5 Questions With Angel Jordan, Oportun's Senior Manager Security Engagement & Education
As a provider of consumer-facing financial services, our members entrust us with their data and financial futures, obligations we take seriously. Oportun invests in our systems and people in order to help ensure the integrity of our members’ data. With Data Privacy Week recently passed, we sat down for 5 Questions With Angel N. J. , Oportun's Senior Manager Security Engagement & Education.
First things first – what do you do at Oportun?
I run the security awareness program at Oportun. I’m responsible for helping create protections against cybersecurity attacks, educating team members on how to prevent them, and helping train Oportun workers on security practices.
Let’s imagine security awareness in simple terms. Picture what happens when a rock is thrown and it hits you - it’s a pretty simple lesson in pain. Teaching security awareness is like showing people how to dodge the rock altogether, so they stay safe (and avoid the pain of your data being stolen).
Today, our internal awareness campaigns are hitting on all cylinders with regular communications, webinars, and training that ranges from new hire onboarding through to annual cybersecurity classes.
How did you get into this field and what led you to Oportun?
I’m an accidental security awareness leader. I started my career as a technology consultant, then expanded into IT audit work and governance. I became fascinated by cybersecurity and the human element of prevention, so dedicated the next phase of my career to cybersecurity education and awareness.
I decided to obtain my master’s degree in Training and Development (Angel was a pandemic graduate), then accepted a new opportunity with my prior employer, Bank of America, where I developed an award-winning cybersecurity talent upskill program. That’s where I heard about Oportun.
I was attracted to the Oportun mission immediately. I had actually been a member using the Oportun savings app already. But when I learned about the important work the company does offering financial tools and services to the underserved, I was hooked.
There’s a tremendous alignment between the Oportun mission and cybersecurity’s role within it. By helping protect the most technologically vulnerable, we can ensure that the information of the most financially vulnerable remains safe and protected. I designed my first campaign at Oportun, Fall into Cybersecurity, with that in mind. The campaign revitalized the Security Education program and was mentioned in the Oportun 2022 Corporate Sustainability Report as a testament to how our security awareness program enhances the information security posture at the Company.
I’ve also felt seen and heard here at Oportun. I have an amazing team around me and Chief Information Security Officer, @Manju Mude, has been incredibly supportive. They’ve given me the freedom to build and evolve this program so that it’s best able to serve our Oportun teams.
You’re very passionate about your job. What drives you?
Once I moved into cybersecurity awareness, I realized the work was my passion. I’m a creator at heart (Angel is a sewist and crafter in her free time) and enjoy helping others, so building content and programs that make people smarter and better able to avoid deceptive practices is incredibly fulfilling.
The key is teaching good habits. Cybersecurity is a muscle; you need to build it up and make it repeatable. My goal is to build that muscle and then equip team members to help others do the same. In that way, we are building a wider, stronger, more effective cybersecurity net that protects everyone.
I’m also passionate about helping others succeed. As a Black woman, I believe my obligation is to be visible so others can see that it’s possible and then help lift others into similar roles.
I am a president of the Charlotte Chapter of Cyversity, an organization that helps underprivileged groups break into cybersecurity. I also created a LinkedIn initiative called Cyber is the Future that provides perspectives on the industry and tips for how to break into it.
What cybersecurity advice do you have for others?
In general, I’m technology agnostic. I prefer to teach principles that can be applied no matter what type of device you’re using or where you work.
For me, the Core Four are always the best starting point:
- Turn on automatic updates for everything so you’re guaranteed to have the latest protections.
- Learn how to identify phishing attempts early so you can be more adept at spotting suspicious activity.
- Use multi-factor authentication whenever possible.
- Employ creative passwords for your logins, combined with leveraging password managers. Increasingly, that’s less about complex alphanumeric strings and more about personal passphrases that are easier to remember but hard to guess
What’s next in cybersecurity and for you at Oportun?
As a company, Oportun is very supportive of generative AI, but we obviously need ground rules for how to engage with it safely. To do that, we first created a three-part seminar that covered the benefits of the technology, its risks and needed ethics, and how we use AI and data science at Oportun. It was exciting to see hundreds of our colleagues take part in that.
As a next step, I’m working with @Carlos Carlos and his Data Security team to develop Generative AI University. It will dig a little deeper to show how to use the technology properly, what our governance tools are at Oportun, and provide training for our technical teams.
If you are interested in learning more about cybersecurity for personal or business purposes, I recommend the National Cybersecurity Alliance. They provide engaging educational content that I use often as source material for Oportun newsletters and curriculum content.