Cyber Security Consultant

    Sophie Kaelin

    "You have to be comfortable in accepting that you don’t, and never will, know everything,” stresses Sophie.

    It’s Sophie Kaelin’s job to ethically hack into web apps and devices to uncover vulnerabilities

    Out of high school, Sophie Kaelin signed up for a Bachelor of Information Technology (IT) at Macquarie University in Sydney because she was always interested in technology and – although she had zero experience in coding at the time – she was fascinated to learn more.

    Sophie initially coupled this with a Bachelor of Law, but found herself spending much more time on her IT subjects, so switched to a single IT degree. “There were so many fun and interesting subjects, I didn’t want to miss out on any,” she says.

    Battling imposters inside and out

    Speaking of interesting subjects – Sophie chose to major in cyber security for her IT degree. “Knowing people who have been victims of social engineering and hearing about other cyber attacks furthered my interest,” she says.

    Having no coding experience meant Sophie felt some imposter syndrome, but her time at uni soon helped overcome this. “Tech is a difficult field to be in because there is so much to learn and cyber attacks grow and change every day,” she says. “You have to be comfortable in accepting that you don’t and never will know everything.”

    After graduating, Sophie interned at Google, worked as a research assistant and sessional tutor at Macquarie Uni then landed her current gig – as a cyber security consultant at global professional services company, EY.

    Making – and breaking – tech

    Working as a penetration tester or ‘Pen Tester’ in EY’s Red Team, it’s Sophie’s job to “hack” web or mobile apps and devices to uncover vulnerabilities. “That information then gets passed on to the application’s developers so they can fix any vulnerabilities that make them susceptible to a real-life scenario,” she explains.

    “Because I’m still learning, my average day involves performing research on popular attacks to discover new ways of exploiting applications.”

    Sophie says her uni studies come in handy every day in her job. “A lot of my degree involved building applications and software. All that learning has helped me in my current role.”

    And even though Sophie never finished the law degree, the law is still relevant in her work in cyber security. “I have to consider a lot of compliance legislation,” she explains. “It’s also helpful to think about the legal ramifications of cyber attacks for context when testing.”

    Sophie’s study and career pathway

    • Bachelor of IT (Cyber Security), Macquarie University
    • Intern, Google
    • Research Assistant, Macquarie University
    • Cyber Security Consultant, EY

    This article is brought to you in partnership with Macquarie University and originally appears in Careers with STEM: Technology 2021.


    Gemma Chilton

    Author: Gemma Chilton

    Gemma is the Managing Editor of Careers with STEM magazine. She has previously worked as Digital Managing Editor at Australian Geographic and a staff writer at Cosmos science magazine.


    Please enter your comment!
    Please enter your name here

    This site uses Akismet to reduce spam. Learn how your comment data is processed.