Women in Cyber Month: Spotlight on Danelle Mattison, CISSP

As part of our Women in Cybersecurity Month, we are highlighting women and their careers, accomplishments and passions. This spotlight features Danelle Mattison, CISSP who describes her on-the-job training in the cybersecurity industry.

Disclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2.

One More Round: Grit, Determination, and a Dash of Insanity

I have been involved in cybersecurity for 10 years, with seven of those professionally in the aerospace sector. I have held positions as an information systems security officer (ISSO) and as a system security engineer (SSE), with each position as eye opening as the next, serving up a serious case of on-the-job training.

I began my professional career as an ISSO, with my main duty supporting a prime contractor on a major aircraft platform, but throughout my eleven months at that company I found myself supporting a number of other smaller programs. 

Being a level one and brand new to the industry, I was lucky to have found a mentor who was my rock and guiding light. My information systems security manager (ISSM) taught me how to be successful at my job. To this day, graduating from his ISSO boot camp remains one of my most proud career moments. Little did I know his methods would be the foundation that I would use to grow and enhance my career at my next job.

Moving Forward With My Career

I continued along in the aerospace industry and found myself working at another major defense contractor, this time as an SSE. Drinking from the firehouse was an understatement. Day one on the job I was making platform security decisions on a platform that I had no experience on. What made things extra challenging was the lack of avionics experience and having to learn that on the job, while trying to figure out how to secure an airplane. Reaching out for help was challenging due to need-to-know and classification issues, so I was on my own. My then manager tried to get me a mentor, but she was located out of state and not read in on the program, so while it was nice to have that person there, many challenges still existed. I spent a year and half on that program before the burn out got to me – I was broken, exhausted, and needed a way out. I still decided to stay with that same defense contractor but instead went back to being an ISSO.

I entered another world with this position and was confident with my skill set having been trained by an amazing ISSM. Things were going great until I was moved over to an off-site location for developmental test efforts. A developmental test site is a different world. In this position I learned how to say yes and figure out ways for folks to get their job done in a secure fashion. It is all too easy in this field to say no and move on, but that was not an option. I had a blast supporting this site, learning how others did their job to support the mission and how I fit in those roles to help them out.

Still at the same company, I was offered a position I could not refuse back into the SSE world. As hard as it was to say goodbye to my site, I knew this SSE role would be a step up into bigger and better things.

It was the craziest and most special three years of my career. I was tasked in securing a weapon systems platform and never having worked on said system before, it was back to drinking from the fire hose.

The program moved fast so it meant improvising, adapting and overcoming quickly, even if only having 50% of the solution. I was blessed to be on a team that supported security, including program leadership, which made my job easy to bake security into the process. I was also blessed to have support from a teammate who had been briefed to that program, so he was my sanity checker when I was too far into the weeds.

The Challenges of Leadership

During this time, I was involved in a leadership program and had been further promoted in the company as a cyber systems security engineer. I was working on multiple programs, so it meant balancing time, expectation management and how to deal with challenging co-workers. I was five years in with this company before I met the inevitable roadblock: a co-worker who was insistent on trying to take control. The emotional and mental toll was taxing; it got to the point where the only way to deal with this toxic co-worker was to leave the situation (and ultimately left the company).

As hard as it was leaving my main team, leaving that defense contractor meant experiencing more challenging and awesome opportunities. I am still involved in the aerospace sector but instead as a cyber lab engineer supporting an amazing team of penetration testers. I am surrounded by people who support each other, encourage growth and share lessons learned.

In my experience, cybersecurity is not for the faint at heart. While I had fun, much of my learning took place on the job. A lot of the time, I was alone. I had to dig deep, I had to find creative ways to communicate my needs without causing a data spill when I needed help. It felt do or die. I was afforded many opportunities to which I will always be thankful for as it made me the cybersecurity professional I am today; however, it came at a great emotional and mental toll.

Related Insights

• Survey: Non-Traditional Paths Are Empowering Women to Enter the Cybersecurity Field
• ISC2 Honors Women in Cybersecurity During Women’s History Month
• ISC2 Webinar: Register Now and earn 1 CPE credit! From the Inside Out: Increasing Representation and Inclusion of Women in Cybersecurity