Employees at A-LIGN take many different paths throughout their journey – that’s why we sat down with Michael Broyles, one of A-LIGN’s Senior Consultants for the SOC practice. We spoke with Michael about his journey in cybersecurity, why he thinks cybersecurity audits are important and much more.
Where are you from, and how did you begin your career in cybersecurity?
I was born and raised in Tampa, Florida. I started college at Webber International University, where I played baseball for two years and studied Business Management. Then, I transferred to Florida State University for my junior and senior years. A friend of mine was working in cybersecurity and told me I should look into the industry. I did and decided to change my major and study Management Information Systems (MIS). I attended a career fair at FSU, where I met a few people on the A-LIGN team and interviewed with them. I ended up getting the job and I’ve been with A-LIGN since I graduated a little more than three years ago.
Tell me about your role as a Senior Consultant at A-LIGN.
I spent my first two years at A-LIGN as a Staff Consultant and then transitioned to a Senior Consultant role. In my current role, I am responsible for working with our clients on a day-to-day basis answering questions, conducting meetings, and overseeing the life cycle of a project once the manager is done with everything on their end. I work with the client to collect and review their evidence, meet with them when necessary, and try to take some of the work off the managers’ plates where possible. I am also part of the Methodology Committee, which focuses on improving client service, audit quality, and compliance with standards.
What is the best part about working at A-LIGN?
It’s cliché to say, but the best part about working at A-LIGN is the people. Everyone is extremely helpful to one another, which really allows for growth within the company and sets people up for success. I had a mentor who helped me with all of the questions I had when I first started. Plus, I have had so many other people offer their help and guidance during my time here. Now I’m in a position where I can be that resource for new hires and anyone who isn’t as experienced in the company. Our CLIMBERS will drop what they’re doing to help each other, which is really valuable, and not something you see everywhere.
How would you describe A-LIGN in one word?
Motivating. I think everything we do at A-LIGN is primarily motivated by two things: customer and employee happiness. We are constantly motivated to do better, which has driven many of the initiatives we have from the A-SCEND SaaS platform, to expanding our service offerings to meet our clients’ needs. The drive behind the development of these initiatives is indicative of A-LIGN’s commitment to our clients. A-LIGN also truly cares about the employees, and it is encouraging to see the desire and efforts that management puts forth in making sure we are truly happy, as it has created an environment in which employees are more motivated to achieve success personally and for the company. Overall, I think the growth of the company has been driven by motivation emulated by our management team and innovation that has created more opportunities to succeed for our clients and employees.
What is a work-related accomplishment you’re proud of?
I feel fortunate to be in a position where I can help people who are just getting started in the SOC practice, just like my mentor did for me when I first started at A-LIGN a little over three years ago. Being a resource for others and helping set people up for success is really important to me because I was once in their shoes. There’s always a lot going on so not having the right mentor can inhibit your success and I was lucky enough to have mentors that valued me as a person, not just an employee, and cared about my future at the firm and in life. I’m proud to be able to be that person for others and hopefully to teach them enough that they can fill that role for someone else in the future.
Why are cybersecurity audits important and how does that play into your role?
Cybersecurity audits are important because they allow us to prepare our clients for potential security issues that may arise. Undergoing an audit, such as a SOC 2, allows companies to better prepare for when issues do arise because, with the growing reach of technology and the digital world in general, it’s inevitable companies will run into security issues in some capacity. Rather than putting a band-aid on the issues as they arise, having processes and procedures in place to be able to further mitigate the impact and likelihood of those risks in the future is important for the success of a lot of companies. Consistently undergoing audits allows our clients to keep up with evolving IT practices and ensure the procedures they implement are consistent with those evolving IT practices.
Which of our values (Be All In, Commit to Quality, Do the Right Thing Always, Innovate Constantly) do you identify with most and why?
Do the right thing always. In this industry, it’s critical to do the right thing always. You’re not only dealing with your customer and the relationship you have with them, but you’re also essentially servicing their customers as well by assessing the security controls in place to protect their data. I think knowing the significance of what we’re assessing is impactful and is a motivator in always doing the right thing for our clients. It’s also important to do the right thing always internally because we have a lot of trust in the SOC practice. Most of the time, no one is specifically tracking what I’m doing on a day-to-day basis, rather they’re just trusting me to get it done. In the back of your mind, you need to know that it’s up to you to do the right thing and make sure you’re supporting our company and our clients in an appropriate way.
What is the best advice you could give someone trying to enter the industry?
Don’t be afraid to ask questions. No question is a dumb question, and I promise I’ve probably asked all the questions you’re thinking of. When you get into the industry, there are so many terms being thrown around that you probably don’t know. You learn from the textbooks, but it’s different than anything in real life, so having the hands-on training like they give here at A-LIGN is critical in those first couple months. So, the more you ask questions and absorb as much knowledge as you can, the stronger your foundation will be when you first get started. Never be afraid to ask any questions no matter how dumb they may seem.
What is your motto/personal mantra?
Life is short. From the experiences I’ve had in my life, I’ve realized that life is short, and I want to always make the most of it. Time is very important to me, so I make sure I’m happy with how I’m spending it.
What do you do for fun outside of work?
I spend most of my time with my family, golfing, and watching Netflix.