Navigating Career Growth and Change in Cybersecurity
When it comes to working in tech, you blink and the landscape shifts again: AI tools that didn’t exist last month become must-haves, new threats make yesterday’s security protocols obsolete and that hot framework everyone was learning is already considered legacy code. For IT and cybersecurity pros, this isn’t a curveball; it’s the whole game.
Tomás Montilla has turned that industry wisdom into a career strategy. He’s discovered the real competitive advantage isn’t expertise in any single technology; it’s the ability to embrace change itself.
Over the course of eight years, Tomás progressed from individual contributor to manager at Cox Communications. Then in 2024, he took a leap to work at the parent company, Cox Enterprises. And it transformed his entire perspective on career growth.
“What I’ve noticed is that a lot of the blockers to your career progression tend to be self-imposed,” he said. “Moving from one division to another has taught me that a lot of the time, you do have what it takes.”
In 2025, about a year since making that first jump across the enterprise, Tomás made his biggest career move yet: he applied for and landed a new role as director of integrated cybersecurity architecture at Cox Automotive, another division within the Cox family of businesses.
“The jump to the role that I have now was very daunting because it’s the highest role I’ve ever held, and on top of that, it was a shift to another division at Cox,” he explained. “But this time around, I knew that I had that gumption in me to be able to go through change.”
Career coaching and support from mentors and leaders
Throughout his career at Cox, Tomás has sought out the guidance of mentors within the company.
“If you need career coaching, [Cox] has mentorship programs and they can put you in contact with people in all levels of leadership,” he said. “It’s part of the culture, and I’ve noticed that most leaders have mentees that are not in their own divisions.”
In fact, it’s partly thanks to his mentors that Tomás got comfortable with the idea of making career moves across the company’s different divisions: “Every time I was hesitant or had my doubts at each step, the mentors that I had here were the ones who encouraged me and pushed me forward.”
One of Tomás’ fears about pursuing opportunities in other divisions was that it would impact his relationships with current teammates and leaders. In other workplaces, that might be a legitimate concern. But his experience at Cox proved that the company genuinely supports career growth. Working in different divisions has only bolstered his personal brand and allowed him to expand his network.
“All the leaders always were very encouraging,” he said.
This has also influenced his own approach to leading his team: “I let my direct reports know that I’m just as vested on their career trajectory and making sure they’re getting what they want out of Cox as my leaders have for me. And whether that’s an opportunity within one of the other divisions or another team, I try to keep their best interests in mind.”
“A lot of what we’re doing today did not exist seven years ago. And it’s not just AI; it’s the nature of how we think about risk and cybersecurity threats.”
Advice from the other side of an interview table
Tomás explained that while he and other leaders look for candidates with a lot of technical depth, soft skills can make or break the hiring decision.
“There’s all this talk that if you are in cybersecurity, you need to be the most technical person and that’s all you should be focusing on,” he said. “In reality, there are times we’ll scratch someone from consideration just because they don’t have the soft skills, no matter how good their resume looks.”
As Tomás builds a more adaptable and skilled security team, he’s pinpointed the essential skills that drive long-term success in cybersecurity:
1. Adaptability: “Being flexible with what your job responsibilities are and adapting your skill set to match the demands of different teams is critical. It’s how you can match the speed at which things are moving.”
2. Ownership: “As I’m building my team, I’m looking for people who feel like they own a specific domain of security, and when there’s an issue, they take charge and drive it, whether it’s something that I’ve instructed them to do or not.”
3. Critical Thinking: “In cybersecurity, we’re looking for people who can think about risk like an attacker. People who try to figure out what exactly an attacker would try to target and take into consideration the flaws of the system and raise those considerations to leadership.”
4. Curiosity: “I look for people who really love the field and are curious about it, because that’s what gives you the drive to keep your skill set up to date. More importantly, curiosity is also what helps you start exploring other domains outside of your focus area. It’s what future-proofs your career a little bit. For example, a lot of what we’re doing today did not exist seven years ago. And it’s not just AI; it’s the nature of how we think about risk and cybersecurity threats.”
5. Networking: “Invest time in grabbing coffee, attending networking events, getting a mentor and having hallway conversations. By doing those things organically, you are building a brand and you’re putting your name out there, so that when opportunity comes, someone has your name in mind.”
Curious about a career at Cox? Explore opportunities and sign up for our Talent Community today!
Related Articles
The best way to learn about life at Cox? Hearing from our people! See how Cox employees bring their authentic selves to work every day and make their mark.
Read our stories
