Hello everyone,
I’m happy to announce that today I’m introducing you to someone who will play a key leadership role in driving strong cyber security fundamentals and features across all of our products: please say hello to our new Chief Security Officer, Martin Lemay!
I recently had the chance to chat with Martin to learn a little more about his experience, his role here at Devolutions and his interests. Here’s a snapshot of our conversation:
Can you tell me a bit about your background?
The first five years of my career I worked as an IT and Security Trainer for a private college in Montreal, and then as a Project Manager and Technical Coordinator for an independent telecommunications company. While working full-time, I was showing up at local security conferences, competing in Capture The Flag events, and chaining multiple industry-leading security and telecom certifications.
My interest in security was pushed to the next level when I was hired as an Information Security Analyst with a specialization in Penetration Testing at a leading security firm. For nearly four years, I performed extensive intrusion testing activities in the banking, financial, insurance, telecom, energy, transport, airline, e-commerce, retail, engineering, and healthcare industries.
On top of that, I spoke at various local security events and schools, published blog posts on newly-discovered vulnerabilities, contributed to a few open source security projects, and provided my internal colleagues with security training.
What would you say is your biggest achievement?
Well, let me start at the other end: my previous career in mechanics and electronics did not work well for me. Actually, I hated it. At the age of 25, I woke up and decided to go all-in and enroll in an IT and Security program. Honestly, I didn’t know how I would pay my bills, but at that point I was willing to risk everything.
I am happy say that it was a beautiful life challenge. Yes, for about a year, life was very difficult. But I completed the program and started a new career that became a passion and a lifestyle. I learned so much during this time about the power and value of sacrifice, dedication and commitment. I am very proud of this achievement and hope it can inspire other people. Remember: it is never too late to go back to school!
What was it about Devolutions that made you want to work here?
I had grown too comfortable with my technical skills, and I had the feeling I was not achieving my full potential. So, I was looking for the next challenge. That’s when Devolutions’ CEO David Hervieux offered me the opportunity to leverage my experience in a strategic position where I could make a real difference. Devolutions is a fast-growing business where security is not only about mitigating corporate risks. Our products provide solutions to security and operational problems that our customers face every day. That is why I wanted to work here.
What would you say are your top three strengths at work?
First, I learn fast. I adapt easily to new environments and technologies, which is a key skill when considering the evolution of information security.
Second, I care. This may seem odd, but I’ve met many people that do not care about the output of their work. Caring about what you do is the best way to get noticed and be appreciated by your colleagues, peers and customers.
Third, I share. I love to coach for people who are willing to learn something new. I do not hoard information or keep secrets to protect my position. I believe that the stronger we are as a team, the better we are at handling complex challenges and delivering legitimate value in our daily work.
What tasks do you carry out in your job, and what are some of the tools you use?
My overall responsibility is to align our security initiatives with our business vision, mission and requirements. My tasks include, but are not limited to, interviewing business unit owners to understand their requirements; maintaining and validating security requirements for legal, regulatory and compliancy obligations; overseeing potential threats; assessing security risks; promoting security and user awareness; developing security politics and strategies; documenting security controls for internal and external stakeholders; and assigning and monitoring security programs.
My tools are quite different from other business units. I mainly use globally accepted and recognized frameworks, standards and best practices to align business goals with security. It helps to cover the business end-to-end, in and out. To me, they are like a hammer or a drill.
What is your impression of working here?
From my point of view, the very first impression you get when working at Devolutions is the very favorable work atmosphere that promotes collaboration, respect and kindness. People here are happy to be part of the solution.
What goals would you like to achieve at Devolutions?
My primary goal would be to put in place a full end-to-end security practice that would be accepted and promoted by our employees and senior management. I want our security practices to be part of the culture, not some sort of authority that states how things should or should not run. I also want that culture to come from our customers and maintain a trust relationship regarding security topics.
On a personal note, what are some of your hobbies and interests?
Does watching Walking Dead episodes count as a hobby? Joking aside, I have very few hobbies outside work, because for me security is a very broad domain in which I am always happy to learn new concepts. However, I do like to try new restaurants, have a good scotch every now and then, and enjoy picnics with the kids. Perhaps my new teammates here will initiate me to new activities. Who knows!
Please share a few words with our community of IT pros:
We are “In the Trenches” with you. I am truly happy to be part of a great team where security is our prime concern, and I will do all I can to push forward our security initiatives to the benefit of your enterprise through our products and services.