A Career In Cyber Security: Working In The OLX Security Team

Hi Aleksandra! Can you tell us a bit about your role at OLX?

A: I used to support various areas, people, and projects within the Security Team. I started in application security, went through security cloud infrastructure, Web Application Firewall rules customization, and now more recently I’m focused on security awareness, security operations, and a little bit with security compliance. 

I enjoy being quite a versatile security engineer, nevertheless, sometimes it is mentally demanding when switching the context. 

What I like most about being a security engineer is being part of a protective layer that can make a big impact on the whole company. 

Another element of the job that I love is having a variety of stakeholders from different departments to work with: from data, product and tech, through to legal, customer service and even communications. I get to encounter an amazing set of perspectives and personas and I’m able to train a real variety of topics from the cybersecurity domain. 

What has your career path looked like?

A: My career started in 2013. I have been working from the beginning in IT, but over the years I cross-skilled from Quality Assurance Engineer and Software Tester into Security Engineering. 

I gained quite a variety of experiences both in commercial and non-profit organizations, before I settled in a product-based company which is OLX. I have worked in several smaller and bigger international software houses and practiced technical consulting under my name for tech startups. As well as this, I have also led projects for non-profit organizations, including workshops, and also practiced both paid and non-profit public speaking in small and big meetups and conferences in various countries. 

The “general IT” and software knowledge that I gained as QA Engineer, as well as the broader skills I learned from these experiences, were all very valid for my next professional incarnation as a security engineer!

By education, I am a Master of Science in cognitive science. I started working in IT before I finished my studies. I had been planning an academic research career – maybe one day I will be back to do my PhD!

Can you tell us about the Cyber Security Awareness Month project you created at OLX?

A: The main mission of Cyber Security Awareness Month (CSAM) is raising, increasing, and maintaining the security awareness of the audience. It is about cyber threats, how to protect yourself and your software against them, and what the prevention measures are. 

The first iteration of OLX Cyber Security Awareness Month was in October 2021 for the European employees of OLX and was more focused on engineering topics, but also included popular social engineering topics like phishing. 

I was amazed to host 100 people in the opening session, but this interest was maintained throughout the events and then afterwards, too. It was a very demanding, but also extremely rewarding month. 

Following CSAM, the whole Security Team observed an increase in interest, understanding, contact, and reporting rates of security issues. It was the best indicator of success of the project. Even better for me was that our employees’ security awareness helps to impact the software which is serving our customers. Taking care of the employees means here also taking care of the customers. 

In 2022, I led the second CSAM in OLX but for the first time in the fully global scope of the company. It was even more ambitious than the first year, because we aimed to reach all employees in all roles globally, not only engineering. 

Despite the bigger challenge, CSAM 2022 was a huge success. We had eight dedicated speakers for the event, seven of which were internal OLX experts, plus a session with an external expert discussing the psychological aspects and possibilities of cybercrime.  Following this there were over 200 conversations on our dedicated security Slack channel, with many meaningful security topics (and memes!) shared.

On reflection, with the conceptualization, planning, execution, and gathering the feedback in CSAM projects, I learned how much I can do when having a chance to scale my ideas. It was a great opportunity to work in the security domain by utilizing the soft skills I have. I love that at OLX, if you take the initiative and speak to the right people,  you have the freedom to be an owner and create projects like this.

Amazing! So, if you were looking for a new colleague, who would be a good fit for the Cyber Security Team?

I would look for someone who is able to work well both independently and with a team. It is also helpful to be open-minded and have the ability to explain sometimes complicated security notions and processes in an understandable manner to all levels of stakeholders. I would also look for someone who is curious and ambitious, because there is always something to learn at OLX!

Finally, if someone said they were thinking of applying for a role at OLX, what would you say? 

For sure if you are eager for a variety of challenges, then OLX is a great place to be!

Thank you Aleksandra!

Interested in a role at OLX?