The finalists for WashingtonExec’s 2024 Pinnacle Awards were announced Sept. 20, and we’ll be highlighting some of them until the event takes place live, in-person Nov. 21.
Next is Parimala Rao, deputy chief information security officer with the General Services Administration, and finalist in the Government Cybersecurity Executive of the Year category. Here, she talks about recent achievements, shares career advice and more.
What key achievements did you have in 2024?
Our cybersecurity team has been focused on GSA’s zero trust architecture transformation, including modernizing active directory, enterprise single sign-on, secure access secure edge implementation, cyber-supply chain risk management implementation, micro-segmentation of users, devices, networks, and security operations centers enhancements to include implementation of AI/ML and custom dashboarding. The aggregate effect has advanced GSA from a traditional perimeter-centric network security model to zero trust, applying security directly to users, devices, applications, and data, which improves security outcomes and user experience.
GSA achieved micro-segmentation within our building security network in over 500 GSA buildings that house operational technology and internet of things devices, furthering our ability to combat ransomware. SOC enhancements, including custom dashboarding, big data analytics, and data science machine learning capabilities have improved threat intelligence processing, security event triages, and proactive blocking of indicators of compromise, preventing small incidents from matriculating into larger incidents.
What are your primary focus areas going forward, and why are those so important to the mission?
Going forward, our primary focus is to keep the GSA customer at the center of the overarching cybersecurity experience. By aligning to GSA’s One GSA/One Cyber strategy, we emphasize developing and delivering cybersecurity services following a product-as-a-service model (Enterprise Security Shared Services model). This is a centralized approach to managing and delivering security services and streamlines cybersecurity operations, improves efficiency, and ensures consistent security practices. Centralizing security services has led to cost savings, eliminating duplication and achieving economies at scale, while reducing risk and improving cybersecurity outcomes.
We are also focusing on delivering ongoing operational security and resilience of the GSA enterprise and information systems by maximizing limited resources to drive down risks. Additionally, we’re implementing all DHS Binding Operational Directives and Emergency Directives, proving resilience to ongoing and targeted adversarial and nation state attacks.
What is your best career advice for those who want to follow in your footsteps?
I encourage people to pursue a career in cybersecurity within the federal government – I would love to see more people interested in this area. A great start is to familiarize yourself with government policies and procedures and regulations governing the federal agencies, including FISMA, NIST standards, and cybersecurity frameworks. For training, having a degree in cybersecurity, software engineering, information technology, or a related field is beneficial. Certifications focused on cybersecurity, security operations, security engineering, data science, machine learning, or artificial intelligence are also helpful.
With federal hiring being very different from the private sector, explore USAJobs, learn the application process, and research what it takes to do the job you want. Many federal cybersecurity jobs require security clearances, so understanding the process and preparing for background checks will help you navigate to these positions faster. Gain relevant work experiences, either through internships, co-ops, or working as a contractor for the Federal government; this experience will be invaluable in preparing you to take on full-time federal opportunities. Be persistent, keep applying, and be open to taking on various roles.
Fun Fact: What is something about you that most people do not know?
I have a passion for traveling to different places, meeting new people, and learning from them. Whenever I can, I take trips with my family exploring small, quaint towns, where I can immerse myself in local culture and heritage. I love to connect with the local community, experience their daily lives, and appreciate the unique traditions that shape each place. These journeys allow me to discover the rich tapestry of human experiences and foster a deeper understanding of diverse ways of living.