Josh Hamit: A security career full of hustle and humility

Whether you are just beginning your cybersecurity career or, like 2021 Infosec Hall of Fame Inductee Josh Hamit, you are the CIO of a multi-million dollar credit union, you have one thing in common: a passion for keeping the mission of your organization secure in the face of ever-growing cyber threats.

Like many cybersecurity professionals, Hamit began his career in the most junior IT positions, working his way up through the ranks. He surmounted hurdles, grew from mentors and now shepherds his organization through some of the most dramatic market forces in years as a chief information officer. 

While others could be tired from the journey or jaded from the daily challenges, Hamit still finds time to give back, mentor, learn and look forward to the next day's work. It's for all of these reasons — and more — that we are excited to name Hamit one of the newest members of the Infosec Hall of Fame.

Hamit's career path

"The pivotal moment for me was around 2014 when I was promoted from a division VP position in IT, to head of information security at the corporate level for a global educator." Hamit recounts. "It was right around the same time I passed the CISSP exam, which not only gave me more credibility in my new role but also increased my confidence to take on an elevated leadership position."

It was the first of what Hamit calls his "sink or swim'' moments in his career, where he was pushed beyond his comfort zone. Fortunately, Hamit knew that he did not have to take this leap alone; besides taking the Infosec CISSP Bootcamp, he participated in three more (CCSP,CRISC and CISM), all of which prepared him for the trials of more senior security positions.

"I'm a product of the training I received through Infosec, which helped kickstart my career in information security."

After performing well in this role and proudly serving as a liaison between the technical and the operational, Hamit was recruited to become the CIO of his current organization, Altra Federal Credit Union. In this role, Hamit continues to build on his formal training and professional experience, embodying what it means to be a business enabler.

A day in the life of a CIO

"As CIO I have accountability for both technology and security, but my background ensures that security is always factored in and prioritized," notes Hamit. "When I came on board in 2016, we quickly established a set of metrics that we report up to the board and senior management to really keep them updated as far as how we're doing from a security program perspective."

In addition to regularly updating the other senior executives on where his organization has a risk to their revenue or reputation, Hamit is also responsible for building collaboration between business, IT and security together for a common purpose and building strong security cultures.

"I've found the best results come from taking a pragmatic solution-oriented approach to security, and that's one of the key things I've tried to continuously improve upon and emphasize throughout my career."

Hamit prides himself on being a consensus builder that can find common ground between the realities of cybersecurity and the business to get things done. Whether it is a digital transformation or an operational change, Hamit regularly uses his experience to translate very technical things into terms that the business can understand.

Experiences with mentorship and leadership

In addition to on-the-job training and his Infosec boot camps, Hamit also has a lot of gratitude for the mentors that showed him the ropes early in his career.

"When I got into security, I was very fortunate to have some very, very experienced individuals take me under their wings and give me a lot of good advice," Hamit recalls. "I know that they were pivotal to me getting comfortable in my position and help me to understand the right way to communicate things to the business."

Now, as a CIO and experienced cybersecurity professional, Hamit gives back to the tight-knit security community, participating in mentorship programs, speaking at security conferences, sharing advice with students and other aspiring security professionals and becoming an active contributor in professional publications.

Looking ahead

After reaching such a pivotal role as a CIO, Hamit is often asked what's next for him and his career. As a consummate cybersecurity professional, the answer for Hamit is relatively straightforward.

"The truth is for me is that technology and cybersecurity are what I'm passionate about," he says. "That's what I love to do. When I get up every day, that's what I enjoy doing." 

While he "never wants to say never" about a new opportunity in a new field, as it stands today, technology and cybersecurity are what Hamit refers to as the "fabric" of his professional life, one that is constantly challenging him with something new.

"It's a profession that doesn't allow you to be complacent, and I guess that's what I love about it. I'm never bored. I'm never looking for more things to do."