Professional development

The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson

Patrick Mallory
March 24, 2023 by
Patrick Mallory

In many ways, InfoSec scholarship recipient Amy Bonus’s career embodies the cybersecurity industry itself: brilliant, adaptable and ever-evolving. With roots in finance and FinTech (Financial Technology), Amy refers to her transition into cybersecurity as Career 4.0. And she’s tackling her new role with energy and enthusiasm. But before we discuss her current work, we need to go back to the beginning of Amy’s career journey to understand what brought her here. 

After working as a journalist and then as an English teacher in South Korea, Amy found a job in FinTech doing business analysis and product ownership. It was here in Career 3.0 that Amy first began to “notice first-hand how unsecure and dangerous data can be in the wrong hands.” Amy’s interest in information security grew when she took a cybersecurity class as part of her MBA program. 

These days, she’s working at a big four consulting firm in a brand new department called cyber workforce solutions. Amy’s new role involves the “human” side of cybersecurity. “How do I distill [information security] for various audiences? Whether it’s a C-suite that needs to understand privacy 101 or just the floor worker. The frontline worker that’s part of a supply chain needs to understand the privacy aspects of their job. So how do you explain that to [staff at] different levels in a way that they can understand.”

Amy is now looking to bring her cybersecurity career to the next level with a Masters in Cybersecurity Operations and Leadership.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Embracing continuous learning and “the want to change” 

Headshot image of Infosec Scholarship recipient Amy BonusAccording to Amy, the ability to quickly adapt to change is the key to success in the cybersecurity field. She originally found this valuable nugget of advice in her favorite cybersecurity book. “One of the biggest skills they mentioned in the book was the want to change. And they want to continually learn, with a continually changing field.” Amy continues: “There's always going to be a challenge. There's always going to be something new. And for someone who considers herself a lifelong learner, that definitely appealed to me.” In fact, traits like adaptability, curiosity and inquisitiveness are rated as some of the most in-demand soft skills in the industry, according to a recent cybersecurity talent report

Embracing change also means welcoming new perspectives into the field. Amy likes to get involved with groups and conferences that embrace the intersection of technology and diversity, like Lesbians Who Tech and Reaching Out MBA (ROMBA). She also had the privilege to be interviewed for a local Asian-American LGBTQ+ group living history project. Amy hopes to be part of a movement to bring diversity and equity into cybersecurity. “Equity means leveling the playing field, and I hope to be part of the movement that can help level the cybersecurity playing field. My experiences thus far have been unique, and with this scholarship, I can be part of the next generation of cybersecurity professionals to come – those who offer unique backgrounds, perspectives, and stories of their own.”

The cybersecurity industry could also benefit from welcoming career changers and professionals who haven’t taken the traditional route into the field. “Especially [with] the great resignation time we're in, I think it's super important to embrace those opinions we just spoke about. Embrace the different perspectives that people come in the door with; that is not necessarily a traditional path.” And for people looking to make a possible career pivot into cybersecurity, Amy recommends embracing what sets you apart instead of feeling apprehensive or insecure about it. Her personal mantra is: “I'm going to own this part of myself. And in future interviews, I'm just going to own that story that I have.”

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

A bright future for Career 4.0

While Amy is happy with her current role, she’s also looking ahead and planning out where her cybersecurity career will take her. With her unique educational blend of business management and cybersecurity, she’s taking aim at a management role. “Someday, I would like to move into a security manager or privacy manager role. Somewhere I can manage people within the security team and see things at a high level.” Although she’s flexible about the exact job title, she knows exactly what she wants to be doing day-to-day in that role. “I don't know if it necessarily has a title. But I want to say that no matter what, the common thread throughout all of my careers in career 4.0 or whatnot has been being able to actively listen to people and solve problems.”

For having helped her arrive where she is today and supporting her well into the future, Amy looks to her mentors. These are professors she met in her MBA program and continues to stay in touch with. When searching for a mentor, Amy thinks it’s important to find one who can closely relate to your own professional outlook and experiences. For her, that means “they don't really fit inside the stereotypical box.” It’s also essential that they’re capable of “meeting you as a colleague, as a peer. Rather than just somebody who knows everything.” By finding a mentor who is both down-to-earth and relatable, you can feel confident that they truly understand your goals, challenges, and how to help you overcome them. 



5 soft skills needed in Cybersecurity, Hays

Patrick Mallory
Patrick Mallory

Patrick’s background includes cyber risk services consulting experience with Deloitte Consulting and time as an Assistant IT Director for the City of Raleigh. Patrick also has earned the OSCP, CISSP, CISM, and Security+ certifications, holds Master's Degrees in Information Security and Public Management from Carnegie Mellon University, and assists with graduate level teaching in an information security program.

Patrick enjoys staying on top of the latest in IT and cybersecurity news and sharing these updates to help others reach their business and public service goals.