Security Engineer Tim: "Here I can keep on learning endlessly"
"A login from Moscow in the middle of the night. That's suspicious. Or 10 consecutive login attempts in 10 seconds - also dodgy." Enthusiastically, Tim Groothuis talks about his role as Security Engineer. He works with colleagues on a system that secures Rabobank digitally. "An analytical mind is essential in this profession. You have to want to solve the puzzle."
Tim graduated as a dental hygienist. Not a typical career for an engineer, then. “Yes, it’s totally different from IT. I liked it, but I soon found out that as a dental hygienist you don’t have many opportunities for career advancement. Another 60 years doing the same thing didn’t appeal to me. So I started looking for a field in which I could actually develop.” Tim explains that the world of IT had always interested him, so it felt like a logical choice for him to make that step. And successfully so. “I have only been working for a few years, but have already had the opportunity to take many courses and training sessions at Rabobank. There is so much to discover. In this field, I can continue to learn all my life.”
SIEM: Security Information and Event Manager
“What I do now is more difficult to explain than a job of a dental hygienist. Within Rabobank, I work on our SIEM: the Security Information and Event Manager, basically a container of data filled with logs and events. These include log-in attempts by colleagues, for example, or activity on our systems. We monitor and analyse that data, in order to track and prevent notable actions.”
“I’m on the SIEM platform team. Basically, we make sure that the SIEM is available, and we are also responsible for further development. The work is incredibly diverse, which appeals to me. We arrange access management, server deployment, decommissioning, we write our own processes, deploy applications, come up with fun scripts to automate…” Tim pauses to think: what other work do they do? “I think this is only 10% of the work done over the past year. Everyone on the team has a speciality. I myself specialise in cloud engineering, while others know more about our on-premise SIEM.”
Why did you specialise in cloud engineering? “In the cloud, you have the fun of infrastructure as a code, you can scale much better and make things pliable at the push of a button. That malleability, I love that. We are currently working on moving from an on-premise SIEM to a cloud SIEM. That is a process of years, for which we are building all kinds of bridges. All the data has to go to the cloud in a good and secure way.”
Train your analytical skills as a Security Engineer
When asked what trait comes in handy in his work, Tim does not have to think for long. “An analytical mind is indispensable. You need to have an eye for detail and for the bigger picture. Looking ahead, weighing up all the options and choosing the best solution. Often you have a problem for which there are more than 10 solutions.” How do you learn that, analytical thinking? “I think it’s largely part of you,” Tim replies, “but you can train it by using it more often.”
Tim also trains his analytical skills outside work, namely with bouldering. A climbing sport (“without ropes!”) where you try to complete a specific route on climbing walls of about 4 metres. “Bouldering is a kind of puzzle that you solve with technique, strength and thinking. On the ground, you decide the strategy. Because if you hang there and then you still have to think…. you will be way too late.”
‘Leave that suit at home’
Besides analytical ability, good communication skills are indispensable, says Tim. “Communicating well is incredibly important in collaboration. Because no matter how good you are, you can never do everything yourself. You are always dependent on your own team and other teams within the bank. And then it’s helpful that you can explain your plan well and why you chose a solution. It is only then that you make progress together.”
“My team is very international. Everyone lives in the Netherlands, but the colleagues come from all over the world. India, Pakistan, Turkey. The working language is English, which you have to be able to speak well. My direct team consists of 12 people and in the Security Engineering department we have around 30 colleagues. Our way of communicating is informal. When I came for my application in a suit, the manager said: ‘leave that suit at home in future’. That appealed to me immediately.”
“With my manager, I regularly talk about my development. Officially, I am still working as a trainee through Calco. A contracting firm in IT. Early next year I’ll complete that and I’m sure I want to keep working at Rabobank. The work is incredibly interesting and challenging, the atmosphere is good and the development opportunities are endless.”
And the next step? “I think it would be interesting to move more towards Security Operations. Or Solution Architecture. For the first, I need to get better at data manipulation and learn more about KQL (Kusto Query Language). And for Solution Architecture, there are also all kinds of courses to follow. Now, for instance, I am working on the Microsoft certificate for Cyber Security Architect. Eventually, I would like to work as a manager in IT. In that position, I think it would be nice to supervise other colleagues. My advice: don’t set any limits to your development. At Rabobank, everything is negotiable.”
“I follow a lot of training courses, sometimes also with pleasure in my spare time. Therefore, I do have to watch out for myself that I am not sitting behind a screen non-stop. Fortunately, the bouldering hall is near me! Being away from a computer for a while allows me to look at my work with fresh eyes again.”