As part of our Women in Cybersecurity Month, we are highlighting women and their careers, accomplishments and passions. This spotlight features Sarba Roy, CISSP who describes her cybersecurity career journey.
Disclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2.
I consider myself an infosec professional and a passionate advocate for women’s empowerment. I am dedicated to helping individuals and organizations become more compassionate, curious and cybersmart.
With over a decade of experience, I’ve navigated across various roles in cybersecurity specializing in web and infrastructure security assessments, governance, risk and compliance (GRC), as well as product security before my recent role covering data privacy, AI governance and risk. I’ve also served as a volunteer and program committee member for Women in Cybersecurity (WiCyS) and gathered my courage to speak at a few conferences including ISC2 Security Congress and RSA.
Hailing from a small town in India, I’ve had the opportunity to work with diverse clients in India, Indonesia, Europe and the U.S., all because of my ever so interesting career path in cybersecurity.
Motivation for a Cybersecurity Career
I was always fascinated with books and had an inherent belief that education is the biggest form of empowerment for anyone who dreams of making an impact in the world.
During my teenage years, I read “Digital Fortress” by Dan Brown and was fascinated by the concepts of cryptography.
While studying for my bachelor's degree in computer science, my love and curiosity for information security led me to an internship project based on RSA Encryption. After my graduation in 2012, I got a job as a systems engineer at a leading consulting firm in India.
After initially working in quality assurance and web development, by sheer serendipity, I got an amazing opportunity to join a center of excellence on cybersecurity that worked with various clients across the world, helping them secure their assets, processes and technology landscape.
The team was gracious enough to accept me with my limited experience. They trained me, helped me learn from my mistakes and that’s how I started my journey as a penetration tester/security analyst and eventually transitioned to a IT risk and security consultant working with clients across India, Indonesia and Europe before moving to the U.S.
The Things I’ve Learned Being a Woman in Cybersecurity
As a woman in cybersecurity, sometimes there are implicit biases that you are not ‘good’ enough for a technical role, even before people connect with you and know your skills.
In a meeting room filled with imposing ideas, as the only woman, you sometimes tend to struggle to find your voice and be heard.
I am passionate about constantly educating myself on the latest trends, topics and ideas as I believe knowledge is my biggest weapon against destroying biases and battling my imposter syndrome.
There are also many inspiring colleagues, industry leaders and professionals who are out there willing to help, mentor and support selflessly as my allies in my professional journey. I never shy away from reaching out and asking for their guidance and support when I need it.
Advice For Women Who Would Like to Join the Industry
There’s a great deal you can do to enter the field and a lot of help and opportunities to get you on your way:
- Find a mentor. Having a mentor can help you identify your strengths and work on your weaknesses
- Gain practical, hands-on experience to tackle your imposter syndrome
- Participate in bug bounties, CTFs and any event that tests your knowledge practically
- Target at least one industry certification prior to your first job and keep upskilling yourself with specialized certifications in your field of choice
- Network with cybersecurity professionals, read their views, ask for help and reach out
- Join cybersecurity communities
- Participate in webinars beyond your university/organization to gain a bigger picture of the scheme of things in cybersecurity
- Think like an adversary, develop that security mindset where you are constantly questioning, probing, researching ways to make the world more secure
- Believe in yourself – your voice and actions matter in making our communities, organizations and the world cybersmart
Related Insights
- Survey: Women Comprise 22% of the Cybersecurity Workforce
- Survey: Non-Traditional Paths Are Empowering Women to Enter the Cybersecurity Field
- ISC2 Honors Women in Cybersecurity During Women’s History Month
- ISC2 On-Demand Webinar: Watch Now and earn 1 CPE credit! From the Inside Out: Increasing Representation and Inclusion of Women in Cybersecurity