A little about myself.

My name is Aglaia Nicolaou. I was born and raised in a beautiful island called Cyprus. I am 29 years old and I am based in Nicosia. I am currently working at Hellenic Bank Public Company Ltd. as Governance, Risk and Compliance Officer, Information Security and Fraud. During my own time, I love taking photos, reading self-development books, watch movies and series, spend time with my dog and travel. I also spend a lot of my time reading about my profession so that to stay updated about new technologies and security aspects.

Do I consider myself successful.

Success to me is knowing that I am excelling in my performance and feeling fulfilled. That my efficiency to become helpful for the organization growth is increasing and thus be able to add value to the company. I would define success at work as what I have learned from key job assignments experiences as well as while working as a team towards a common goal.

What motivates me.

I am a very result-oriented person. My primary motivation is to achieve the desired result. My goal is to be the best of what I can be, and this motivates me to go beyond my own expectations. When I see myself being productive every day, it motivates me to continue. But subsequent recognition of my efforts gives me the encouragement for my next efforts.

My deam job.

My dream job is a job that keeps me busy, a job wherein I get to contribute to the company’s success, and a job that will help me to enhance my knowledge and improve my already aquired skills as well as be able to develop new ones.

Am I a teamplayer.

Yes, I am a teamplayer. While I will deny the fact that I can work independently with minimal supervision, I’m also one companion every leader would ever want to be in his team. Whatever task is assigned to me, I make sure it meets and exceeds what is expected of me. I also make it a point to reach out to teammates whenever needed.

My philosophy towards work.

My philosophy when it comes to work, is to do my best every single day. Never procrastinate and always approach a challenge with an open mind. This mentality has certainly helped me work my way through many challenges in the workplace. There is always room to learn and mistakes are teaching opportunities, not failures.

Lessons learned from mistakes on the job.

I learned that without proper coordination, even the simplest task could cause problems in a project. It is important to recognize when to ask for help as well as learn and grow from every mistake.

What has disappointed me about work.

What has disappointed me about work is when I don’t feel that my work is appreciated and when I am not given enough challenges to work on. In addition, I believe that if your job doesn’t give you the ability to expand your knowledge and improve as a professional, this is something that might make someone a bit disappointed.

What role I tend to play in a team.

I tend to be versatile when it comes to being a team player. I can act as a leader, an assistant, a communicator, a secretary, whatever role that will ensure the success of the team. That’s because understanding the different roles will allow each player to take on the role of others, in times of need. Until now, I didn’t had the opportunity to act as a leader of a team, but I have been coordinating a lot of projects where a lot of people were involved in.

Challenges I overcame / difficult situations.

One of the most difficult challenges that I had to face was the resistance of some people against security and in general against changing of their culture/routine. In addition, another difficult situation I had to overcome was the knowledge transmission so that people understand the benefits of security and the potential losses of no-security.

The most challenging thing about working with me.

The most challenging thing about working with me is that most of the times I am consentrated, very serious and quiet while performing my tasks, that looks like I am anti-social. However, I have made a lot of improvement in this aspect.

Suggestion(s) I made in my previous employment that was implemented.

Taking the initiative, especially after some years of experience, and suggesting different ideas is very crusial and helps the organization you are working with to enhance and improve its general functions. I had the opportunity to suggest a lot of new ideas about creating new policies, procedures but in my opinion the most important one was the performance of an information security awareness training for the whole company. In addition, during my work experience at PwC Cyprus, I had the opportunity to lead the GRC pillar and have one more team member to guide and coach.

Where do I see myself in 5 years.

In 5 years I see myself as a professional Information Security Specialist with more experience in the technical aspect of security. Acquiring certificates such as CISSP, CISA, and other, will help me enhance my knowledge and help me improve the quality of my work. In addition, I would like to attend the ISO 27001 Lead Implementer Seminar as well as some seminars related to GDPR and privacy.

Am I a thinker or a doer.

In my opinion one needs to be both a thinker and a doer. Initially, to be able to think of and recognize any solutions that will help solve the various trials or incidents that may arise, which are practical and feasible, timely and effective, taking into account the risks and consequences of an error/mistake or of delay. It is also equally important to be able to listen to the opinions of others and to be able to handle the various tasks that they may suggest you do.

How do I deal with conflict.

Fortunately, I have not encountered many conflicts in my work environment so far. But the one time I remember, was because of a disagreement I had with my manager, which was related with an external audit that had to be done in the company, and the provision to external partners, files that in my opinion were not needed. I talked to my manager, explained the reasons for my concern and the objection I had, and then we found a middle ground.

Biggest regret.

As a person, I am not used to regretting things I have done or not done. I am of the opinion that everything is done for a reason and that everything is for good. I also believe that so far in my educational and professional route, I have made the right or at least good decisions, which led me where I am now. However, the only thing I might change if I went back in time was working for at least a short period in England, just to gain experience from a larger security company.

Strengths.

I like challenges. I like to get out of my comfort zone. For this reason I had chosen to take on the role of Information Security Officer having only one year of experience in IT auditing, something that was very different in terms of responsibilities, requirements as well as duties. It is easy for me to adapt to situations. It is certainly not easy to adapt to new data, but in my opinion I can now adapt much more easily. This is because as an individual I operate quite logically and based on a given data. I take into account the data of each situation and make the necessary decisions accordingly so that I can solve a problem or overcome a situation.

How do I cope with stress.

Stress can be a big motivator for me. A healthy amount of pressure helps me produce efficient, quality work by giving me a picture of what my colleagues need from me and when. Also, planning is an important tool in handling stress for me. Drawing up detailed plans for projects and even my daily work and tasks helps me to get ahead of stressful situations. When stress does inevitably arise, planning helps me to tackle the situation one step at a time to prioritize what needs to be done in an efficient way for myself and my colleagues.

How I keep myself updated with information security news.

In order to keep myself updated with security news, I am following and checking different security websites, forums, and of course subscribe to their newsletters so that you get regular updates and notifications on what is happening in the market and about the latest trends and incidents. I am also attending a lot of seminars, conferences, events etc., as well as being member in ISACA’s Cyprus Chapter.

Personal achievements or certifications.

I am certified ISO 27001 Lead Auditor and Certified in Risk and  Information Systems Controls.. I am currently studying for different certifications (CISM, CISA, CISSP). What I am trying to gain by studying all these certificates is to enrich and enhance my knowledge in regards of security compliance, audit, risk management etc., but as well improve my technical abilities in regards of information systems security.