top of page

WIL Placement

Welcome to my portfolio! On this page, I will share reflections from my Work Integrated Learning (WIL) placement. These reflections highlight the challenges I faced and the insights I gained while applying my cybersecurity skills and decision-making abilities in real-world situations.

Critical Analysis of WIL Placement at Tesserent Cybersecurity Solutions by Thales

During my Work Integrated Learning (WIL) placement at Tesserent Cybersecurity Solutions by Thales, I served as a Cybersecurity Advisor, conducting cybersecurity gap analyses for non-profit organizations using the Essential 8 framework. My tasks included attending client meetings, industry events, building Statements of Work (SOWs), translating business requirements into technical specifications, and managing project deliverables. I also developed a project proposal that required stakeholder sign-off and wrote weekly meeting summaries after progress meetings. These tasks gave me valuable hands-on experience in cybersecurity consulting and project management.

​

One of the key responsibilities was developing the project proposal and obtaining sign-off from stakeholders. This task presented several challenges, particularly in aligning technical recommendations with business objectives and ensuring stakeholders understood the value of the proposed solutions. Initially, I found it difficult to balance technical aspects with the business context. With guidance from my supervisor, I learned to structure the proposal to highlight business outcomes first, which helped stakeholders see the value in the technical solutions. This experience emphasized the importance of both technical expertise and communication skills, both of which are crucial in the cybersecurity field.

​

I also realized how important it is to adapt my behaviours based on feedback. For example, when explaining technical concepts to non-technical stakeholders, I initially struggled to simplify my explanations. Over time, I adjusted my approach by using relatable analogies, ensuring stakeholders understood both the risks and the proposed solutions. This shift in communication allowed me to connect more effectively with diverse audiences, which is essential for a SOC Analyst role, where clear communication across technical and business teams is critical.

​

Another key task was attending client meetings, where I gained insight into managing sponsor expectations. During these interactions, I translated business requirements into technical terms, which was initially challenging. My focus was often too technical. With continuous practice and feedback, I improved my ability to balance both perspectives, ensuring that solutions met business needs while adhering to cybersecurity best practices. This balance is essential for effective client management, especially in roles like SOC Analyst, where I will need to ensure that technical solutions align with business objectives.

​

Attending cybersecurity industry events allowed me to network with professionals, gain insights into industry trends, and understand key challenges. These connections motivated me to pursue certifications and deepen my knowledge in cloud security and incident response, crucial for SOC Analysts.

​

Participating in weekly progress meetings and writing minute summaries after each meeting was another important responsibility. Initially, my summaries lacked focus on key action points, making them less effective. With feedback, I improved the structure of the summaries by emphasizing critical outcomes and next steps, which enhanced my documentation skills. This experience is particularly relevant to the SOC Analyst role, where accurate documentation of incidents and responses is crucial for maintaining a well-organized security operations centre.

​

In addition to technical tasks, I worked on building my negotiation skills. Engaging with both technical and non-technical stakeholders required me to negotiate timelines and expectations effectively. For example, I often had to adjust the scope of security assessments to fit within the client’s budget. This experience taught me to balance delivering high-quality cybersecurity solutions with practical limitations, a skill that will be invaluable in my future career, particularly when advocating for security measures in resource-constrained environments.

​

My most significant deliverable during the placement was the security gap analysis report, where I applied the Essential 8 framework to assess organizations' security posture. While confident in identifying vulnerabilities, I initially found it difficult to communicate these risks to non-technical clients. I often used technical jargon, which hindered understanding. Over time, I learned to simplify my explanations and use analogies to make complex cybersecurity concepts more accessible. This ensured that clients fully understood the risks and proposed solutions, a skill that will be critical in a SOC Analyst role.

​

Looking forward, I am committed to enhancing both my technical and communication skills. I plan to continue refining how I convey technical concepts to non-technical audiences and expand my expertise in areas like incident response and cloud security, which are increasingly relevant in cybersecurity. Additionally, I aim to gain further vendor certifications to strengthen my technical proficiency and stay updated with industry best practices.

​

This placement provided me with valuable insights into managing cybersecurity projects and client relationships. The skills I developed in creating project proposals, managing deliverables, and delivering cybersecurity reports are directly applicable to my long-term goal of becoming a SOC Analyst. The ability to manage incidents in real-time, communicate effectively with various teams, and ensure security measures align with business goals will be critical in this role. I am confident that the experiences and skills gained during this placement have laid a solid foundation for my future success in the cybersecurity industry.

  Evidence of Technical and Transferable Skills Reflection

During my Work Integrated Learning (WIL) placement at Tesserent Cybersecurity Solutions by Thales, I developed technical and transferable skills aligned with my cybersecurity major and my goal of becoming a SOC Analyst. The placement allowed me to apply cybersecurity knowledge in real-world scenarios while enhancing my communication and negotiation skills, which are essential for effective client management.

​

As a Cybersecurity Advisor, my primary responsibility was conducting cybersecurity gap analyses for non-profit organizations using the Essential 8 framework. This involved assessing organizations' security postures, identifying vulnerabilities, and recommending remediation strategies. Additionally, I participated in team meetings, client presentations, and industry networking events. These experiences allowed me to apply my technical knowledge and further develop communication skills, especially when engaging with non-technical stakeholders.

During the placement, I drew on my academic knowledge of cybersecurity controls, including restricting administrative privileges, regular backups, and multi-factor authentication. My coursework in network security and risk management gave me the theoretical grounding to assess real-world security postures and apply the Essential 8 framework effectively.

​

One of the most important technical skills I applied was conducting cybersecurity gap analyses using the Essential 8 framework. This required a deep understanding of the Essential 8 framework. I evaluated each organization's security, identifying critical vulnerabilities such as a lack of regular backups. I also had to simplify technical findings and present them in a business-relevant format to ensure clients could understand the risks and solutions.

​

In this placement, I built on my existing skills but had to adapt them to the real-world context of working with resource-limited organizations. While I was accustomed to theoretical scenarios in an academic setting, the real-world environment required balancing technical recommendations with the client’s operational and financial constraints. This experience taught me how to adjust my recommendations to ensure the security posture improved without overwhelming the client's capacity—an essential skill for SOC Analysts.

​

On the transferable skills side, communication and negotiation were critical. When explaining the gap analysis to a client unfamiliar with the Essential 8 framework, my initial technical explanation caused confusion. After receiving feedback from my supervisor, I simplified my approach using analogies and focused more on the business impact of the technical findings. This adjustment improved client understanding and strengthened my communication strategy throughout the placement.

I also actively sought feedback from my supervisor on how to further develop my communication and negotiation skills. This feedback helped me refine my ability to explain technical concepts more clearly.

​

By the end of my placement, I had gained proficiency in conducting cyber security gap analyses and presenting technical findings to non-technical audiences. The feedback from both clients and supervisors indicated that my ability to communicate complex ideas had improved significantly. Clients expressed a clearer understanding of their cybersecurity risks after I adjusted my communication style to meet their needs.

Additionally, my negotiation skills were strengthened, as I was able to balance client expectations with project deliverables effectively.

((The security controls I recommended also had a direct impact on the client's security posture. For instance, after addressing outdated patch management and implementing stronger multi-factor authentication policies, one client saw a noticeable reduction in vulnerability to cybersecurity threats, particularly ransomware.))

This placement emphasized the need for adaptability and continuous learning in cybersecurity. I realized that technical expertise alone is insufficient; it must be paired with effective communication and business acumen to drive meaningful change. Seeking feedback from my supervisor on communication and negotiation skills allowed me to refine my approach, especially when explaining technical findings to non-technical stakeholders.

 

I also recognized a need to improve client negotiations, balancing their operational needs with essential cybersecurity measures. By incorporating feedback and refining my approach, I enhanced both my technical and transferable skills.

 

Looking ahead, I plan to continue developing my communication skills and pursue additional certifications in cloud security and incident response, which I identified as critical for SOC Analysts. I aim to obtain certifications like AWS Certified Solutions Architect and Splunk Core Certified User to strengthen my expertise in cloud security and security monitoring.

 

While my academic background in cybersecurity provided a solid foundation, this real-world experience presented new challenges, such as prioritizing vulnerabilities and negotiating trade-offs to meet clients' security needs without exceeding their resources.

 

These experiences improved my technical and communication skills and made me more adaptable to the ever-changing cybersecurity landscape. I plan to stay aligned with emerging trends through continuous learning, professional development, and participation in industry events. This adaptability will be crucial for my long-term success as a SOC Analyst.

 

 

 


As I transitioned from my undergraduate studies to the Master of Cybersecurity, my approach to learning has evolved significantly. Initially, I viewed education as a structured process, where I primarily focused on acquiring technical skills such as programming, networking, and IT infrastructure. However, through my postgraduate journey, I’ve embraced a more holistic and self-directed approach, recognizing that continuous learning is essential in an ever-changing field like cybersecurity.

During my undergraduate studies, my learning was largely passive. I relied heavily on guided instructions, textbooks, and completing predefined assignments. While this approach allowed me to build a strong technical foundation, it didn’t push me to think critically beyond the academic scope. My primary goal was to meet the requirements of assignments and exams rather than to challenge the underlying concepts. As a result, I became proficient in specific tasks, but I didn’t fully appreciate the value of ongoing learning or the application of skills in diverse contexts.

​

My postgraduate experience, especially in the Master of Cybersecurity program, has transformed how I approach learning. Courses were more focused on real-world applications, which forced me to take ownership of my education and become more proactive in seeking out knowledge. My learning became more continuous and reflective, focusing on not just acquiring new skills but also refining existing ones. This shift was particularly evident during my Work Integrated Learning (WIL) placement, where I had to apply my skills to ambiguous, real-world problems that required deep critical thinking and problem-solving.

​

One of the key skills that has developed significantly during this transition is critical thinking. In my undergraduate program, critical thinking was often confined to solving specific, structured problems presented in the classroom. These exercises were useful, but they didn’t fully prepare me for the complexity of real-world issues. During my postgraduate studies, I was introduced to cybersecurity problems that required me to evaluate situations from multiple perspectives, assess risks in uncertain environments, and make decisions based on incomplete information. For example, in my WIL placement, performing a security gap analysis forced me to question assumptions and think critically about potential vulnerabilities and risk management strategies. This skill is invaluable in the workplace, where rapid decision-making and risk evaluation are key.

​

Another transferable skill that has grown throughout my academic journey is teamwork. In my undergraduate years, group work was often about dividing tasks and ensuring that everyone completed their share. It was task-oriented rather than collaborative. During my postgraduate studies, teamwork took on a new dimension. Collaboration in the WIL placement involved working with peers and supervisors, engaging in discussions, and collectively solving complex cybersecurity problems. This experience taught me that teamwork is not just about dividing tasks; it’s about leveraging each team member’s strengths, communicating effectively, and working together to achieve a common goal. In a professional setting, especially in cybersecurity, this skill is crucial for project success and organizational security.

​

In conclusion, my approach to learning has shifted from a passive, task-driven mindset to a proactive, reflective one focused on continuous learning. The development of critical thinking and teamwork during my postgraduate studies has equipped me with the skills I need to thrive in the dynamic field of cybersecurity, where adaptability and collaboration are essential for long-term success.

Reflective Artefact: Ethical Conduct and Professional Accountability in the ICT Industry

During my placement at Tesserent as a Cybersecurity Analyst, I encountered a situation that highlighted the importance of ethical conduct and professional accountability. One of my key responsibilities involved conducting a security gap analysis for a non-profit organization. This required me to handle sensitive data, including personal information about the organization’s members and financial information about its operations.

​

The potential ethical and professional implications of mishandling this data were clear: if not properly secured, the exposure of personal or financial data could have caused significant harm to the organization and its members, both financially and reputationally. Privacy breaches would not only violate organizational policies but also contravene privacy laws like the Australian Privacy Principles (APP).

​

To ensure I adhered to ethical standards, I took several actions to maintain professionalism and accountability:

  • Data Handling: I ensured that all sensitive data was encrypted and accessed only through secure channels, minimizing the risk of unauthorized access.

  • Client Communication: Throughout the analysis process, I was transparent with the client, explaining the steps I was taking to protect their data and ensuring their concerns about privacy and security were addressed.

  • Respect for Client Data: I treated the organization’s data with the utmost care, recognizing its value and the responsibility that comes with handling it.

​

What I did well in this situation was maintaining transparency with the client and adhering to best practices for data security. However, I recognized there was an opportunity to improve the situation. At one point, while using AI tools like ChatGPT to generate templates and analyze common vulnerabilities, I realized the potential ethical concerns regarding sharing sensitive client data with external platforms. Although I refrained from inputting any private or sensitive data, this experience made me more aware of the ethical concerns surrounding AI tools and their misuse in the ICT industry.

​

In hindsight, I could have improved by engaging in a more thorough review of the privacy implications of using AI tools, even in cases where no sensitive data was involved. Going forward, I plan to be more cautious in balancing innovation with ethical responsibility, especially regarding the use of disruptive technologies.

​

This experience reinforced my commitment to ethical decision-making, particularly in relation to privacy, cybersecurity, and the responsible use of emerging technologies

bottom of page