At Nasdaq, we are continually innovating the industry to keep our markets, employees and partners protected. We interviewed Nasdaq leaders to learn more about how they ensure the privacy of data and the security of our products and services while informing us of ways to identify, protect, detect, respond and recover from a cyberattack.
Abdo Zein Al Abedeen, QA Test Engineer Senior Specialist at Nasdaq, shares advice for those interested in becoming involved in the technology industry.
Talk to us about your role at Nasdaq as a QA Test Specialist. What does it entail?
Working on a team where at least half of the members have 20+ years of experience in business and development means a lot. On a daily basis, we talk about internal issues and also take global technological views on those related issues. Being able to do so has made our team ready to face old and new challenges. My daily work varies from holding standups, making sprint planning, testing new functionality, regression on some old functionalities, to writing and adjusting test cases that define how the function should work. My other tasks include communicating with our external customers to solve their issues, providing them with Demos of our current progress of this new functionality, and being onsite, if needed, to help them get up to speed in the whole integrated system.
What are current trends in the cybersecurity space?
Currently, there is a really big war in cyberspace between Russia and Ukraine supporters (including countries, individuals and companies). The pandemic is still a trending topic, influencing many cyber-attacks such as phishing. Previously, the trending topic was ransomware attacks, a computer virus that gets into your computer and encrypts all of your files and then asks for a Bitcoin to decrypt them. This attack can usually come with phishing emails. They can send you emails with a malicious file attached. Especially with Covid, when almost everything went remote, and emails or online service usage increased significantly (for example, even HR sends documents online to be signed), attackers are becoming more sophisticated in using all these scenarios to send emails to employees to click a link or download an attachment with the virus.
What is a project you’ve worked on that advances cybersecurity?
We worked with the OpenID connect standard, which is AuthZ & AuthN (Authorization & Authentication), and it was very interesting but complicated to implement by our lead developers. To put it simply, AuthN (Authentication) has to do with identity. Authentication ensures that data is not exposed to the wrong person, while AuthZ has to do with permissions or what someone is allowed to do. Therefore, a common term for authorized actions is “permissions.” Another term for this concept is “privileges.”
Talk to us about how Nasdaq promotes advancements in the cybersecurity space.
Nasdaq follows all cybersecurity events and works on many cybersecurity awareness programs in order to make sure Nasdaq employees are cyber aware. The company supports all training and lets the employees contribute to building cyber defense together.
How can daily tech users practice safe use of technology and defend themselves from hackers?
The best thing that users can do is follow the best practices provided and complete all of the assigned training sessions. With all these pieces of training, users can be aware of the latest attacks and attack vectors.
How did you become involved in the technology industry, and what is your advice for young professionals looking to get in the industry?
Like many people my age, I was interested in the Internet since it was an amazing new technology. This interest led me to study informatics and understand how machines and programs actually work. With time, I grew more interested in UI (User Interface) and UX (User Experience). I started as a web developer, then slowly moved toward QA (Quality Assurance). I like understanding products and how they are used because this puts me in the place of the actual user and allows me to think about how the user thinks.
My advice to young professionals is to try different positions, challenge yourself, stay aware of new technologies and follow events related to technology. Do not overthink because sometimes we learn a new approach from a child. Children have the ability to try things in a unique, novel and funny way. Do not be afraid of taking a step outside of your comfort zone. You might fail, but from failure, we learn an unforgettable experience.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.