In the early 2000s, studying Computer Science and Engineering was a hotcake field; everyone wanted to study it in Bangladesh. Only those who are truly passionate about IT stayed on this journey, and the rest left. Fortunately, I am one of those who has continued.
When I started my career as an IT officer at a financial institution, small digital transformations were going on. Companies were moving from manual paper-based work to module-based software development. Furthering this automation was a challenge, and I was enjoying the component development in areas such as payroll and accounting systems, as well as other applications. After a few years, when all modules were running smoothly, we thought, “Mission accomplished.” I was planning to relax at that time when I came upon the concept of centralization. So, we began work on a development integrated solution. Centralized infrastructure also developed during that period, and the company decided to move from a separate IT team to a role-based team in areas such as development and infrastructure. I had to choose a role, and I decided to become part of infrastructure and security. In infrastructure, hardware and the network were small parts of the equation. The largest part was compliance, governance and policymaking, so I needed new education.
In 2010, I became a member of ISACA. I started learning governance because at that time I was playing the role of the bridge between management and IT. It was so challenging to develop a governance framework and align the company’s vision and IT. COBIT 5 gave me the path to walk, and when we started facing IT audits, resources related to the CISA certification also were helpful.
After working many years in infrastructure security, I decided to shift my career on a broader scale, and I joined National CERT as an IT risk analyst. Here, the challenges are not fixed to a particular pattern because I work with different Critical Information Infrastructure (CIIs) that help me go deep inside IT security. Understanding security and risk management for all stakeholders is a must; consequently, I started learning CRISC and CISM to use proper terms and functions in my workflow. Once I successfully used my ISACA knowledge in my practical work, I decided to take the examinations, and gradually became CRISC and CISM-certified.
Nowadays, IT professionals are actively working with AI, IoT, data science, blockchain and cloud computing. IT is continuously surprising us, and COVID-19 might necessitate new IT technology and procedures. My career in IT has been fascinating and enjoyable. I’m glad I stuck around!