New Research Report: What are security leaders saying about their security postures? View the Findings ➞

Customer Spotlight: Q&A with Leslie Picht, Global CIRT Manager, Jabil

THE CUSTOMER

Leslie Picht
Leslie Picht | Jabil

A former Air Force pilot, Leslie Picht was in the military for twenty years before retiring and starting a new career in project management at Jabil Inc, a Fortune 500 global manufacturing services company. She discovered cybersecurity shortly after, eventually taking her down a self-directed path that lead to her current role as Manager of Jabil’s Global Cybersecurity Incident Response Team (CIRT).

In the third edition of our Customer Spotlight series, we learn more about Leslie’s journey and why soft skills aren’t soft… but critical.

THE JOURNEY

Talk to us about your transition from Project Management to Cybersecurity – why the change and what sparked your interest?

When I was in the military, my job was to make life harder for the enemy. Every day I went to work, I knew my engagement mattered. From the project management side, it was a little more difficult for me to feel that connection to my mission. I felt like I was trying to grow a seedling…staring at it every day to see if it was taller. So then I just basically tried to find a place that engaged my passion to hunt the enemy.

One day I was sitting in a local project management chapter meeting and heard someone speaking about cybersecurity. It was like a calling and I knew I’d found my new battlespace.

Without any prior experience in cybersecurity, did you feel like you were starting from scratch or how did you break in?

It was straight up research and hard work.

I have gone through four major career transitions – not just job changes, but totally different industries. It really is about your drive to re-make yourself at any point in life, if you choose. My intrinsic personality allowed me to push forward and do those things. What ensures success is having a long-term vision, being able to set the interim goals, and then executing on the details.

​So that’s getting in, what about the skills you need to be successful? From your perspective, what are some of the most important skillsets needed in cybersecurity?

Some call these soft skills, but I refer to them as critical, because “soft” makes it seem like you can go without them.

  1. Communication: both verbal and written
  2. Relationship building, specifically when you don’t need anything
  3. A teacher’s disposition – the ability to educate without belittling someone

Communication: both verbal and written

You have to know how to tell a compelling story. I think we sometimes get wrapped up in the technical speak thinking someone will just nod their head and do whatever we want them to, but it doesn’t work that way in the business world… if your story is terrible or I don’t understand it, the answer is “No,” or “I don’t trust you” or it’s just a much harder sell.

You can be smart and understand how to do things technically, but you’ve reached a whole new level of influence when you can communicate with someone who doesn’t understand the technical but still get them to understand why something is important or why the change needs to happen.

We’re taught in school how to handle technical problems and how to solve those technical problems, but we don’t do a great job wrapping things up in the “marketing.” I was very blessed with several senior leaders in the military who helped me hone in on my ability to write…looking back on my career, its been one of the most valuable skills I learned because everything in life is marketing.

Yes I was able to write myself into some competitive positions, but there were many occasions where my writing skills earned my squadron an award or someone a promotion. So that’s why I really like writing and feel it’s a critical element of effective communication.

Relationship building, specifically when you don’t need anything

It’s important to engage other teams when you don’t need anything. Or even better: build the relationship when you have something in your hand to give them… If you talk to somebody every time your hand is out, they’re just going to be sorry to see you coming and happier to see you go. If you can build something or show them something useful, you show them value and you are now closer to advancing your security initiatives.

Otherwise, they’ll think you’re like the IRS always needing something when you walk in the door when you really just want to help.

A teacher’s disposition – the ability to educate without belittling someone

With things like social engineering, phishing or other IT hygiene issues, the softest spot is the user so it’s critical that we make every opportunity we have to engage with someone, a teaching opportunity. Also, everyone in the company must be comfortable coming to our team to ask for help, to report an incident, to report a risk or gap…if we take pride in talking over someone’s head or if we are the ones intimidating our own people, we’ll never make progress in cybersecurity.

THE WISDOM

What’s something you learned in your career that would be helpful for other leaders to know?

I learned this early on, but having an open discussion about your failures can be just as valuable as sharing stories about what you did right.

We are afraid to tell our mistakes or our goof-ups, but it’s not helpful for people to see where you are now and be awestruck. It’s much more powerful for them to know that a winding, struggling path is normal. And that you can get to this point, if you’re willing to put in the hard work.

What advice can you offer to someone who’s nervous about taking a leap of faith to get to the next step in their career?

Confidence comes from competence. So, the question really is, how do you build your competence? The fastest path to that, is simple: commit to teach. It’s a whole different ballgame and a level of commitment to teach something as opposed to just learning for your own personal education. Because now, you have to present it in a way that forces you to put yourself in someone else’s shoes. If you can teach it, then you know it.

But, don’t kill your passion for something by demanding painful perfection of yourself…you could lose the love of a job because you’re trying to be too perfect or failing to recognize that you’re just doing too much.

Leslie Picht Quote

Thanks Leslie, for these powerful insights!

More Articles

Customer Spotlight: 3 Things We Learned from a CIO’s Career Path to Leadership

Diana Bittle is the CIO for American Fidelity, where she’s spent the past 22 years building a career in technology. After hearing about her path to leadership, we were inspired to share 3 key takeaways that forged her success. This is the first in our Customer Spotlight series where we share insights and lessons learned […]

Customer Spotlight: Q&A with Hayley Bly, Manager of Cybersecurity Threat Defense Operations, Nielsen

Welcome to the second edition of our Customer Spotlight series, where we share insights and lessons learned from security leaders. Next up is Hayley Bly, Manager of Cybersecurity Threat Defense Operations at Nielsen. If you would have asked teenage Hayley where she’d end up after gradation, she probably would have told you “medical school.” As […]

3 Signs It’s Time to Rethink Your Security Operations Strategy

Today, the security industry is over-saturated with technologies and tools. While many enterprises have established or are setting a foundation for their security operations with Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR), there are countless point solutions arising to extend them, from SOAR to CASB, UEBA and more. Although each […]