Working in cybersecurity doesn’t just mean working with clients to prevent or recover from cyber-attacks like ransomware or network compromise.

It also means working in a booming industry that constantly evolves and carrying out a job that is rewarding, challenging, exciting, and innovative.

Careers within cybersecurity offer competitive pay, job security, and endless opportunities. It also empowers employees to make decisions, communicate with others, work together to achieve one common goal, and share industry-related knowledge with those around them.

If you’ve ever wondered what a day in the life of a cybersecurity professional is like, look no further. We sat down with five SBS CyberSecurity employees to find out what motivates them daily.
 

Frank Hulscher
IT Auditor

Education:
Bachelor of Science in Biology from the University of South Dakota

What particular life moment sparked your interest in your position/career?
In ninth grade, we had to write a 10-page research paper about a dream job for our final project in English class. At the time, I wanted to be a computer programmer. Even though I am not a computer programmer today, I always knew I wanted to be in the IT/cybersecurity industry from a young age.

What’s the best piece of advice you’d give to someone interested in pursuing your career?
Get started! There is a high demand for cybersecurity professionals, so get started and ask a lot of questions. Try different flavors of cybersecurity, whether it’s auditing, network security, etc. Don’t get hung up on experience/certifications/degrees, etc. If you have an interest, get started, even if you have to start at the bottom.

Briefly describe the path that led you to SBS:
A family member mentioned SBS and thought I’d be a good fit for the company, so I applied am still here seven years later. It’s a short path but one I’m very grateful for.

Describe your day-to-day responsibilities:
Each day starts with a long walk down to my home office, where I get my daily dose of cyber news from various sources. If it is a Monday, I typically spend the entire day going through a lot of documentation. Tuesday-Thursday, I am in meetings discussing important topics with our clients. Friday, we are having a final meeting to discuss the improvements we (SBS) suggest. Throughout the week I get to chat and ask questions of our experts in the audit department and throughout our company. It truly is a constant conversation of cybersecurity in my day-to-day life.

What’s one unique thing about your role/field?
We can work from anywhere with an internet connection!

Out of the things that you did to prepare for this job, what prepared you the most for success?
A few things that helped me prepare for my job were finding a mentor in the career I wanted to pursue, asking all the questions – dumb or not, and taking advice even if I didn’t agree with it.

What resources should aspiring cybersecurity professionals take advantage of?
Udemy.com / TryHackMe.com / AWS/Azure trainings, as well as all the available podcasts. My favorite is DarkNet Diaries, a lot of juicy topics!

What’s the best part about working for SBS?
Helping our clients with their cybersecurity needs. In a close second, the flexibility of working remotely.

Do you hold any certifications? If so, what are they?

• CompTIA Security+
• Certified Banking Security Manager (CBSM)
• Certified Banking Ethical Hacker (CBEH)
• Certified Banking Security Technology Professional (CBSTP)

Terry Kuxhaus
Senior Information Security Consultant

Education:
Bachelor of Science in Technology/Electronics from Black Hills State University

What particular life moment sparked your interest in your position/career?
I don’t have a specific moment, but I guess you could say the opportunity presented itself and I took it. Early in my career, 20+ years ago, I worked for the state government in a computer technician role. I got to know several other employees on the IT security team, and I was intrigued by the stories they shared. A position within the security department opened so I applied and was offered the role. That was what I would consider the moment that changed my career path.

What’s the best piece of advice you’d give to someone interested in pursuing your career?
Information security-related careers are in high demand for good reason. There is a wide range of career paths that can be taken within this realm and the opportunities are endless. Within the consulting role specifically, it is rewarding to realize I am helping others secure their data and infrastructure.

Briefly describe the path that led you to SBS:
I met SBS through a mutual connection. I was impressed with the SBS team and the quality of services that were provided. I had the opportunity to get to know several of the team members from SBS and decided I wanted to be part of that team.

Describe your day-to-day responsibilities:
As an information security consultant, I work with clients to build and manage their information security programs. This includes performing various risk assessments, security awareness training, emergency preparedness planning and testing, drafting policies, providing guidance on implementing appropriate controls to protect data and infrastructure, vendor management, audit and exam preparation, along with many other tasks.

What’s one unique thing about your role/field?
I work with many different organizations and contacts, which can be challenging, but establishing these relationships and connections keeps things interesting.

Out of the things that you did to prepare for this job, what prepared you the most for success?
20+ years of work experience have provided me with the best preparation for my consulting role.

What resources should aspiring cybersecurity professionals take advantage of?
Get an education and pursue certifications, make connections with others as they are invaluable, and stay current with trends and current events in cyber security.

What’s the best part about working for SBS?
The family first environment with the flexibility to control our work schedule.

Do you hold any certifications? If so, what are they?

• Certified Information Systems Security Professional (CISSP)
• Certified Bank Security Technology Professional (CBSTP)
• Certified Community Bank Technology Officer (CCBTO)
• Certified Bank Security Manager (CBSM)
• Graduate School of Banking – Bank Technology Management

Kelley Hesse
Information Security Consultant, and DFIR Analyst

Education:
Bachelor of Science in Network and Security Administration with a Cyber Forensics minor from Dakota State University

What particular life moment sparked your interest in your position/career?
While I was at Dakota State University pursuing my degree in network and security administration, I spoke to a faculty member and expressed that I was unsure of pursuing my degree. This faculty member encouraged me to take her digital forensics class and, from the very first day, I was fascinated with the subject – even minoring in it.

What’s the best piece of advice you’d give to someone interested in pursuing your career?
The advice I could give to someone interested in pursuing my career is to get comfortable with being uncomfortable. The cybersecurity, information security, digital forensics, and incident response fields are ever-changing. With that, it’s important to remember to always keep evolving and learning right along with them. Take every opportunity you can to learn, even if you think it will be challenging.

Briefly describe the path that led you to SBS:
My path to SBS started unusually. I came to college thinking I would become a teacher and took a scholarship to play basketball at DSU. After taking my first teaching class, I decided that teaching wasn’t for me. So, I spoke with my family and some faculty at DSU and one of them directed me to the STEM route. From there, I took my very first class in the network and security administration field, which I found incredibly interesting. During that time, I was also able to discover my passion for digital forensics.

Throughout my junior year at DSU, I was fortunate enough to intern at SBS CyberSecurity, and I don’t think I could have found a better company even if I tried. By the end of my internship, I knew I wanted to work full-time at SBS. I informed SBS that I wanted to get into the digital forensics realm, and from there, I was introduced to Buzz Hillestad, DFIR team lead. Now, three-and-a-half years later, Buzz and the rest of SBS CyberSecurity have taught me various lessons in the areas of digital forensics, as well as incident response and information security.

Describe your day-to-day responsibilities:
To start the day, I usually catch up on any communications or messages I may have missed throughout the evening/night before. From there, my day is typically filled with consulting client meetings, IT committee meetings, emergency preparedness tabletop assessments, and other work that helps our clients improve their cybersecurity maturity.

However, suppose the DFIR (digital forensics and incident response) team gets word of an incident that could be in the works with which we might be able to assist. In that case, our team immediately springs into action by arranging a meeting with the client, asking what the situation is and how we can help them. If the client is looking for an emergency response, the team will begin to lay out how the week, which may include the weekend, may look for us.

Emergency response cases mean that the team has an all-hands-on-deck focus, and it also means that any tentative plans you may need to be put on the back burner until further notice.

The DFIR team works together to see how we can detect/identify, contain, eradicate, recover, and perform digital forensics. All the while, the team is communicating with the client and each other internally. The process of detecting, containing, eradicating, and recovering can take anywhere from days to weeks. When we get to a point where the incident is 100% eradicated and recovered, the DFIR team then starts on the incident report. The report details what steps and processes were taken throughout the entire incident from start to finish and outlines what methods the DFIR team took and how the client worked with the team.

The report will conclude with how the incident was eradicated and how the client recovered (or is recovering) from the incident, along with any recommendations that need to be made. At this point, emotions have subsided and the DFIR team gets some well-deserved rest. After that, the team goes on to work with the client as needed, but beyond that, we move on to our other work responsibilities.

What’s one unique thing about your role/field?
A unique thing about my role is that I get to work with many different clients and organizations. From little banks in the middle of South Dakota to huge hospitals, I get to help with IT risk assessments, HIPPA risk assessments, and DFIR cases.

Out of the things that you did to prepare for this job, what prepared you the most for success?
My SBS internship and the certifications I took to become more educated prepared me the most for this job. My internship introduced me to the “real world” of network and security administration and information security.

What resources should aspiring cybersecurity professionals take advantage of?
Aspiring cybersecurity professionals should take advantage of webinars and conferences, especially if they are free of charge. Exposing yourself to those resources will open your eyes and may even help you find your “knack” in cybersecurity.

What’s the best part about working for SBS:
The awesome values and leadership.

Do you hold any certifications? If so, what are they?

• Certified Banking Forensics Investigator (CBFI)
• Certified Banking Security Manager (CBSM)
• Certified Banking Security Technology Professional (CBSTP)
• I am also the instructor for the Certified Banking Incident Handler (CBIH) certification for SBS.

Adam Gray
Software Developer

Education:
Bachelor of Engineering, specifically a major in Software Engineering with a minor in Mathematics from the University of Nebraska – Lincoln

What particular life moment sparked your interest in your position/career?
During high school, I took a computer programming class. It was only for one semester, but that got me interested in pursuing a career in programming and software development.

What’s the best piece of advice you’d give to someone interested in pursuing your career?
The best way to grow your programming skills is through experience. Whether it be through internships or personal projects, experience is incredibly valuable for developing technical skills in this field.

Briefly describe the path that led you to SBS:
During my last semester of college, I was applying to various companies. My father is the president at a bank, and he saw in an SBS newsletter that the company was hiring for software development positions and encouraged me to look at the opportunity.

Describe your day-to-day responsibilities:
My focus is working on enhancement requests for the TRAC application, as well as fixing any bugs that show up for users.

What’s one unique thing about your role/field?
There’s a lot that goes into simply planning to make a change in code, whether it be for an enhancement or bug fix. We have various meetings just to estimate how much time a task will take and how much difficulty will be implemented in that code change.

Out of the things that you did to prepare for this job, what prepared you the most for success?
During each of my summer breaks in college, I made sure to apply and work at internships. This gave me a lot of valuable experience, and it’s also a great resume booster.

What resources should aspiring cybersecurity professionals take advantage of?
Internships and certification classes are valuable when applying for cybersecurity positions. They show that you put in effort when trying to learn more about your field.

What’s the best part about working for SBS:
I’ve gotten to know and make friends with a lot of my coworkers here at SBS, even though I’ve been working remotely. My supervisors have taught me a lot, and they give me plenty of opportunities to grow and develop my skills.

Do you hold any certifications? If so, what are they?

• Certified Banking Security Manager (CBSM) 
• Scaled SAFe Agile Certification. Scaled SAFe Agile is the management of programming development in a company.
   

Jon Waldman
Co-founder, Chief People Officer, President SBS Institute and Executive Vice President, IS Consulting SBS CyberSecurity

Education:
B.S. in Computer Information Systems and an M.S. in Information Assurance with an emphasis in Banking and Finance Security; both from Dakota State University (DSU).

What particular life moment sparked your interest in this career?
In 1991 my family bought our first computer. We had a family friend who worked for my grandfather at the time. He helped us pick this computer out and set it up, and I just thought he was a wizard. He knew all these technological things and learning from him opened a whole new world for me. I was fascinated with the computer, whether it was playing video games or just clicking around with Clip Art in Microsoft Word. My interest in technology has only grown from there.

What’s the best piece of advice you would give to anybody interested in pursuing your career? Or starting a business in general?
The first piece of advice would be to never stop learning. Spend time, make time, and take time to learn about what it is that you do and what's going on in your industry. But also make sure that you are taking time to continue investing in yourself. You never want to stop improving, so it’s important to be a continuous learner. Personally, and professionally, it’s going to be the best way to evolve yourself and contribute to your organization as well as help your customers. Continue to invest in yourself.

The second piece of advice is don't be afraid to fail. We all make mistakes, and I probably make more than most. You can view failure as one or two things – a tough situation or an opportunity to do better next time – and if you leverage the latter, then you’re going to feed into that continuous improvement and investment in yourself. Don’t be afraid to fail or make mistakes, but make sure that you pay attention to what those mistakes or failures are teaching you. Some lessons are bigger, some smaller, but overall, they’ll always teach you an important lesson.

Briefly describe the path that led you to SBS:
After my introduction to computers, I got really hooked on technology. When I was looking at going to college, I had some friends that went to Dakota State University (DSU). Since DSU was technology-oriented and I knew people there already, it made perfect sense. So, I came to DSU in '99, and I haven't looked back.

While at DSU, I discovered the need for a business to protect customers or financial institutions from cybersecurity threats. There was a bit of good luck in terms of being in the right place at the right time, with the right people to start the business, as well as a lot of hard work and doing the right thing for everyone involved that has gotten us to where we are today.

Describe your day-to-day responsibilities:
I wear many hats around SBS, so my day-to-day changes quite a bit. On certain days I focus on different areas. So, Thursdays, for example, are Client Services and SBS Institute days. Mondays are usually Consulting days. But every day consists of supporting the folks at SBS and doing what I can to help make sure everybody has the resources they need to succeed, both from a people perspective and products/services perspective. Whether I get to continue learning more about what’s going on in the world of cybersecurity, educate our internal folks and customers, or work on ways to grow this business, every day is a new and exciting challenge.

What’s one unique thing about your role/field? 
I think it's unique for a company our size to have invested as much as we have in our culture and made our culture and our employees our top priority. I'm honored and just thrilled that we decided as a group to highlight and focus on taking care of our employees. We very strongly believe that our people are our most valuable asset here at SBS.

Out of all the things that you did to prepare for this business, what prepared you the most for success?
Well, I'm an eternal optimist at heart, so to me, going all-in on a "startup" was a super easy decision, in terms of the people that we worked with, what the industry looked like, and the need to do what we did all the way back in 2004. I was extremely confident in the business at the start, but I was also at a good place in my life where I was willing to take a chance that SBS would work out.

Another thing we've invested in as a company is our culture and the idea that everyone is a leader here at SBS. Our CEO – Honey Shelton - actually started working with us back in 2017 as a leadership coach and has since then helped us improve our leadership and communication. It was a moment in time where we became more formal about the culture of SBS, and we made a strong commitment to working with and for one another. We worked together with Honey up until the point where she became our CEO, where she continues to help up improve even today.

What resources should aspiring cyber security professionals or bankers take advantage of?
There are so many different resources available out there, but SBS has some tremendous resources on our website and social media for our customers to leverage. There are also so many different sites with great cybersecurity content: Brian Krebs is a great resource, The New York Times, The Washington Post, etc. Find sites that you're interested in, that resonate with you, and subscribe to those email newsletters or cyber security articles from your favorite author.

Do you have any certifications?

• Certified Information Systems Auditor (CISA)
• Certified in Risk & Information Systems Control (CRISC)
• Certified Data Privacy Solutions Engineer (CDPSE)
• In addition to my certificates, I teach a Certified Banking Vendor Management (CBVM) class for SBS. I’ve also taught classes for participants to become a Certified Banking Security Manager (CBSM) and Certified Banking Security Technology Professional (CBSTP).

SBS Resources: 
SBS CyberSecurity has been helping organizations identify and understand cybersecurity risks to make more informed business decisions since 2004. If your organization is looking to better understand your cyber risk; build, maintain, or test your cybersecurity program; and make smarter, more informed cybersecurity business decisions, SBS can help.

• {Education} SBS Institute: Join our growing community of financial service professionals showing their commitment to strong cybersecurity with a cyber-specific certification through the SBS Institute.