysayers, Only YOU know YOU, YOU got THIS,” provides me the motivation to overcome adversity!
4. What’s the best career advice you ever received?
I have a few mantras that I live by, like “stay ready so you don’t have to get ready,” “this too shall pass” and “mind over matter.” But the best career advice I received is to enjoy what I do; take the good with the bad and if you are not experiencing some discomfort in any role, you are not growing! Discomfort means some transformation is taking place, be comfortable being uncomfortable! When I moved into management, great career advice I received focused on the importance of being a people manager and empathetic leader. Actively listen to your team or what others are sharing and then make the necessary adjustments to stay on task. Don’t think you have to be 100% perfect, it’s okay to fail fast and then iterate (I’m still working on this advice). Finally, at the end of the day, take care of yourself. Cybersecurity can be extremely stressful. Protecting your customers and community 24/7 can be quite exhausting, so know when you need to take a break (and recognize when your team needs one too).
5. What advice would you give to aspiring security leaders?
Be confident, stay focused, and create your own path! The cybersecurity career pathway is so vast. You can pursue roles that match your knowledge, skills, and abilities. It’s really up to you! You do not have to live by or follow someone else’s vision of the role you should pursue, just enjoy the journey. Finally, please give back to the next generation of cyber professionals. I live by mentorship, allyship, and sponsorship. This advocacy is core to who I am. The cybersecurity field is “all hands on deck” and we are only as strong as the weakest link. It’s important for “each one teach one” so we can all be safe and enjoy life’s pursuits.
