Women in Cybersecurity

At LinkedIn, we encourage employees to explore different opportunities and pivot into areas they are passionate about.? In this post, we are sharing the journeys of two amazing women leaders in our Information Security organization. Read on to learn more about them and their career paths.

What brought you to LinkedIn?

The known known and the known unknown. The people I had the pleasure to meet during my interview gave me the confidence I will be surrounded by people I enjoy working with and learning from. It is still the number one reason that keeps me at LinkedIn after 6.5 years. Known unknown being switching my career from security engineer to security TPM was a risk I took. I did not know how good I would be in a new role, but I knew I would have the space and freedom to take on a variety of work, build things from scratch in a small but fast growing team.?

What’s one thing about you that isn't on your LinkedIn profile?

While my professional life is all about managing risks, my personal life is all about taking risks (of course only the intelligent ones :)). I love adventures, skydiving, whitewater rafting, paragliding ..you name it. The most recent adventure was getting my PADI diver certificate in Monterey on a day where underwater visibility was less than 5 feet.?

What is your role within the Information Security team?

I lead the governance, risk and compliance (GRC) team within the information security organization. My role is to build and support a team with the most talented people to build a best in class GRC program. Our team is on a mission to integrate security governance & compliance into business decisions to manage risk effectively. Our risk management program identifies, assesses and communicates security risks so leaders can make risk informed decisions. Our policy and compliance program is responsible for building LinkedIn’s policies, standards, and a common control framework to make LinkedIn and its products compliant to regulatory and industry standards. Our business continuity program ensures the ability of LinkedIn to continue delivery of products or services following disruptive incidents and support the restoration of normal operations.?

What inspires you about your work?

What inspires me at work evolved over time. When I first started at LinkedIn as an individual contributor, achieving a major milestone in a horizontal security initiative inspired me and gave me a sense of accomplishment. Nowadays, what inspires me the most is seeing people on my team consistently look to mature our program with better processes and technology. Surrounded by and working with people who take pride in their work is something that excites me every morning coming to work.?

What is one thing everyone can do to enhance their online safety?

Practicing good password hygiene is one thing everyone should do to protect against cyber threats. Passwords enable users to access important accounts, systems and data, making them attractive targets to attackers, too. Here are a few tips for good password hygiene. Consider using passphrases. Instead of using long and complex passwords, passphrases can be stronger and also easier to remember. Choose unique passwords (passphrases). Even if you have a strong password (passphrase), it is important to use a different one for every account you use. In the event one account is compromised, the impact is limited to that single login. However, having a unique password or passphrase for every login means a lot of passwords! Leveraging a password manager to store your passwords will save you from writing them down on a sticky note. Last but not least, enabling MFA (multi-factor authentication) everywhere possible will make it significantly harder for the attackers to gain access to your account even if they compromise your password.

--------------------------------------------------------------------------------

What brought you to LinkedIn?

One thing that is very important to me is the people I work with. David Henke, whom I knew from my previous company (Yahoo) is the main reason I came to LinkedIn. He was SVP at LinkedIn at that time, He reached out and shared a role that was quite exciting and had growth opportunities. He also talked in depth about LinkedIn’s culture, a glimpse of which I saw during the interview process. Especially, my conversation with Bruno Connelly during the interview process convinced me that I want to make this transition and I am glad I took that leap of faith.

What’s one thing about you that isn't on your LinkedIn profile?

I am not sure if many people know that I am ambidextrous. I was born left handed but was “encouraged” by my grandmother to use the “right/correct” hand. My natural tendency is to use left so as a result I learnt how to use both hands equally (except for writing).

Oh and about my partner in crime, my lab retriever - Maverick. He is turning 9 this year. He has been my co-worker during Covid, my walk buddy, my co-chef, my cheerleader, and my bodyguard (at least he thinks so) and so much more.

What is your role within the Information Security team?

I lead the Security Engineering team that is responsible for vulnerability management, defense infrastructure, and identity development. Vulnerability management builds infrastructure and tooling to detect and mitigate vulnerabilities. Defense infrastructure provides visibility via pipelines that collect logs so we can quickly detect any possible threats and mitigate risk. Identity development is about constructing the infrastructure for secure authentication and authorization.

What inspires you about your work?

While my role and responsibilities have changed and evolved at LinkedIn, one constant that has always inspired me and kept me focused is being part of my teams’ growth. I have been fortunate to always be surrounded by the most skilled individuals and while managing them, I have learned a lot. Their growth has humbled me again and again and is part of why I am inspired to always be learning and be better than what I was yesterday.?

What is one thing everyone can do to enhance their online safety?

Security is everyone’s responsibility. While that is not the primary focus of many, it is something we all have to think about while taking any action, be it designing a new product, responding to an email or where we place our company device. One simple thing everyone can do is to be aware of phishing attempts and educate themselves and if there's any doubt then report.