Role Model: Desislava Nikolaeva
Personal Details
- Title, Name, Surname: Desislava Nikolaeva
- LinkedIn Profile: https://www.linkedin.com/in/desislava-n-security
- Link and information to any initiatives you are involved in that relate to empowering women in ICT: Collaborator with Women4Cyber, contributing to community initiatives that promote women in cybersecurity and supporting knowledge-sharing and professional engagement within the cybersecurity ecosystem.
- LinkedIn Profile of Women4Cyber: https://bg.linkedin.com/company/women4cyber-bulgaria
Expertise
- Your role/job title: Security Officer
- Company name: EGT Digital
- What is your field of expertise? Cybersecurity governance, DevSecOps, Secure Software Development Lifecycle (Secure SDLC), product security, risk and vulnerability management, and security strategy & roadmap. My work focuses on embedding security into development and operational processes so that security becomes part of how systems are built—not something added later.
Company details
- LinkedIn: https://bg.linkedin.com/company/egt-digital
- Facebook: https://www.facebook.com/share/1GmsYxV8Ju/?mibextid=wwXIfr
Introduction
Please tell us a few things about yourself.
I build bridges between engineering and security. My background spans several areas of IT, including technical support, software development, infrastructure, and security engineering. Working across these different roles gave me a broad understanding of how systems are built and operated—and where the security challenges usually appear.
Today my work focuses on integrating security into the software development lifecycle and helping organizations build security practices that scale with innovation. I’m especially interested in how engineering, governance, and security leadership come together in practice.
Outside of my daily work, I enjoy contributing to the cybersecurity community through knowledge sharing and discussions about how we can make the field more accessible to the next generation of professionals.
Inspiration
What motivated you to enter the cybersecurity field, and how can we make that journey more accessible and visible to young women today?
My journey into cybersecurity started quite early in my career. One of my first roles was working as an information systems security administrator. That experience exposed me to the responsibility of protecting critical systems and sensitive information, and it sparked my long-term interest in cybersecurity.
Over the years my career evolved across different areas of IT—from infrastructure and operations to software development and later DevSecOps and security governance. Seeing technology from multiple angles helped me understand that security is not a separate function; it is something that needs to be built into systems, processes, and products from the very beginning.
To make cybersecurity more accessible for young women, we need more visibility around the different paths that lead into this field. Not every cybersecurity professional follows the same route. Sharing real career stories, mentorship, and community initiatives can help young women see that there are many ways to enter and grow in this profession.
I believe that by sharing our stories, we can make the cybersecurity path visible and accessible to the next generation of talent.
Career Growth
Beyond technical knowledge, which soft skills - such as teamwork, problem-solving, or ethical awareness - are most valuable in your day-to-day work?
Technical knowledge is essential, but cybersecurity is ultimately about people and decision-making.
Communication is one of the most important skills. Security professionals often need to translate technical risks into language that business leaders and development teams can understand. Collaboration is equally important because security cannot exist in isolation—it has to work together with engineering, operations, and product teams.
Another key skill is critical thinking. Security rarely deals with clear answers; instead, we constantly evaluate trade-offs between risk, usability, and innovation.
Memorable Achievements
Share a project or moment that reflects the impact of your work.
One initiative that stands out for me is the development of a Security Champions program within engineering teams. The idea was to identify developers who were interested in security and support them in becoming internal advocates for secure practices within their teams.
Instead of security being handled only by a central team, this approach helped distribute security knowledge directly inside the development process. Security champions acted as a bridge between engineering and security, helping teams address vulnerabilities earlier and encouraging secure coding practices.
What made this particularly rewarding was seeing how the program helped build a stronger security culture. When developers themselves start driving security conversations, the impact goes far beyond individual projects.
This initiative not only reduced the number of vulnerabilities reaching production but also shortened the feedback loop between developers and the security team.
Challenges
How do you stay ahead in a competitive field, and what obstacles have you overcome?
A key challenge in cybersecurity is that security often needs to influence teams that have different priorities, such as speed of delivery or product innovation.
Introducing secure development practices or new security processes sometimes requires cultural change, not just technical solutions. Over time I learned that collaboration and communication are just as important as technical expertise when building a strong security culture.
Work-Life Balance
How do you manage the demands of career and personal life?
Cybersecurity can be demanding because the landscape evolves constantly and the responsibility is significant. For me, balance comes from maintaining clear priorities and focusing on continuous learning in a sustainable way.
I try to focus on steady progress rather than constant urgency. Over time, that approach helps maintain both professional growth and personal balance.
Personal motive
What’s your personal motto, or favourite motivational quote, that can also inspire the younger generation to follow studies and a career in an ICT / Cybersecurity field?
A quote that resonates with me is:
“Being ready is a myth. You start. You suck. You get better.”
It captures something very real about both technology and cybersecurity. No one begins their career fully prepared. Skills, confidence, and expertise develop through practice, persistence, and learning from mistakes. For anyone considering a path in ICT or cybersecurity, the most important step is simply to begin.
Future
Which emerging areas in cybersecurity, such as AI security, data protection, or social engineering, will be most relevant for the next generation of professionals entering the field? And what role can gender diversity and inclusion play?
Several areas will shape the future of cybersecurity. AI-driven systems are introducing new attack surfaces while also enabling new defensive capabilities. Cloud-native architectures and distributed systems continue to expand the security perimeter, making identity, access management, and data protection increasingly critical.
Another area that will become increasingly important is cyber resilience—the ability of organizations not only to prevent attacks but also to withstand them, respond effectively, and recover quickly. As digital systems become deeply integrated into business operations and critical infrastructure, resilience will be just as important as prevention.
At the same time, cybersecurity remains a deeply human challenge. Diverse teams bring different perspectives to threat modeling, risk analysis, and problem solving. Gender diversity and inclusion therefore are not only social goals—they directly contribute to stronger and more resilient security strategies.
For the next generation entering the field, the combination of technical depth, strategic thinking, and diverse perspectives will be essential.