Posted
The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know!
How does a biochemistry diplomate wind up working in cybersecurity? For ThreatConnect Senior Security Engineer Matt Brash, it was all about being in the right place, and talking to the right person, at the right time.
Brash had been working part-time in a suit shop after graduating from university as he planned his next moves when he met a customer who worked in cybersecurity. While he sold the man on the suit, the client sold him on the field. “It was really that one conversation in a suit shop that sort of shaped my career,” he says. It’s turned out to be a perfect fit.
Analytical by nature, Brash relishes the problem-solving that goes into his work as a security engineer, taking complex problems and transforming them into an actionable game plan. “The intelligence problems that our customers have can often feel overwhelming to them,” Brash says, “and sometimes they need guidance in taking that big problem and breaking it down into small, tangible improvements that we can add over time.”
That, for Brash, is the most rewarding part of the job — “when you can step back and actually see that a team is working more efficiently and leveraging the data we provide in a meaningful way.” Here’s how he gets it done.
The following conversation has been edited for clarity and length.
What does your job at ThreatConnect entail on a day-to-day basis?
Matt Brash: My job is to help understand customers’ technical needs when it comes to using threat intelligence data, and to then turn those needs into real-world capabilities in our platform.
ThreatConnect is an automation platform that centralizes lots of different intelligence data into one place, so I help customers understand what types of intelligence they can access and what formats that data is available in. Then, the question becomes, “What do we do with the data?” And that’s about understanding who is going to be able to make decisions based upon that intelligence, so we dig into specific pain points within the rest of the security team to understand how they can use curated intelligence to work more efficiently.
Which side of that equation would you say is more challenging?
Definitely the latter. I think threat intelligence teams sometimes struggle to justify their value. They provide huge value to security organizations, but it’s not always easily quantifiable. We help customers capture key metrics to demonstrate the performance improvement that intelligence provides.
I also find that intelligence teams are often positioned as sort of a side team for the rest of the security, whereas at ThreatConnect, we’re trying to empower them to feel that actually, no, intelligence is really the heart and knowledge base that should inform all of the security teams. That’s the mentality change we’re trying to drive.
What excites you most about this work?
It sounds really cliche, but it’s probably solving complex problems — being able to tangibly see that we’ve improved a customer’s business processes through automation, or by making data more accessible to the right security stakeholders. That’s really the most enjoyable part of the job, when you can step back and actually see that a team is working more efficiently and leveraging the data we provide in a meaningful way.
What’s the most interesting challenge you’ve worked on this year?
The one that stood out for me was helping an organization really operationalize their data. We work with lots of clients from different industries, and a lot of the time, it’s not a data problem. They already have access to lots of threat intelligence data, but they don’t, perhaps, know how to prioritize what is relevant to them and then automate feeding this data into their existing processes.
That’s really the type of problem I like to solve, because cyber as an industry has a big burnout problem. Most security teams we speak to say, “We have too many alerts. We’re always working outside of our normal working hours.” If we can help those analysts work more efficiently, they’re going to get greater job satisfaction.
How has cybersecurity changed in the time you’ve worked in this space?
AI has completely flipped the narrative for most organizations in the last 18 months. For example, it’s being used to produce deepfakes, so organizations can no longer trust who they are potentially communicating with. Malware engineers are also using AI to constantly produce new strains of malware. Just like adversaries use AI to target us, we need to know how to use AI to better detect these things.
At the same time, every organization in the world is adopting AI in their main technologies. Whether you work in marketing, sales, or HR, you’re probably using a product today that has some underlying generative or agentic AI capabilities. So the question is, how are we going to make sure that the models that underline those systems can’t be tampered with by adversaries? All of this, I think, is the new frontier of cyber war.
How do you like to spend your time outside of work?
I made a big lifestyle move a few years ago. I’ve been a West Londoner most of my life; I was born in West London and always sort of stayed around the area, but my wife and I moved to a farm in the west of Ireland three years ago. I really like the outdoors. I love treks. I love cold water swims and go swimming all year round — December, January, February. I love just being out in the water.
Golf is my other passion. I’m very bad at it; I don’t have a good handicap, but still, I think golf is a good way of mentally unwinding, especially when you’re in a high-stress job like we are. You’re always on when you work in a sales engineering role, always thinking about, “How can I improve this for a customer?” When I’m golfing, I can just completely switch off.
Cold water swimming sounds like a mental challenge as well as a physical one. What makes it rewarding for you?
My sales guys and I have a sort of inside joke about winners’ mentality: you’ve got to push through pain to get what you want in life. Maybe it’s got a little bit to do with that. If you can master your reaction to cold water, you come out, and you feel very relaxed. It’s almost like you pushed yourself through an endurance test, and whenever you actually go through that barrier, you feel like you’ve achieved something.
