Marilena is a results-driven leader, big-picture problem solver, and lifelong learner. She brings a wide skill set to customer success, with previous experience in cyber risk management and strategy consulting and training in Catalyst’s ACTP (Accelerated Cybersecurity Training Program).
Before customer success, Marilena worked as a security professional in Deloitte’s Cyber & Strategic Risk practice. There, she specialized in strengthening her clients’ cybersecurity posture and managing privacy and security risks for large enterprises.
Marilena is versatile and thrives in fast-paced environments, having worked in organizations ranging from industry-leading startups to multinational corporate enterprises. She has served clients in various industries, including government and public sector, life sciences and healthcare, consumer, and financial services.
As a philosophy major and grad student, Marilena defied expectations when she entered the fields of finance and cybersecurity. Occasionally, she gets questioned about her background in philosophy, but she frames it as a strength. What she loved most about philosophy was grappling with ideas and exercising critical thinking.
I’m someone who asks why a lot.
Looking back on the subject of her master’s thesis now, Marilena finds it uncanny. Her subject was a critique of how knowledge is made. While ignorance can be a result of the tabula rasa, or the blank slate, Marilena argues it can also be produced.
A decade later, her thesis feels less theoretical and more predictive. What once seemed abstract, the production of ignorance, is now central to how we understand misinformation.
“Tobacco is kind of a famous one,” says Marilena. “They invested in asbestos and pesticide research, so they did produce knowledge. But when you look closer and ask why, the answer is that they wanted to distract people from tobacco causing cancer.”
“There was this production of knowledge that created ignorance, and that’s what my thesis talks about,” she says.
Years later, DEFCON Toronto, a local, community-driven cybersecurity group, was Marilena’s introduction to cybersecurity. She sat in on a critical infrastructure session, and the risk part of her brain and training lit up. She was intrigued and immediately asked, “How do I break in?”
The desire to bridge her interests with foundational knowledge brought her to the Catalyst. Her search led her to the Catalyst’s ACTP (Accelerated Cybersecurity Training Program).
Simultaneously, she was hired at Deloitte for operational risk consulting. Once she had her certificates, she knocked on the door of a Deloitte partner in the Cyber and Strategic Risk Practice. They said, “We need you.”
There’s been a continuous thread throughout my career: risk. From human risk factors to insider risk to broader strategic challenges, it’s always been about understanding and managing it.
That openness shaped her next moves. Marilena didn’t initially know much about customer success, but she was willing to try it. “I had always believed the best part of my job was working with people,” she says.
There were always categories of work, however, that she wasn’t willing to part with. “I thought about becoming a penetration tester or a security engineer, but I knew that was never going to be me, because I don’t want to work in isolation behind my laptop. I’m very social. I work well with people.”
“Her fit was GRC (Governance, Risk, Compliance) — working with stakeholders and partners.”
Marilena tells her mentees that they really have to understand what matters to them. She quotes a friend from her ACTP cohort, Momna Farooq, who says, “Cybersecurity is like a hospital,” she says. “There are nurses, doctors, surgeons, and administrators; you have to understand where you fit.”
Marilena lives by this value. She recalls an interview from her banking days in which she mentioned her strength as a problem solver and her liking for critical thinking. The interviewer said, “We just need someone to execute on our processes — we don’t really need a critical thinker.”
“Thank you for being honest with me,” Marilena said, “but I don’t think this is going to be a fit.”
When reflecting on traits that apply across cybersecurity roles, Marilena returns to effective communication. It’s essential, no matter your role in security. If you’re extremely technical but you can’t communicate risk, you’re in trouble — you won’t be able to get the resources and tools you need to close gaps. And if you’re highly strategic, you need to be able to take information from technical teams and translate it for senior leaders.
Communication shows up in all kinds of ways. You might have a CFO who says, “You know, this security stuff — isn’t it a bit overblown?” You have to navigate that because this person may be very disconnected from technology. How do you persuade them so that they start to think differently, that this is something they should be spending their budget on?
As a mentor, Marilena adds a subtle distinction. Mentorship, where someone teaches, trains, and supports you, is important. But a sponsor is someone who advances your career. They may be responsible for your promotion, your upskilling, or your leadership coaching.
In her role as a manager, she takes the opposite approach of a micromanager. “I want my team to feel like they own their work, own their clients, and own their processes,” she says.
Her leadership style evolved out of a painful experience. At the beginning of her career, Marilena received an award, and there was a luncheon to follow.
I think my ambition was disruptive to some of my leaders and mentors.
At the lunch, the VP asked, “Is there anything you think we could be doing differently or better?” Marilena raised her hand.
“I think positive feedback would go a long way,” she said. “I know we receive correction when we’ve done something wrong, but I’d love to hear more about what I’m doing well so I can do more of it.”
The VP shut her down: “No feedback is good feedback.”
“I was so embarrassed. I was young, in a room full of strangers, and I thought it was a good idea. And you know what? It was.”
“As a leader, it taught me something in reverse,” says Marilena. “I don’t want to be a leader who is happy with ‘no news is good news’ and shuts down someone who’s young and ambitious in the room.”
Another facet of her leadership style is that Marilena always raises her feedback. “I’ll raise it once, maybe twice,” she says, “and say, ‘This is the risk.'” She doesn’t stop there; she also provides a solution for the way forward. “I won’t die on every hill,” she says. Because she picks her battles, if she escalates a concern, leadership usually listens to her. She emphasizes the importance of voicing it.
“You can’t control other people’s reactions, but you can control your professionalism,” she says. In this way, she delivers quite critical concerns or feedback while remaining polite, and no one feels hurt by receiving it. One lesson she likes to share with her mentees is to deliver delicate feedback one-on-one, never in front of a group; however, she does like to deliver good feedback or praise in a group setting.
Because Marilena won’t die on every hill, she documents. She uses OneNote and keeps it running to document her meetings, notes, and observations. To keep things clear, she shares meeting notes, but she’s learned to keep the more extensive version to herself.
“Documenting is simply good practice,” she says. “It’s stating the facts so you have them in your records, should you need to access them for a later conversation. It also helps build stronger relationships with your clients and colleagues, so you don’t have to ask the same questions more than once or have them repeat themselves.”
Marilena believes there are more imminent risks in AI and quantum than we expected. While she says everyone saw it coming, things have advanced much more quickly than anticipated.
The tools are improving faster than we expected. If we don’t engage with them and shape how they’re used, we risk falling behind. And if they fall into the hands of attackers or foreign state actors, the consequences won’t be theoretical.
The same question that shaped her thesis still applies: how knowledge is produced, and to what end. In an AI-driven world, the stakes of that question are no longer academic. They’re operational.