CyAN Voices: Growing Careers Through Mentorship

In this first mentorship story of 2025, Kuljit Kaur (Australia) shares her experience under the guidance of her CyAN mentor, Shakil Khan (UAE).

My Mentoring Experience with CyAN Mentorship Program and Mr. Shakil Khan

By Kuljit Kaur

Starting a career journey in cybersecurity can be both exciting and challenging. Thanks to the mentorship program offered by CyAN mentorship program and the guidance of Mr. Shakil Khan, I have gained clarity, confidence, and a practical roadmap to transition into the cybersecurity industry.

Setting the Stage: My Mentorship Goals

In our first mentoring session, I outlined my expectations from the program:

• Career Guidance: Gaining insights into cybersecurity pathways, skills, and certifications aligned with industry demands.
• Practical Knowledge: Learning about real-world cybersecurity challenges, SOC operations, risk management, and security compliance best practices.
• Personalized Advice: Receiving guidance on areas for improvement and clear, practical steps for breaking into the cybersecurity field.
• Career Readiness: Strengthening my resume, improving job applications, and preparing effectively for interviews.
• Networking and Resources: Expanding my professional network and accessing valuable learning platforms and communities.

I also discussed my career goals, including:

• Short-Term (6–12 Months): Secure a cybersecurity role in SOC operations, security monitoring, or IT support, using my skills in Microsoft Sentinel, Splunk, and SIEM tools.
• Mid-Term (1–3 Years): Progress into a Cybersecurity Analyst or Risk & Compliance role, focusing on threat detection, incident response, and risk management.
• Long-Term (Beyond 3 Years): Grow into a Cybersecurity Consultant or Security Engineer, contributing to security architecture, cloud security, and governance frameworks.

Resume Enhancement and Career Planning

One of the first areas Mr. Shakil Khan helped me with was improving my resume. He guided me on how to highlight my technical competencies, real-world experiences, and certifications in a way that directly speaks to cybersecurity recruiters. His feedback helped me present my SOC, SIEM, and security monitoring experience more effectively.

We also discussed the Three Lines of Defence model, deepening my understanding of how cybersecurity operations fit into broader risk and governance structures:

• First Line: Operational management (security teams executing controls and monitoring)
• Second Line: Risk management and compliance oversight
• Third Line: Internal audit providing independent assurance

Additionally, we reviewed concepts related to Governance, Risk, and Compliance (GRC), helping me connect technical roles with broader organizational risk and policy frameworks.

SOC Operations Understanding

In our discussion about SOC operations, Mr. Shakil Khan encouraged me to share my practical understanding of threat detection, incident triage, escalation processes, and documentation. He emphasized the importance of not only technical skill but also clear communication, teamwork, and continuous learning to thrive in a SOC environment.

Workplace Success: Tips and KPIs

Mr. Shakil Khan also shared valuable tips on how to work successfully in a professional cybersecurity environment:

• Time Management: Prioritize tasks and manage time effectively to meet deadlines.
• Professional Communication: Always communicate clearly, whether writing incident reports, sending emails, or giving verbal updates.
• Accountability: Own your work, be responsible for tasks assigned to you, and show initiative.
• Adaptability: Be open to learning new tools, technologies, and adapting to fast-paced environments.
• Attention to Detail: Accuracy in investigation, reporting, and documentation is critical in cybersecurity roles.

He also explained the importance of understanding Key Performance Indicators (KPIs):

• Responding to incidents within the agreed SLA (Service Level Agreement) timeframe
• Accuracy in incident classification and escalation
• Timely completion of threat analysis and reporting tasks
• Contribution to team goals and knowledge sharing

KPIs are not just performance metrics — they directly link to building trust with your team and showing your reliability to leadership.

The Importance of Networking

Another crucial part of the discussion was professional networking:

• Why Networking Matters: In cybersecurity, many job opportunities are found through connections rather than job boards. Networking also exposes you to emerging industry trends, mentorship opportunities, and communities of practice.
• How to Network Effectively:
  • Attend cybersecurity webinars, meetups, and conferences (even virtual ones).
  • Be active on LinkedIn — share your learnings, comment on cybersecurity posts, and connect with professionals in the field.
  • Join cybersecurity communities (e.g., ISACA, (ISC)², OWASP, or even informal Slack/Discord groups).
  • Always approach networking with a mindset of mutual learning — offer help, ask for advice, and stay genuinely curious.

Mr. Shakil Khan highlighted that networking is not just about finding a job; it’s about building long-term relationships that support continuous growth and development in your career.

Conclusion

This mentorship session with Mr. Shakil Khan through the CyAN mentorship program has been a transformational experience for me. His guidance has provided me with a strategic career roadmap, real-world advice, and a strong foundation for professional growth.

I feel more confident, better equipped, and motivated to achieve my career goals in cybersecurity. I am grateful for the time, effort, and insights shared by Mr. Shakil Khan and look forward to continuing to work on the action items we discussed — from enhancing my technical skills and workplace readiness to building a strong professional network.

---