I Never Thought That I Will Become An IT Consultant
Being IT Consultant at 24 y.o is not as easy as it seems.
On 15th November was my first day as an IT Consultant in one of the consulting companies in Indonesia. I was kind of proud of myself, but somehow, I am the insecurity inside me. Do I stay on the right path?
I mean, my boss told me that he became a consultant at 29 y.o. I don't have a lot of knowledge or experience. Yeah, maybe I got some knowledge and experience but is it enough?
I asked myself again and again. I do feel scared. What if I can't answer my client's question? Or what if I make a mistake? Too many what if.
Okay, first of all, I am going to tell you guys how I got in here.
When I was in senior high, I wanted to become a programmer, primarily a game developer. The game was the love of my life. I can spend my day from waking up until sleep at night just playing games.
Oh, what a life!
I got accepted into one of the best universities in Indonesia, and my major is Information System. I want to try to be a programmer. Come on! Bring it on!
Unfortunately, my first semester was a tragedy. I got an E for my programming language. It was such a shame. I want to be a game developer, but I got an E in the primary programming language.
I was so sad, and I thought that maybe the programmer was not for me.
But, god and this universe has a different plan for me. I got accepted into one of Decacorn in Indonesia as a Software Developer Engineer Intern. What a plot twist, right?
I do enjoy my life as a programmer.
I did enjoy my life as a programmer. Living as a programmer was my dream job. I don't need to wear a fancy outfit and just a casual t-shirt. The best part? My job doesn't require me to talk with a lot of people. I need to speak with people who understand how I communicate and not simplify anything.
But, I felt something empty inside of me. I felt like this was too comfortable for me. That's why I swift my role to IT Security Auditor.
IT Security Auditor
When I was in the 4th semester, I had this course called Information Asset Security. My lecturer taught us about penetration testing. The thing about penetration testing as it was pretty hard. It was HARD!
I don't even know why I did what my lecturer told me. But the output was so incredible. I can hack into my friend's email. And not like you imagine, I don't use a fancy tool because all I need is phishing.
Phishing is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, and credit card details and passwords.
I was not that good. But I still want to try that. I tried to apply to several companies, but the company doesn't accept a newbie pentester. That's why I change to become a programmer at first.
Even tough programmer was not bad, but I still want to pursue my desire. I got an email that I got accepted as an IT Security Auditor. I took it right away. I moved from my previous company and decided to pursue my desire to deep dive into Information Security.
As an IT Security Auditor, I handle policy and procedures related to Information Security and do not do the pentest. I was a little disappointed at first, but my boss told me that the company needed me because of my knowledge of ISO 27001:2013.
Oh well, I know I am not that good in ISO 27001:2013 either, so I studied as hard as I can about the standard. It was not an easy road to learn about ISO 27001:2013 by own self. Until February, I got an invitation to join the technical guidance about ISO 27001:2013 and step by step how the company can implement in their company or 27001:2013 for dummies.
I learned a lot from the webinar. The technical guidance took three days, and I gained a lot of knowledge from it. I felt like I was born into a new person. I have a new ambition. I want to be an IT Auditor.
From my perspective, the auditor is so excellent, especially IT Auditor. They know a lot of things. Back then, when I jumped from one role to another, my friends always told me that that was not a good choice. I love to learn a lot of things and not just one area. That's why I love to explore different roles. And I think that being an IT Auditor, and I can continuously learn.
In 2020, Covid19 happened. Covid19 affected my previous company and decided to reduce my salary. I decided to move to another company due to the condition. I know the IT Auditor is not for me yet at that time. I was looking for a new role that relates to Information Security.
I found it in my previous company. My last company was a consulting company concerned with governance's strategic planning or e-governance, including IT Security and IT Infrastructure.
I got accepted as a Project Manager, and I learned a lot from it. I handle two projects for the implementation of ISO 27001:2013. To support my capabilities, I decided to take training for Lean Auditor for ISO 27001:2013. The result was I got my certification as a lead auditor or CLA ISO 27001:2013. I wrote my journey on my medium as well (but in Indonesian).
Perjalanan Menuju Sertifikasi ISO 27001:2013 Sebagai Lead Auditor
Hal-hal yang perlu kalian ketahui tentang Sertifikasi ISO 27001:2013 Lead Auditor
Being a project manager was a turning point for me. My previous role did not require me to do a lot of communication. Communication is one of the critical skills if you are a project manager. Communication is everything.
After a long conversation with a client drained me, it took a lot of my energy. But practice makes perfect. I learned a lot about how I handle clients, how to make a good conversation, etc.
After a year and three months, I moved to another company to become an IT Consultant. I hope someday I become IT Auditor like I want to.
Back then when I was still in college, IT Consultant never slipped in my mind. I never thought about it because I want a quiet life. I want to work from my home and not do a lot of conversation. But here am I.
Every path is not a smooth path. If the road you are walking right now is relatively easy, I think you better change it. When we are young, I think we must try challenging routes, so we don't regret it when we are old.