“Work That Matters” is a series in which ECS experts discuss their roles and responsibilities and the larger impact they have in the workplace, community, and world. In this installment, we interview Joanna Dempsey, Director of Cyber at ECS. Joanna currently serves as Program Manager of the DHS Continuous Diagnostics and Mitigation (CDM) Dashboard Ecosystem, working to enhance cybersecurity posture and situational awareness across the federal government.
DIRECTOR OF CYBER
Joanna Dempsey has spent her career in information technology, but it wasn’t until going back to school for her M.B.A. that she became interested in IT security. While most of her classmates were cybersecurity professionals seeking business and management skills, she was just the opposite—a program manager who had studied business as an undergraduate and wanted to improve her technical acumen. Shortly after graduation, Joanna began working on the Continuous Diagnostics and Mitigation (CDM) Program, diving headfirst into cybersecurity and never looking back.
Q: You were a business analyst who went back to school in order to move into a more technical space—what were the challenges of that transition?
A: I’ve worked closely with engineers throughout my career, which I love because I’m always learning new things. However, the challenge of working in a technical space is that I’ve also often felt like I’m trying to solve a puzzle without understanding the complete picture. I’m constantly taking notes and Googling when I get back to my desk, and I’ve had more than my fair share of whiteboard educational sessions with my more technical peers. While I used to feel that my business background was a weakness in a technical field, I’ve learned over time that my ability to offer a different perspective on how to approach challenges is a strength.
Going back to school was an opportunity for me to continue leaning into the business aspects I enjoy, while pushing myself to better comprehend IT and cybersecurity. The biggest challenge of going back to school while working full time was having my first child halfway through the program. A week after he was born, I had to attend an all-day class and make a presentation. I remember thinking, if I can do this, I can do anything work throws my way!
Q: After graduating, how did you put your new degree to use?
A: My M.B.A. in Information Security Management enabled me to immediately apply everything I was learning to my job, which was very rewarding. After graduation, I applied for a rotation program within my company at the time. It was a very competitive job with a tough application, including a strategic plan for a mock business and a presentation to company leadership. Because I’d spent the past few years doing similar work in school, it didn’t seem like such a heavy lift.
After that, I spent a year and a half in Strategy, which offered me a completely different perspective and understanding of how businesses function, but it also helped me better understand my own professional aspirations and preferences. I missed working directly with customers and managing a team—I even missed working closely with engineers! So, after my second baby was born, I volunteered to take on the Continuous Diagnostics and Mitigation (CDM) program. It sounds strange, but having kids has actually propelled me forward in my career. It forces me to be efficient and strategic with my time, and it’s motivated me to make the most of the time I spend outside of the house.
Q: Tell me about working on the CDM Dashboard Ecosystem.
A: The CDM Dashboard Ecosystem is a cybersecurity tool that provides real-time cyber situational awareness to the Department of Homeland Security, as well as federal civilian agencies. As a program, it is still in its infancy. Right now, we’re focused on asset management—aggregating and visualizing data on all devices, including vulnerability, software, and configuration status. When you put these together, you have a pretty complete picture of the security state of any particular asset. DHS uses an algorithm to score individual assets based on these criteria, which allows the leadership of an agency to aggregate that score up to an organizational level.
Because there are so many stakeholders—DHS, other agencies, integrators—no single entity owns the ultimate outcome of the CDM mission. Everyone works together, which can be frustrating, but also creates the opportunity for a tremendous amount of learning. You are constantly talking to different people to understand how they are solving their piece of the puzzle. For me, that’s one of the best parts of the job.
Q: What’s next for you at ECS?
A: The next step up for me would be overseeing and growing a portfolio of multiple programs. It’s a challenge I look forward to, though I enjoy the opportunity to get into the weeds, which becomes more difficult to do as your span of control broadens. That said, one of the things I love about ECS is that leaders have more control over how they spend their time than I’ve seen at other places.
There are some very effective leaders at ECS who work very differently from one another, and yet, the outcomes are similar and positive. I like knowing that if I choose to move up, I’ll have the freedom to do things in a way that works for me and for the business. ECS is a very encouraging and inclusive place to work–I feel like my career is mine to shape, and the company will support me. I find that very empowering and motivating.