SailPoint Spotlight: Women in Cybersecurity

Authored by Stacy Lange

March is Women’s History Month and a time to focus on all of the fantastic accomplishments women have made in the world. Cybersecurity has become a critical backbone for any organization, big or small. We must realize the essential role diversity plays in the cybersecurity workforce with that importance. Today women only comprise 20% of the cybersecurity workforce, and here at SailPoint, we continuously strive to include more women in our organization – our cybersecurity team is currently 32% women!

I firmly believe that representation matters, so I wanted to take this time during Women’s History Month to celebrate the background and careers of some of the most amazing women in the SailPoint cybersecurity crew who are responsible for protecting our organization. They are challenging the status quo every day and taking charge in paving the way for others in the field. I hope their journeys inspire more women to take up the area of cybersecurity and know that everyone’s journey will look different. Regardless of the hurdles, there’s nothing that will stop you from succeeding in the field but your doubts.

Heather Gantt-Evans, CISO SailPoint

Tell us a little about yourself and what inspired you on your cybersecurity career journey.

I did not actively seek out a career in cybersecurity. However, I did seek out a career in technology. I was a single mom, and the technology field offered me the stability I so desperately needed. I had almost completed my Masters in Technology Management when I got picked up to do government contracting in support of the US Air Force. I started as an IT Business Analyst when shortly after that, cybersecurity found me! A government contract came up to support Air Force Cyber Command as a Cyber Threat Intelligence Analyst. A kind mentor took a chance on me and gave me the position since I had All-Source Threat Intelligence training in the US Army. His gentle mentorship and encouragement inspired me to make a career in cybersecurity. 

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field? 

I hope that in 10 years, I will still be surrounded by a fantastic team like I am now. I hope to continue leading transformative roadmaps to improve, optimize, innovate, and learn continuously. In 10 years, I also hope to be helping to protect a more significant subset of companies through Board of Director work. And last but not least, I hope to see many women I have mentored excelling in leadership roles. High visibility representation is an essential first start in inspiring other women to join the cybersecurity career field. 

Who made the biggest impact on your professional career, and how do you “pay it forward”? 

People who believed in me so passionately that they convinced me to dream bigger and bigger. Wow – you do not realize how far that vote of confidence that comes with words of encouragement can go. I try to pay it forward by sharing similar words of encouragement so that others can realize their potential. 

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity? 

There are two challenges in cybersecurity that I will focus on. The first challenge is that cybersecurity experts are trained to find the security control deficiencies – this means it can be challenging for us to stop and appreciate progress. It can even make it challenging to partner. For example, if you are only thinking about the security flaws in your IT or business partners’ plan – you may get hung up in just telling them “no way” instead of finding a way together. The empathetic leadership that women often exhibit can make a huge impact! The second challenge is that we can do so much better – and in my opinion, it starts with elevating representation. That is why I am so proud of the women on my team who even thought to do this blog post! 😊

Alpana Tyagi, Manager, Cybersecurity Strategy and Risk 

Tell us a little about yourself and what inspired you on your cybersecurity career journey.

There was only one subject in school that I was good at apart from English (which was challenging to make a career in): computer science. So I pursued computer science engineering for my bachelor’s degree. During the third year, I took a course on computer network and security and did a project on “DDoS Attacks,” which I published as a paper later. From that point onwards, I knew cybersecurity was my field. I did not instantly get a job in cybersecurity. I ended up taking software engineering as a career before I decided to come to the states and pursue my master’s in cybersecurity. From there onwards, I made a career out of my passion for cybersecurity. 

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field? 

I hope to continue towards becoming an executive and transformational thought leader in cybersecurity, working on the latest challenges in the field and executing cybersecurity strategies and roadmap. I expect to see more women leaders in the area, and I have a personal motto to help more women join and become leaders in our field. Some of the best in cybersecurity are women, and we should see that trend increasing. 

Who made the biggest impact on your professional career, and how do you “pay it forward”? 

Many people have helped me reach where I am, including my father, who has always believed more than I have believed in myself. I had great teachers in school who inspired me along the way. All of the managers I worked with have helped me grow tremendously in every aspect of life. And last but not least would be my husband, who has always supported me every step of the way personally and professionally. I am lucky that I have had a chance to work with some fantastic mentors in the field, including my current leader, who has been my biggest supporter, mentor, and champion for many years now. I plan to “pay it forward” by doing what others have done for me. I have time and again been shown that the world is limitless, and I try to give others the same experience. 

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity? 

I think the challenge of our field is the intimidation of the field itself and the hype around it. We make it too big in our head to try while we have some classic examples of people from all facets and careers making it big in cybersecurity. The focus on representation to see what is possible is very important from my point of view. There are so many hidden talents who can bloom if given the right circumstances. Some of the most important qualities I look for candidates I hire are tenacity, their willingness to learn and the rest are skills that can be easily taught. I would suggest the women looking to enter the field do the same, and those of us on the other side make a conscious effort to give them a chance.

Felisha Richardson, Manager Threat, and Vulnerability Management 

Tell us a little about yourself and what inspired you on your cybersecurity career journey

I wanted to go to school for Architecture, but the time I was graduating, the recession had hit, so that career went out the door. My backup was computers which led me to an Information Security and Assurance Major at Kennesaw State University. There weren’t many women, black women at that, in my field during school. I was the only one in most, if not all, of my classes. But being that I went to PWI’s, that was always typical for me. After starting my first job, it became even more apparent that there were not many black men or women in cybersecurity within the company. Meeting the men and women who looked like me at my first job inspired me on my journey. They believed in me, told me I was rare and that I could change the perspective or minds of younger generations of black boys and girls. In our community, it’s always sports that will get you out and be somebody. And that is not true. We are more than just athletes. Cybersecurity was not a big deal in companies when I first started; there was not a lot of buy-in. But now, it’s becoming top of mind for companies. It’s great to know the company understands why we are within the company, but also, it’s even cooler what we do for companies that people do not see. 

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field? 

In 10 years, I hope to have started my nonprofit that gives back to kids by mentoring, life skills, and teaching them about technology and coding. I expect to see more women in the field, we are booming right now, and we aren’t slowing down anytime soon. 

Who made the biggest impact on your professional career, and how do you “pay it forward”?

My first manager gave me a chance to learn how to survive in the workplace and this world. I pay it forward by giving others opportunities as well. Knowing their potential and what they can be is a crucial factor. 

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity? 

I feel like some women are not taken as seriously as men. Our words need validation. Also, being a black woman in this field is challenging alone. I’ve been in companies that mistreated me compared to my white coworkers. I also got paid less for being a woman, even having the same degree and skills as my colleagues. I would tell the women entering the field to know their worth and to stand their ground. Never settle.

Viraj Gandhi, Sr. Staff Product Security Engineer

Tell us a little about yourself and what inspired you on your cybersecurity career journey

I have a master’s and bachelor’s degrees in Computer Science. I spent a decade in Agile/Scrum software development before plunging into the cybersecurity space. I also have experience working across teams to help drive security improvements across the enterprise by providing security advice and risk assessment. The exciting part of my cybersecurity journey is the constant innovation and the race to secure this fast space environment that needs strategy, operations, and infrastructure, which interest me. Due to the apparent race between the attackers and the defenders, you are never bored and stuck with projects; the career in cybersecurity is a journey, not a destination. 

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field? 

I look at myself as accomplished information security, privacy, and IT management leader with a strong business, risk, and technical background while being the best wife and mother. Cybersecurity is an industry that needs more women to bring more gender equality and create more diversity, and this gender gap has not gone unnoticed. Often it only takes one woman joining as a leader to see a positive snowball effect. 

Who made the biggest impact on your professional career, and how do you “pay it forward”? 

It would not be fair to give credit to a single person only. However, I have to credit my mother, who raised me single-handed, taught me always to be hungry and humble. Also, after transitioning into the cybersecurity field, my first manager told me to believe in myself and build a supportive network. These words have stuck with me since then. I believe in giving back to the community. I am currently volunteering and supporting the WiCyS community to encourage and empower women to be part of cybersecurity. 

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity? 

The challenge I see in this field is staying up with the latest attacks and constantly thinking creatively as its constant race between the attackers and the defenders. Be passionate and always be a lifelong learner, and most importantly, build an expanding diverse support network to advise and encourage your personal and professional growth. 

Michelle Gruener, Sr Manager, Security Architecture and Engineering

Tell us a little about yourself and what inspired you on your cybersecurity career journey.

I was not inspired initially to be in cybersecurity, nor was I looking for a role in this space. However, before the term growth mindset became a commonly used term, I demonstrated the behaviors: being open-minded, embracing new challenges, loving learning new things, being persistent, and not giving up. So, when I was asked to lead the cybersecurity teams, even though I did not have a background, I said yes. Saying yes to the opportunity enabled me to push myself to new limits, learn more than I ever thought possible, and be on the most exciting team and work I have ever done. The skills I learned were also ingrained in my thinking. Hence, as I moved on to lead other product and engineering teams, I raised the expectation of ensuring our applications were well tested and leveraged secure coding practices. Fast forward to November 2021. I am back in cybersecurity at SailPoint and am doing exciting, challenging, and truly fulfilling work once again!   

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field? 

In 10 years, I hope to continue to be surrounded by people who support each other and work for a company promoting continuous learning and growth. I also see myself advocating for STEM careers, focusing on growing the number of young women entering middle school, high school, and college, and lifting them to be confident in their abilities.   

Who made the biggest impact on your professional career, and how do you “pay it forward”?  

When I was six months into my role as an Engineering Manager, my Director asked me to take on the responsibility of leading a team of around 40 people focused on Identity and Access Management, Border Protection, and F5 Load balancers while I had zero experience in security. I was shocked, a little scared, and questioned why me. She said that she knew I was the leader the team needed. She told me that I would elevate them to new levels because I had the technical aptitude for learning and strong leadership skills. Because of the trust, our relationship, and the desire to prove I could be all the things she thought I could be, I stepped up to the challenge. Saying yes to this opportunity profoundly changed the trajectory of my career in cybersecurity and technology. I pay it forward by reaching out to other women in technical and non-technical roles and providing them with guidance, coaching, mentoring, and friendship to help increase their self-confidence and willingness to say yes to new challenges. I have led the Women & Technology employee resource group at a Fortune 50 company, launched the first internal Women’s Technology Summit at my former company with over 1500 attendees, and mentored well over 100 women throughout my career. I am excited about the future at SailPoint and look forward to finding new opportunities to pay it forward!  

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity?  

I see a crucial challenge is intimidation of the subject, cybersecurity, and not knowing where to begin. Another challenge is the lack of women candidates in the hiring pool, making it difficult for leaders to bring more women onto the cybersecurity team. The value of having diversity within groups increases innovative ideas, different perspectives, and the list goes on. So many women could be successful; sometimes, it just takes one person to reach out and let her know she can do it and help pave the way for her to take the first step. 

 Stacy Lange, Cybersecurity Program Manager 

Tell us a little about yourself and what inspired you on your cybersecurity career journey.

I am currently a Program Manager on the cybersecurity team, managing our metrics, training, and project management programs and helping to develop our cybersecurity strategy for the upcoming 3-5 years. I had an exciting start in my career. I was on active duty in the Air Force as a nuclear missile operator, and when I left the AF, there weren’t a lot of jobs those skills translated to. After moving to San Antonio, I happened to be in the right place at the right time with my Air Force Reserve (part-time military) role and was offered the chance to stand up the new Air Force Cyber Command. I learned very quickly in that job how necessary on-the-job training and a desire to learn are. I worked in threat intelligence, cyber operations planning (offensive and defensive), and program management roles over my time with the AF. Each job brought an opportunity to grow my cyber skillset and challenge me.  

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field?

I’m super excited to see where my career can take me in 10 years and hope wherever it is that I am still growing and learning every day. 15 years ago, I would have laughed if you told me I was going to work in cybersecurity at all. My answer would have been, “Ummm, I am not a technical person.” I love that you don’t have to be a developer to thrive in this career field, and everyone is willing to help each other learn and grow. I would love to see more women in this field. I think women have been intimidated for so long because it has been such a male-dominated role. I think we owe it to younger generations to expose them to every aspect of cybersecurity because there is something for everyone- developing, threat intelligence, program management, strategy and risk, operations, you name it! 

Who made the biggest impact on your professional career, and how do you “pay it forward”?

I have been blessed over my career to have several mentors that have pushed me to challenge myself and never doubt my abilities constantly. I have watched them lead by example in valuing the inputs and contributions of everyone on their teams regardless of position. They have taken numerous opportunities to expose me to this career field’s fun and challenging side and presented me with new opportunities to explore that I might not have otherwise considered. They have been a great sounding board for me as I have considered career moves, helping me see the bigger picture with each decision. My mentors have always been the ones to remind me – you will never know if you can succeed at something if you don’t step outside of your comfort zone and try! 

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity?

One of our biggest challenges is getting people over the hurdle that you must be an insanely intelligent and technical developer/coder to succeed in this career field. Those skills can be very intimidating for people, and we owe it to younger generations to expose them to all aspects of this industry. I also think it’s super important to keep encouraging girls to explore and choose STEM careers. As professional women in the field, the best thing we can do is serve as mentors for young women and encourage them to leap into this constantly growing and changing career field – cybersecurity can be crazy at times. Still, it is also fun and rewarding every day. The need for cybersecurity will never go away! 

Stacey Russell, Cybersecurity Governance Architect 

Tell us a little about yourself and what inspired you on your cybersecurity career journey 

I started my career in Insurance, and over my 20+ years, I experienced roles in Business, Information Security, and Enterprise Architecture, with a couple of Transformation projects along the way. It was all fun, but I continue to enjoy my years in Information Security the most as I like answering the questions – How do we keep the bad folks out? How can we do it better than before? 

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field? 

Ten years seems distant, but I’m hoping for continued growth in Architecture and Strategic Planning utilizing new and exciting tools to facilitate the related process, delivery, and expected outcomes. Integrating NUIs (Natural User Interfaces) and AI (Artificial Intelligence) with Enterprise Architecture tooling is something I am passionate about, as its impact can bring a fantastic acceleration to business, planning, innovation – and yes, security. 

Absolutely! Women leaders are rising across the industry, and SailPoint embraces and exemplifies this change. 

Who made the biggest impact on your professional career, and how do you “pay it forward?” 

My first Director, when I started in Information Security, had the most significant impact on my career. He was the learning seed for everything I have pursued in Information Security Strategy and Architecture. His extreme patience, willingness to let me learn, question, fail, and assistance to succeed were all phenomenal. He is a fantastic leader with a genius security skill I will never match, and I am thankful he gave me a chance every day! He set an amazing example. When he retired, he said, “I leave architecture in your hands, go forward, and make it great!” So, every day I try my best to make it great, build it, share it, and teach the next architecture practitioner who will continue to make it even better in the future!  

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity? 

There is no shortage of challenges! Technology innovation and the methods used to defeat security controls are in a state of constant change. Coupled with changing laws and requirements, there is much for us to consider. I would say that women looking to enter this field are ready for consistent adaptation, prepared for the challenge, and ready for fun. It is never boring in cybersecurity, and you will always be learning. 

Andrea Baker, 3rd Party Risk, and Due Diligence Program Manager 

Tell us a little about yourself and what inspired you on your cybersecurity career journey.

I am currently one month into my cybersecurity journey, and so far, it has been an exciting change. My first career was as an elementary school teacher, where I’m sure that my super-secret password of Class3B was not keeping the computer lab very secure! After a few years of teaching, I was a stay-at-home mom until I was ready to return to work. At that time, I was unsure which direction to take my career and wound up in a project management position for software implementations. For the record, it is a toss-up on who is more challenging to manage, a room full of 6-year-olds or a team of developers, but the technique is pretty much the same! 

The inspiration for my cybersecurity journey is all due to a friend’s encouragement and my desire to work at SailPoint from observing and reading about how much everyone loves working here. I know I have a great deal to learn within this field and am in awe of the level of expertise that I see from the members of the SailPoint crew. Based on my initial experiences, one thing I can say about people who have made cybersecurity their journey is that they are enthusiastic about sharing their knowledge and are lifelong learners who thrive in an ever-changing environment.  

What do you think your career will look like in 10 years? Do you expect to see more women leaders in the field? 

I am excited to see where my career is in 10 years. I’m very much at the beginning of this journey and hope to one day be an accomplished and respected member of the team. I expect and am looking forward to seeing more women leaders in the cybersecurity field. 

Who made the biggest impact on your professional career, and how do you “pay it forward”? 

I am fortunate that I have always had supportive people behind me, encouraging me and pushing me to go outside my comfort zone. Trying new things can be challenging, but, in my experience, it is always worth taking the chance. The worst case is that you’re right back where you started, and you get to try something else new. I have worked as both a coach and mentor to people looking to enter those fields in my previous careers. I look forward to gaining the experience necessary to do the same within this field.  

What are some of the challenges of our field? What would be your suggestion to women looking to enter the field of cybersecurity?  

As a rookie member of the cybersecurity team, the biggest challenge is that people are intimidated by what they think cybersecurity is. Before researching the industry, when I heard the term cybersecurity, two vastly different images would appear. The first was an image of secret agents busting cyber bad guys, and the other was people sitting in cubes working nonstop at their computers troubleshooting technical issues. The reality lies somewhere in between as we protect people by providing solutions.  

As a young girl growing up in a rural community, I knew I wanted to go to college and have experiences outside of a small corner of Iowa. When I met with my career guidance counselor, the only question I remember being asked was if I wanted to be a teacher or a nurse. This makes me believe that the most significant impact we can have on women joining the field of cybersecurity is to expose them to it as young girls and let them know that it is an option for them and that they can, and will, be successful! 

SailPoint stands for its people, whose unique characteristics and talents are what make us the company we are today. We live and breathe our ‘Four I’ core values which stand for individuals (our SailPoint Crew), integrity (delivering on what we say we will), impact (measuring results, not hours spent), and innovation (this one speaks for itself). If you’re interested in joining SailPoint, check out our job openings.


Discussion