“We care about doing the right thing, not the easy thing” – WashingtonExec
The WashingtonExec Pinnacle Awards finalists were announced on October 13, and we’ll be highlighting some of them until the event takes place virtually on December 8.
Next is the finalist for Cyber Security Industry Leader of the Year (Private Company), Douglas Neff, CIO at Cognosante. Here he talks about success in his current role, career turning points, career advice and more.
What made you successful in your current role?
Throughout my career, I have sought to achieve strong results in my current field while stretching to acquire new skills and perspectives that add value to the organizations I support. The diversity of experiences and the willingness to adapt, not only for myself but for the good of the company, have served me well as a contributor and leader.
I started my career as an industrial engineer. I switched back to a systems analyst when it became clear that a more fundamental understanding of systems would be beneficial. Later, when I joined a software development group, I transitioned back to being a project manager and software developer, which gave me a hands-on perspective that gave me a better understanding of how to design software. optimal solutions for our customers.
I eventually got an MBA in Accounting and Finance, when I determined that improving my understanding of accounting principles and financial regulation would help me be successful in this role.
Most recently, I completed a certificate program in Cyber Security Management, which allowed me to play a critical role in strengthening Cognosante’s security posture. All of these transitions, combined with many years of experience, have allowed me to engage in all aspects of the business in my current role, where knowledge of so many areas is required.
What has been a turning point or an inflection point in your career?
Well in my career, I decided to pursue a certificate in cybersecurity management. I spent several years as CIO and leading Sarbanes-Oxley and SOC 2 compliance initiatives. I had gained a good grasp of compliance controls and processes and developed a deep and rich IT risk management program . At this point, I felt I could dig deeper into the technical controls around IT security.
I enrolled in the Cyber Security Management program at the University of Virginia. In my last course, I developed a risk assessment based on the CIS Critical Controls framework. The insights from CIS risk assessment informed most of my IT leadership and security projects and investments.
What are you most proud to have been a part of in your current organization?
It sounds cliché, but most of all I’m proud of my team. We have built a solid team culture anchored in Cognosante’s core values (value, innovation, performance and sharing), and have thus been able to attract and retain motivated and highly qualified people.
I have great trust in my team and empower them to solve problems and make decisions. I don’t know everything – no one knows it – but as a team, we can collaborate, combine our expertise and motivate each other to be the best we can be.
We pride ourselves on our positive attitude and willingness to support our customers and employees however we need it – something that has been made exponentially more complex over the past couple of years, but I’m proud to say that we have seized the opportunity every time.
We care about doing the right thing, not the easy thing. We diligently identify operational risks and challenges and work as a team to correct them. We reflect the Cognosante culture and I am proud to be part of such a collaborative and very effective team.
How are you helping to shape the next generation of government leaders / industry leaders?
I have reached a stage in my career where I have a wide range of experiences and accomplishments and I consider it not only my responsibility but also my pleasure to share these ideas and experiences with my team. Experience is the best teacher, so it’s great to be there when the hard lessons are learned. I can help them put the events in context and help them shape their response to achieve a positive outcome.
Additionally, I cannot say enough about the importance of building a culture of personal and professional growth. Empowering employees to make decisions and lead initiatives is part of it. Encouraging them to learn new skills, whether through certification or new knowledge of the field, is another. In today’s world, technologists need to develop their business acumen as well as their technical expertise, and I’m trying to find ways to help them do that.
What’s your best career advice for those who want to follow in your footsteps?
Hope you can see that I believe in the power of growth, teamwork, and hard work. I encourage anyone to keep learning and to challenge themselves to think critically, make recommendations, and be courageous. Recognize the importance of collaboration and communication. Be a responsible and thoughtful contributor to your team, build consensus and gain buy-in from your stakeholders.
Most importantly, get things done. Apply rigorous analytical skills. Don’t create half-cooked solutions, but don’t try to boil the ocean either. Make sure you deploy a solution that brings value to the organization as soon as possible. Be responsible for your work. And of course, always make sure you recognize your team’s accomplishments.
