I graduated from Halmstad University where I studied IT Forensics and Information Security. Since then I have been working as a Test Consultant at different employers in the Gothenburg region before joining Zacco.
Joakim: -Now we are both part of the Secure Development team in Sweden West. Robert is more a hands-on developer with security elements and I have a clearer security architect role.
Robert: -But there are no strict borders and to an outsider, our jobs might look pretty similar.
Joakim: -We have both had assignments at the same client, Toyota Material Handling, for about a year, but now I have a different assignment, this timeam at CEVT. There Here, I am predominantly a Security Architect, but I get to do other tasks as well, like penetration testing. The product I am working on is obviously the advanced connected car that CEVT develops for the European market and the security issues that might arise from it. Cloud-based services like car- sharing must be safe to use and shielded from e.g. theft attempts.
Robert: – My work is somewhat similar, but also different, as . It differs in that I have more focus on the development part. I am still working at Toyota Material Handling, a big player when it comes to autonomous forklifts. Currently I work with the commissioning at one of their clients. This particular client has a very large and complex installation with many forklifts and expected uptime close to 24/7 365. We are? currently in the ramping up phase, ironing out performance issues and applying optimizations. Our projects usually start out with the team defining the requirements, then we build a system and we add more and more components, in this case orders and forklifts. Automation is an interesting and rapidly growing field. The other part of my assignment covers security aspects of the system we develop. Occasionally, Joakim and I have held one-day workshops on security awareness with various customers in Sweden. They have been well received so far and are a fun thing to do.
HOW DO YOU STAY IN TOUCH WITH YOUR TEAM?
Joakim: – We tend to be at the Zacco office on Fridays, not necessarily all day, and most of the colleagues from the Secure Development team try to do so. Of course, it depends on the agreement you have with your client. This keeps us connected in a way that many other IT consultancies do not experience. It is rather common to have long-term assignments at clients and not to meet your team except for educational workshops or the like.
Robert: – I have had colleagues at other consultancies that would not meet their manager more than once a year. But we try to stay in touch at least once a week and from time to time we have educations on different topics and combine them with team activities.
HOW DO YOU INTERACT WITH COLLEAGUES FROM OTHER BUSINESS LINES?
Robert: – On some occasions, I have picked up discussions and open questions at the client’s where I could introduce and set up meetings with colleagues from e.g. the patent business. Also, I have come across issues where you need to check the legal implications. In security, the legal framework is very important, you have to make sure that you comply with it. The more we learn about the IP business the more we see direct opportunities to collaborate across business lines.
COULD YOU SWITCH TASKS WITH EACH OTHER?
Robert: – My core expertise lies within development, I have many years of work experience in the field and I am learning more about security every day. Joakim could easily take over my security work any day …
Joakim: … but not the development part. So, our overlap lies within security architectures, but we are specialists up to some point.
HOW DO YOU KEEP UP WITH THE DEVELOPMENT IN YOUR FIELD? WHAT WOULD YOU LIKE TO LEARN NEXT?
Robert: – I would not say that I am done with developing, but I am happy that I got new opportunities here at Zacco. Lately, I have been switching over to security and I am studying for my CISSP, an established security certificate. I also listen to podcasts and discuss related topics with my colleagues.
Joakim: – I listen to many podcasts as well and I read a lot to keep myself updated. I already have the information security certification, but I might want to go for a course with a focus on the more technical fields of security. In general, we have a plan to spread knowledge internally within Zacco and to learn more from each other.