Noushin Shabab, senior security researcher at Kaspersky Lab Global Research and Analysis Team (GReAT), displayed a keen interest in problem-solving growing up. It’s a fascination she shared with her twin that also led her to land the dream job in the most exciting branch of information technology: cybersecurity.
Shabab’s notable programming and analytical skills didn’t go unnoticed. On her second year at the university, one of her professors tapped her to assist him in teaching first-year students learning different technical subjects.
“I then discovered that I had tact in explaining technical lingo to my colleagues (at work) outside technical departments,” Shabab said. “This eventually made me delve further in technical problem solving that led me to research and eventually cybersecurity.”
Shabab has a Bachelor’s Degree in Information Technology Engineering from Tehran Jonoub Azad University and holds a Master’s Degree in Information Technology Engineering and Computer Networks from Garmsar Azar University. She is currently based in Australia.
As early as middle school, Shabab and her twin learned computer programming. Their high school life is peppered with competitions in a number of national programming contests where they managed to sit on within the Top 3 positions for a few of them.
It was around this time, we both knew we wanted to pursue a career in computing and did a degree in programming and computing in university,” she said.
Shabab landed a job as junior malware analyst in Windows antivirus team for a cybersecurity firm in Iran. It is almost expected that she would master malware analysis in a few years while also acquiring knowledge in reverse engineering.
“I moved to the company’s newly setup anti-rootkit team as senior malware analyst and software developer,” she said. “The last role I had in the company was leading a small team of malware analysts for the Android antivirus product which was again a new project of the company back then.”
Even if at the back of her mind there was a slim margin of jobs in the field of reverse engineering in cybersecurity, Shabab pursued this career path that finally led her to Kaspersky Lab (KL), a global cybersecurity company, which has been operating in the market for over 20 years, where she was hired in 2016.
The interview process made a huge impression on Shabab because “KL was the only company to examine my technical skills especially with my niche in reverse engineering.” She also described her homework after the first interview as “a tough piece” but she remained undeterred.
“Although it was a malware written in a programming language I was not familiar with, I jumped at the chance,” she said. “Vitaly Kamluk, my direct manager who previously worked for Interpol, said my results exceeded his expectations and that was how I landed my dream job.”
When not solving cybercriminal activity, Shabab and her team at GReAT are engaged in research focused on advanced cybercriminal activities and targeted attacks in the Asia-Pacific. Aside from her expertise in reverse engineering, she is also now involved in targeted attack investigations.
“We also dedicate a bulk of our time giving keynotes and traveling the globe to conduct training sessions for big enterprises to better equip their organizations in understanding cybersecurity,” she said.
While Shabab has developed expertise in certain skill sets, new challenges still bring excitement to her as a cybersecurity expert.
She considers the “ever-changing nature of the role” as both challenging and rewarding.
“It also encompasses new challenges which involve new malware that is more sophisticated every time,” she said. “The creativity of malicious attackers is increasing and the diversity of the role is what keeps me excited. Over the course of this role, the need to think creatively and different becomes a way of life but the skill that lies behind that is persistence.”
Shabab is determined to learn a new aspect of her job, which is building a relationship with journalists who are instruments in educating people not only about the company but also about the issue of security.
“Being clear and informative is a skill I work on every day in order to educate our media circles and the public on the work I do,” she said.
Cybersecurity experts deal with different types of attacks every day. Criminal hackers always come up with new strategies to compromise data. For Shabab, having a curious mind is essential for security experts.
“Never stop asking questions about your surroundings in this line of work with your circles, peers, mentors, and role models,” she said. “Don’t be afraid of asking silly questions and speaking your mind. This is because all these ingredients build confidence and knowledge for you to grow your skills and potential in cybersecurity.”
The girl who developed strong analytical skills at an early age feels that organizations need to nurture more talents instead of limiting the field to “professionals and experts” in the field. There are graduates and newcomers who want to grow in the space, according to Shabab, but there are few opportunities for them because the experts are much preferred than them.
“What should start effectively are internship positions and graduate roles offered by companies to create an opportunity for experienced people who come from other fields but are looking for a future in cybersecurity,” she said.
Shabab strongly encourages females out there to give the job a shot “you won’t regret it. This is an industry that lets you grow as much as you want. There is no end to the learning process and the rewarding feeling you get from your work. We live in the age of technology and cyber and you will soon find your job being your lifestyle.”
The number of women working in the back end of IT is increasing. For International Women’s Day, Shabab said that this year’s theme #BalanceforBetter “is the natural way of looking at life. Balance is always the key to success and happiness and gender-balance in the workplace is no exception. More important than hiring the same number of men and women, is to build this culture in your organization and allow women and men to work and grow in a balanced, healthy and safe environment. I am glad to say that I am in a company which values its employees, regardless of gender, age, race, and ethnicity.”
Shabab has been using her skills in IT and talent in public speaking to motivate more women to join the industry not just to bridge the skill gap but also because it is an exciting field to be in right now.
“I am strongly advocating for women in cybersecurity and speaking on these topics at major industry events,” she said.