Trailblazing
Rohan Kar, Product Management Academy
My Journey to Product Management
As a 90s kid in India, I vividly remember life pre-Internet, when Amazon was just a river, Google search didn’t exist, and you needed an actual paper map to travel. Contrasting that with the vast improvements in my life that came after, started a lifelong passion for technology as a catalyst for positive change in the world.
So when it came to deciding a career path, I wanted to get as much exposure as I could into building great technology products. When you simplify it, three things determine a successful product: what you build, how you build it, and how it’s adopted. Product management is the only role that’s deeply embedded in all three areas.
I was naturally inclined to major in computer science and engineering for my undergrad. While I was strong in software development, I wanted to develop myself into a more well-rounded technologist. So I moved to the U.S. to pursue a Master of Information Management and Systems (MIMS) at the U.C. Berkeley School of Information. Berkeley provided an interdisciplinary approach to understanding the societal impact of my decisions on how technology is designed, built, and used.
As my mentor AJ likes to say, product management is both art and science. The art is all about situational leadership, influence, and the ability to drive outcomes despite imperfect conditions. Science is the technical knowledge and analytical skills you bring from areas within product development, like UX research, systems design, and data science, as well as areas outside product development like sociology, economics, and operations. PMs don’t necessarily make all the decisions — they just ensure the right ones get made. One’s ability to make better product decisions is ultimately limited by the scope of understanding of your problem space. So I think the more perspectives you bring into product management, the more you get out of it.
It was really important to me to be a part of a company that does well and also does good. I had always admired Palo Alto Networks as one that was working on the cutting edge and also making a difference in the world by keeping everyone digitally safer. When I encountered the PMA job listing on Berkeley’s internal careers site, I was immediately excited and applied right away. That’s how it all started!
About the PMA
The Product Management Academy is a two-year, rotational PM program for new grads. The rotations provide breadth and depth of experiences and give exposure to different customer challenges we solve as a company. It also introduces you to the unique problem-solver style of product management here at Palo Alto Networks. It fosters a high degree of analytical and product rigor by virtue of being on high-impact projects where you will be constantly challenged to deliver different outcomes while learning by doing.
Each year, the PMA welcomes a small class of six to eight PMs. The close community aspect is one of the most important things to me about it because we all support and learn from each other. Not only that, but the mentorship I’ve received from product leaders throughout Palo Alto Networks has been tremendous, and it was an important part of why I chose the program.
There’s really no prescribed path to a successful product management career. Everyone creates their own through their unique backgrounds and experiences. In a way, we’re all trailblazers! If you’ve realized product management is the right role for you, then I think the PMA is a fantastic way to start. We move very quickly and at a high level, so you have to be ready to hit the ground running. It will accelerate your growth and allow you to take the next step towards becoming a product leader.
In my first rotation, I was placed on one of our most successful products: WildFire. I’ve enjoyed the full spectrum of opportunities working across the company to strategize key areas for business growth, writing specs for new features, defining key performance indicators (KPIs) for the next stage of my product, and helping deliver a platform to general availability (GA). When I took the job as Palo Alto Networks’ first PM in the PMA, I couldn’t have imagined the professional fulfillment I would achieve just in this past year alone.
Working at Palo Alto Networks
A huge draw for me joining Palo Alto Networks was the scale at which our products affect customers. As the world’s leading cybersecurity company, we help protect over 70,000 organizations, who then serve millions of people like us around the world. We are customers of our customers. By protecting them from adversaries, we, in turn, protect our own digital way of life. The benefits of working for an industry-defining company where you can grow and try new things is invaluable. It’s still early days for us so I’m constantly excited about what we do next.
Inside the Big Data Team
As the Director of Engineering in the Cortex Data Lake organization at Palo Alto Networks, I am working in some of the most interesting and challenging areas of technology today. Our team, which totals more than 20+, is composed of professionals who perform a variety of work, including Development Engineers, Site Reliability Engineers, Software Quality Testing Engineers, Product Managers, Program Managers, and more. We’re all focused on ingesting a massive amount of data in the data lake — roughly 3 million data requests per second at peak, which is on the high end of the industry. We provide real-time streaming data, and queries to our customers and internal apps for analytics, machine learning, and effective rapid security responses. It’s our job to ensure that the data are delivered on time with low latency and that the quality of that data remains good.
This is my first role in cybersecurity. I’ve worked in Big Data for eBay and LinkedIn, which are both consumer-based systems with high volume, but Palo Alto Networks is an enterprise-based company, meaning that the volume of data is much higher, and the way we use the data and work with customers is different. Instead of being used to make marketing decisions, this data helps us determine where a company’s vulnerabilities are and what potential threats they face. People typically don’t associate Big Data processing with security, but in fact, they do connect. We’re using artificial intelligence and machine learning to make the data more intelligent — these are tools used to analyze human behavior but we’re leveraging it for security purposes. For me, the combination of these things makes this a very interesting place to be, and I feel I’ve joined the right company.
For someone early in their career, this is a great opportunity to work with technology you’ve never used before. We use Google Cloud Platform (GCP) and a streaming engine called Dataflow, as well as the industry-standard Apache Beam, to stream data to our customers and internal apps in real-time. We use BigQuery in GCP to build indexes and handle complex SQL queries with fast response times. We use Java heavily, as well as Kafka for temporarily storing data, and a number of other cutting-edge technologies, all to ensure that we’re handling enormous amounts of data in the most secure way possible, to provide the most value for our customers. This company is a pioneer in firewall technology and is a growing player in cloud-based security, so this is a chance for someone to explore technology from a whole new perspective.
This is not work we perform in isolation. We communicate with each other frequently, within the team and with others outside our team, to solve problems and develop new products, and the communication channels are always open at all levels in the organization, all the way up to the Senior Vice President, who is actually very involved and supportive of what we do. Not only that but we also work directly with our enterprise customers — upwards of 5,000 of them — to ensure we’re addressing their issues properly. We do presentations for customers and other departments within the company as well. Anyone who works within the Cortex Data Lake team should be comfortable communicating with others on a regular basis.
The people I work with and I all feel motivated when we walk into work every day. We see new things happening every day, new challenges to meet, and we truly want to improve and grow. We’re excited by the importance of the work we’re doing, and anyone who’s looking to join this team should be excited to embrace that. Whether you’re coming in with nothing but training in Java or basic and looking for an entry-level position or you are a senior-level architect with strong skills in streaming and Big Data and are prepared to mentor junior engineers, this growing team needs motivated people at all levels who are ready for the challenges of Big Data in a security environment.
Product Junkie
I come from a fairly conservative region in India. Growing up, I was always interested in pushing boundaries and breaking stereotypes. I married outside my community. I learned to drive a Jeep when I was 16, even though I could not do an elegant stick shift change. I earned a postgraduate degree in computer science. These were all things that girls in my family just did not do 20 years ago.
However, my father’s job as a government servant meant we had to move every two years or so. This helped me later in my career because it taught me to be adaptable and open to possibilities — to bloom where I’m planted. Because of this, I found myself in a career I love (but never planned for): leading a Product Management team for Palo Alto Networks.
My Career Journey
It was serendipitous that I ended up in cybersecurity. Unlike the college students I meet today, who are very clear about what they want, I didn’t know all the possibilities that existed in cybersecurity. I always knew I wanted to work with computers, and at that time, computer science education was just taking off, so I earned a degree in computer science, graduating in 2001. At the beginning of my career, in 2002, it was during the economic downturn, so I took the first interesting, available position I could find in my field, working as a Windows kernel developer for a technology startup. This was in a country where financial security is highly prized, and where women didn’t join risky startups. I had no experience in kernel development at the time, but I really loved technology, so this gave me an opportunity to get deep into solving problems with technology. Most of the time, I would be the only woman in late-night hacking sessions with my team. It required a lot of hard work, self-study, and running new pieces of code in windows kernel (mostly undocumented). I was so passionate about it that I was willing to do whatever I had to do and always saw the positive side — even when there was failure involved. I didn’t realize it at the time, but I eventually came to learn that if you want to make a difference in work, and in life, a growth mindset helps!
When the startup grew, it was time for the company to have a customer success team. I was expecting my daughter at the time, and in India, it’s considered more proper for women who are in the family way to work in less-stressful roles, so I was asked to leave engineering, which was perceived as more stressful, and heads up this new department which is perceived as less stressful. Even though I sort of fell into this new assignment, I learned that customer success was something I really enjoyed. It gave me an opportunity to build a team from scratch, which was very exciting but also to fully understand how the products worked and how customers were using them — and what their needs were. This would become key to my work as a Product Manager, a career I had increasingly become drawn to while working in customer success because I was interested in the connection between customers’ needs and product development.
In 2016, Rishi Bhargava, my former coworker from the startup where I’d begun my career, suggested that I come to work as a Product Manager for the company he had cofounded — Demisto, a pioneer in Security Orchestration, Automation, and Response (SOAR) products. Joining Demisto has been a pivotal point in my career. In this role, I worked on a very early product version with customers to discover how they used the product and what they needed from our product in the future. My team and I would bring our customers’ needs to our engineering team to translate that into our next generation of products.
Demisto’s product is exceptional and serves a key need in the Security Operations domain, so it’s no surprise that we were acquired by Palo Alto Networks (and rebranded as Cortex XSOAR).
So although I sort of happened into product management and my current role at Palo Alto Networks, I believe I’m exactly where I should be. There is no typical day. You have to be fluid, adaptable, and willing to deliver what your customers, the Sales department, your leadership and your team need from you. Fortunately, my upbringing and professional experience prepared me well for this!
Keys to Success
Now that I’ve been a Product Manager for several years, I see that there are several qualities a person should have to be successful. First, you have to be a product junkie — and I definitely am! I explore several products a week, which I believe is critical to success in this role. Nothing compares to the hands-on learning experience of what makes or breaks a great product. Working in a product like Cortex XSOAR, which integrates with an ecosystem of 300+ security products, is a great environment for learning new category of products.
I also think you must be passionate about customer success. I love working with customers, and I have developed a powerful empathy radar. I call it “customer sense” The most important things that customers have to tell you is what they’re not saying, so you have to sense these things.
Career Growth
What’s so exciting about working for Palo Alto Networks is that we are moving at incredible speed, trying to do things no one else is doing. We’re not about the status quo. There is no better security company to work for. There’s so much product DNA here, so much cutting-edge technology that we work on. The leaders here are deeply involved and open to new ideas. The possibilities for product development and a person’s career growth are vibrant. There is a lot of support for leadership development with coaching and abundant training resources.
When I was growing up, I wasn’t shown many career options — women in technology simply didn’t have that many. That’s why I’m passionate about helping others, particularly women, understand the options that product management can offer when there is interest. I work hard to bring young women along with me as I progress in my career. I make it a point to spend time mentoring women interested in transitioning to a product management career in cybersecurity. I regularly volunteer with organizations such as Girls Who Code, to introduce girls, including my daughter, to the many possibilities in the technology field.
If you have questions about Product Management opportunities at Palo Alto Networks, or about how to break into this field, I’d be happy to speak with you! Feel free to contact me at nrustagi@paloaltonetworks.com.
In the Driver’s Seat: Exploring Product Management
Before joining the Product Management Academy (PMA), I was enrolled in Stanford’s Ph.D. program, working in the robotics and autonomous motion planning field. I was excited to be working in a revolutionary technology space; after all, who doesn’t love robots? However, while I enjoyed the technical difficulty and cutting-edge nature of the work, I felt like I was inexplicably missing something.
Around the same time, by the pure chance of a friend’s recommendation, I decided to take a product management (PM) course at Stanford. That’s when the light bulb turned on. I loved influencing and shaping a product’s direction. I loved listening to users and hearing their experiences. But, most importantly, I loved collaborating with people — lots and lots of different people. With that Archimedean sense of revelation, I began rethinking my career path and started applying for product management jobs in leading technology fields.
In another stroke of good luck, I happened to run across a Palo Alto Networks interviewer at a data science career fair at Stanford. When I told him that I was more interested in product management, his eyes lit up, and he began telling me about this “new accelerated rotational program” the company was offering to put young PM candidates in control of important cybersecurity products and problems. Admittedly, at the time, I knew very little about the cybersecurity space. I had heard about the company from a friend in cybersecurity research and knew not much else. However, after returning home and doing some research, I realized the importance of the field (the very safety and security of our digital footprints!) and the impact Palo Alto Networks was having on it. One thing led to another, and before I knew it, I had joined Palo Alto Networks’ PMA.
Now in month 10 as a PM, I can safely say that I really enjoy product management! While it isn’t as “technically” challenging as my Ph.D. work, it forces me to use other and more creative parts of my brain to get the job done: on-the-spot negotiating, removing obstacles by whatever means, and generally acting as a Swiss Army knife. Being able to say, “I drove the execution of this feature because metrics/reasons X, Y, Z show that this feature will have the most value for the customer,” is not only exciting, but also fulfilling. Seeing the improved customer experience due to the feature reminds me that a PM’s impact is real and observable.
As I’ve learned through my work experience, soft skills are a big component of product management. They’re critical for leading discussions with stakeholders and customers, distilling problems into their key components for long-term product guidance, and firefighting the new problems each day brings. However, in my view, self-learning and leadership are the most important traits for PM’s (yeah, yeah, I know — everyone says it). But to put it in perspective, during my first rotation, I was assigned to the virtual firewall team, which essentially delivers the Next-Generation Firewall in virtual form for more flexible deployments (for example, cloud environments or generic computing platforms). When I joined, I hardly knew anything about the product or the space — I had to learn about networking, what a packet was, what virtualization is and why it’s important, how VM-Series works and differentiates itself from its competitors… the list goes on. Luckily, I had my peers, the Internet, and the program to help me catch up. It can be a long, uncomfortable learning process (I only started feeling confident in my contributions after seven months!) — but then again, I believe it’s that discomfort that forces you to grow and become the best product manager (or anything, really) you can be.
Overall, I’d highly recommend my experience as a product manager. And for those interested in product management, I’d highly recommend the PMA as well! The program does a great job of providing workshops (e.g., PM skills, leadership, presentations, etc.), connections to different leaders and groups in Palo Alto Networks, and, more importantly, high-visibility and high-impact projects. These one-year rotations are no joke — I’ve already launched a partnership program, worked on cross-product integrations, driven features, written problem statements, and handled a few customer escalations — to name a few things. While we may have been inexperienced when joining, we were expected to perform at the senior product manager level sometime during the rotation (but within reason — the people are nice and understand there’s ramp-up!)
So give it a try! Maybe PMA is the right program for you.
On the Big Data Frontier
Abhishek Joshi, Director of Data Engineering – Cortex
As the director of engineering on Palo Alto Networks’ Cortex Data Lake, I oversee multiple teams that collect and analyze enterprises’ security data to identify and block potential threats through our Cortex Apps. Our primary function is ingestion, which is the heart and soul of any Big Data platform. This team is where the magic happens. From scaling to billions of logs per day to making sure that we are available and successfully running in multiple geographies around the world and are able to process data from disparate sources — including IoT devices, firewalls, and any other sensors deployed — this is the team that makes it happen. We make sense of all that security and threat data to give meaningful insights to our end customers.
Many people who are familiar with the name Palo Alto Networks assume that we’re in the networking space, or they know that the company started in firewalls, so they think of us as purely a firewall company. But in truth, we’re on the bleeding edge of the data world, working on the latest and greatest technologies that you can find within computer science. From a technology perspective, this is as exciting as it gets!
My Path to Palo Alto
I grew up in India and earned an undergraduate degree in computer science at the University of Mumbai, then I relocated to the United States to complete my master’s in computer science at North Carolina State University. I worked in a number of software engineering roles and wrote quite a lot of code for the cloud portion of the industry, eventually rising through the ranks to earn management roles.
A former coworker approached me about working for Palo Alto Networks. He was working here and was really enthusiastic about the company and the leadership, and it was clear to me that it was the right fit for me. Breaking ground and pursuing a vision was in its DNA. They were doing things no one else was doing.
When I first joined this team last year, we were working around the clock to get a first version of our product out. We had made some promises in terms of the numbers we were planning to hit, and we were a bit behind the 8-ball. A bunch of us were in the “war room,” just burning the midnight oil, literally making things happen. Fast-forward to today, and we have a V1 product that has been on the market for months and has scaled to roughly 1.5 million logs per second, and now we’re excited to see that hard work come to fruition and know that what we do really matters. As a leader, I think that’s the most exciting part: to see something we built together and know that it actually works and makes a difference.
Playing on Our Team
From a people-management perspective, I make it a point to hire people who are smart and intelligent, yet humble. Humility actually plays a big role with respect to the team I run because I want to ensure that everyone is getting to learn and grow every single day.
Life at Palo Alto Networks is very focused and outcome-driven. We’ve set clear, measurable goals, and we’re not afraid to push boundaries. The goals are not unreasonable, and as a member of the team, you get a chance to participate in establishing them, but once they’re set, you are the master of your own destiny. So we want people who want to come in and make an impact within a reasonable amount of time and who aren’t afraid to try something new and even risk failure in that process. This is not a legacy product that we’re simply maintaining — we’re building it from the ground up. We’re blazing new trails. And we get to do it with a technology stack that is, bar none, the most comprehensive and exciting in the industry. So for someone who’s starting out in their career, I can’t think of a better opportunity.
The Unexpected Advantages of Working at Home
I am Senior Manager SQA (Software Quality Assurance) Engineer for our Cortex XDR group and I’ve been at Palo Alto Networks for almost 2 years. My wife, Maya Kats, is a Head Nurse (with a capital “N”!) in charge of the Neurology Department but since COVID-19 her responsibilities have shifted to a supervisor role at Assuta Ashdod Hospital to support COVID-19 patients.
This is the first time, as an adult, married with children, that I am lucky enough to spend more than a straight week at home with my family. With two kids who are 9 and 12, the routine is much more complicated and since my partner is going into work, I get to be in charge most of the days. There are many unexpected advantages during this period and I’ve realized that this is probably a once in a lifetime experience.
We didn’t manage to arrange the home office in time, so usually, it’s a sofa in my backyard or sometimes in my bedroom. I don’t want to lock myself in some room, it feels too claustrophobic, so I like having some space where I can work.
Between what feels like endless Zoom meetings that are interrupted by “Dad, I want to eat,” or “Dad, I’m bored, let’s play,” I’ve found that what works for me is not splitting up my time into work hours and home hours, it’s combining the two and balancing both responsibilities throughout the day. For me, I’ve found that it’s very important and efficient to connect over Zoom (the closest thing to an in-person conversation considering the current situation) versus connecting over emails or Slack messages.
I’ve learned, or to be more precise, I was reminded that my biggest problems and complaints are minimal compared to real-life problems and what my wife deals with on a daily basis at her job. I’ve realized that I am capable of many things I never imagined I could do by myself. Since COVID-19, cybersecurity now more than ever is important, and in many ways, the work has become more intense. However, my team has shown again that they are a very responsible, committed, and hardworking group of people, who are striving to get the best results in spite of so many obstacles. And last but not least I’ve learned that our Tel Aviv site is capable of doing anything and everything we decide to accomplish.
Work Hard, Play Hard
Nitzan Peretz
Software Engineering Manager, Tel Aviv, Israel
My role in Palo Alto Networks is leading a team that develops Cortex XSOAR, a cutting-edge solution for the Security Orchestration, Automation, and Response (SOAR) market. This technology is all about enabling our solutions to complement the customers’ efforts in securing their organizations. In this role, I work to continuously improve our products and help organizations become much more efficient when protecting their data.
Palo Alto Networks is the world’s leading cybersecurity company, which means that every day I work with a team of professionals that are, hands down, the leaders in the industry. We work with and develop top-notch technology, which is something that I love about my work: I learn every day, and I face new challenges all the time. And most of all, I’m super happy to see my clients enjoying the product that my team and I are creating. Working in cyberdefense, you feel you are working for the good guys, helping to protect data, shaping the future, using leading technology, and expanding the possibilities of cyberdefense.
The most meaningful and important part for me is to hear feedback coming from the field, to hear that our product is life-changing for them. I consider myself lucky to work in a role that’s both my hobby and my passion, where I can build a product that helps so many people.
Seriously Fun
Anyone who’s interested in working here has to love being in a dynamic environment. We are moving fast and making progress within a short time, driven by the evolution of the industry. We’re always in front of the newest emerging technology, which is an exciting opportunity for a software engineer.
But you should also know that just because cybersecurity is a serious business, it doesn’t mean we can’t lighten the pressure by having fun with our coworkers. You have to want to work with hardcore professionals who LOVE what they’re doing. We are having fun every day! For instance, we started using Demisto internally, not only for security purposes, but for other things such as employee onboarding, managing clients requests, and tickets, keeping track of platform bugs … and take a look at this: One of the employees even organised his wedding with Cortex XSOAR! Super cool, right?
Plus, this dynamic ambiance is perfectly balanced by a culture that is inclusive and believes in a healthy work environment. Our offices in Tel Aviv are stunning, with lots of extra perks! For instance, I love sports, and I get to play for Palo Alto Networks’ own basketball team, go to the gym, and even do some yoga right here in the office. We work hard but also play hard.
Growth Opportunities
You don’t have to come from a security background to work here — I didn’t! Diversity in backgrounds and perspectives is an important part of our work, and no matter what your previous experiences might be, if you raise a valid point, your voice will always be heard.
Palo Alto Networks knows how to get the most of its people by encouraging innovation and ensuring a comfortable environment for learning, growing, and implementing. In our team, we have the chance to explore and choose the best technologies, build the best design, and implement according to high coding standards in order to accomplish the company vision.
As a Software Engineering Manager, I get to experience so many aspects of the product — sales, customer success, and, of course, engineering. All of that leads to a comprehensive understanding of the company that can open my career path as I develop professionally and my interests evolve.
In my role, I get to grow in a number of ways: in my applied engineering skills, in working with great technology, and in learning every new technology that is relevant for us. This enablement will remain a valuable asset for me in the future, whatever my next step is. I’ve gained management skills by learning from all the opportunities a big and agile corporation has to offer. For instance, we have been attending most of the industry’s conferences around the globe, allowing us to meet face to face with our customers and develop relationships across the board with prospects and other vendors. That is one of the perks of working in a larger company that pushes you to continuous improvement!
In all, this is a place where each individual feels he or she can make a difference. I absolutely love what I do and the team I work with, and I’m excited to come to work every day!
Head in the Cloud
Vinay Venkataraghavan
Cloud CTO, Prisma Cloud, R&D
I started working in security when it wasn’t glamorous. I just love math — so much so that I earned my degree in math and computer science at Southern Methodist University. I went on to earn my master’s degree in computer engineering, specializing in security protocols because I was fascinated by cryptography and how it involved using math to solve real problems. My thesis actually dealt with the validation of security protocols.
I graduated and got a job in Silicon Valley for a security company. That was 14 years ago, in a time when no one really thought all that much about cybersecurity. Now companies are investing a lot into this industry, and there are so many careers opening up that didn’t exist before.
For a few years, I worked for a startup that built large-scale, distributed storage systems for enterprises. I got to help the company reinvent I/O virtualization, which was groundbreaking at the time and was really exciting for me. From there I joined another firm that built a Software as a Service (SaaS) application that would allow enterprises to move their workloads from on-premise environments into the cloud, which, again, was ahead of its time. So I’ve been fortunate to have worked for forward-thinking companies and help develop what we now know as the public cloud. The work I have done throughout my 15 years is what I get to leverage at Palo Alto Networks today.
I actually had an opportunity to join Palo Alto Networks right from the beginning, when it was a brand-new startup, but at the time I was enjoying the work I was doing and I wasn’t ready to go. But while I loved that work, if I had it to do over again, I would have joined Palo Alto Networks sooner, without question. We’re working on technology that is going to change how enterprises function. It’s going to be part of their core, a crucial piece of the puzzle, and that’s not something many companies can say. For someone just starting out in their career, to be part of that journey is just incredible.
But job satisfaction and the ability to come in every day and make an impact are what’s most important to me. The ability to learn new technologies, build products, and have them actually be used by customers to secure our future is what drives me. It’s what I’m passionate about. And that’s why I come to work every day. I can achieve all that at Palo Alto Networks.
The Importance of Cybersecurity in the Cloud and the Careers that Come With It
I am the Principal Cloud Architect at Palo Alto Networks, but I think of myself as the cloud-native and container-native security evangelist. Pardon the pun, but in this role, I’m developing cloud security products from a “high level.” My goal is to make our products more cloud-native, which involves working with many of our products, including Prisma, our cloud security platform, which includes RedLock, a threat-detection and security analytics platform, and Twistlock, a software suite for securing cloud-native applications.
In the last couple of years, many chief information security officers (CISOs) and IT departments at major corporations around the world have been mandated by their top executives that large percentages of their business need to be migrated to the cloud within a couple of years. What we often see is that these are well-entrenched enterprises that up to this point have stored information in on-premise data centers. They see migrating to the cloud as an opportunity to be far more agile and have infinite capacity, just a few clicks away. But they don’t realize how much complexity is involved with making sure their assets stay secure — they understand the need for cybersecurity in the cloud, but they frequently take for granted that the cloud is secure, and that isn’t always the case. And with the proliferation of smart devices consuming more of our daily lives — and the cloud — every day, that’s an assumption we cannot afford to make.
That’s where Palo Alto Networks comes in. Our employees act as security advisors to educate our customers about why they need a partner like us to provide security in the cloud, and help them understand the full range of tools we offer through our platform to help address their security needs. I also work with cloud service providers to ensure that our products not only integrate seamlessly with theirs but that we adhere to a shared security model that enables enterprises to confidently transition to the cloud, and that our products can be smoothly integrated with theirs.
I develop prototypes and proofs of concept and demonstrate them for our marketing team so they can understand and highlight the work we’re doing. And at times I’m writing white papers or presenting webinars about our products and cloud security. While this may not all be in a day’s work, I am fortunate to be part of the entire lifecycle of our products, from conception to creation and beyond, and my job is never dull.
Whether you’re seeking a new career, contributing to the migration and security of the cloud, or building the architecture to get us there, now’s the time to start exploring.
My View from the Cybersecurity Frontlines
Ryan Olson, Vice President, Threat Intelligence (Unit 42), R&D
When I was a kid watching Star Trek, I used to imagine that someday in the future, life would be like that: People walking around with small computers, instant communication devices, on their chests that would give them access to any information they needed. I think a lot of us did. We’d fantasize about having devices that could obey our every command and, at any time, we could just ask them to give us any information we wanted. But in those episodes, there were few moments in which security threats arose — where the communication channels those devices used to retrieve that information were threatened. No one ever asked about the system’s firewall. We just took for granted that it was all secure. That might not have made exciting TV back then, but none of us would want to be on the Enterprise under a cyber attack.
My colleagues and I who work in Threat Intelligence for Palo Alto Networks are often thinking about the technology of the future, and we still get excited imagining all that’s possible. But it’s our job to understand that as we move closer to that space-age future of our imaginations, we also become more vulnerable to cyber threats. We are constantly working to anticipate the threats to come, understand how they operate, and share what we know with the cybersecurity community in order to make the digital world safer.
My Journey to Threat Intelligence
I wouldn’t say I was predestined to work in cybersecurity. I had been interested in technology and planned to begin a career in programming while I was in college. But in 2003, the National Security Administration established the National Centers of Academic Excellence in Cyber Defense to address the (correctly) anticipated shortfall of cybersecurity professionals that could present a serious global threat. Each of the designated schools offered a scholarship for service (SFS) program: If you agreed to work for the government for two years, the NSA would pay for two years of schooling to train you in cyber defense. At the time I was considering earning a master’s degree, and although for personal reasons I didn’t end up participating in that SFS program, I got excited about a career defending computer networks, so I eventually enrolled in a master’s degree program in security informatics at Johns Hopkins University.
When it was time for me to do my summer internship between the two years of the program, I was fortunate to find a great opportunity with a security intelligence company. I spent an entire summer learning malware analysis, which led me to my current career.
The Knowledge Leaders
Unit 42 was started in 2014 by Palo Alto Networks’ Chief Security Officer at the time, Rick Howard, and myself. Rick is one of the smartest people I know, but his greatest talent is his ability to boil complex ideas down into simple, understandable terms. The idea for Unit 42 was to take all of the data we were collecting from our platform, in particular the WildFire malware analysis system and use it to not just create new prevention controls for our customers, but to better understand how adversaries are targeting them. With a stronger understanding of the adversary, we can build better products but also expose threat actors in the public and educate the world about their tactics. Our team consists of malware and threat intelligence analysts who look at our collective data to understand how adversaries launch their attacks, what tools do they use and how do they change over time. Then we share this information through our blog, white papers and other channels. In some instances we can go from uncovering a threat to publishing information about it in less than 24 hours. We move as quickly as possible to capture the critical details of the threat and share them with those who can use it to defend themselves.
This runs counter to the way many companies do business, which is to hoard information so that competitors can’t get hold of it. For us, there’s obvious value in sharing this information because our primary goal is to make it harder for the bad guys to win. If a bad guy has been launching attacks for three years, he’s doing the same things repeatedly because it keeps working. But if we write a report about it and publish it for the entire world to see, it stops the cycle of the attack, making the world safer for all of us.
As part of our global efforts, we founded the Cyber Threat Alliance (CTA) several years ago. This consortium of 25 cybersecurity vendors operates under the idea that a rising tide floats all boats. We share important threat intelligence with each other explicitly so we can all translate it into protection controls in our various products. What I love most about my work is the astounding amount of cooperation that I get from other organizations. When we need help or we need to alert customers to a problem of some kind, everybody immediately jumps in because they want to go and help. We all realize that we’re on the same team, fighting the same fight.
But there’s additional value for Palo Alto Networks in publishing this information: It demonstrates to the world that we are knowledge leaders in cybersecurity, at the forefront of the industry. Unit 42 is one aspect of the careers available in our industry, and sharing information is a crucial part of our work. Although people may not immediately know our company name the way they do others in the technology space, we are the biggest enterprise security company in the world, with 60,000 customers globally. So I think it’s important to point out to anyone who is considering a career in technology that working for Palo Alto Networks really enables us to have an enormous impact on worldwide security, and that is incredibly rewarding.
Welcome for a Working Mom
As someone who is results-oriented and prefers a fast-paced environment, I know that coming to work for Palo Alto Networks in April 2019 was the right choice for me. Nonetheless, it was a bit of a transition. I have a degree in marketing and began my career in market research before transitioning into product management, first in the payments realm and then in human resources technology. My background was heavily focused not only on bringing global products to market but also on improving the customer experience. I stepped away from the workforce for a couple years after my sons were born, and then I went back to work in product management for a cybersecurity company.
All of my experience has included an emphasis on privacy and data security, so in that respect, working in cybersecurity at the enterprise level made sense to me. But unlike my colleagues, many of whom have considerable technical expertise, my expertise is in the customer experience and the application of human behavior enabled by technology.
When I first came on board with Palo Alto Networks, it was intimidating for me — aside from being in a department dominated by men, I was also surrounded by these highly technical minds and lacked that knowledge myself. I was nervous. But over the last 13 years of my career, I’ve developed the ability to quickly comprehend the customer’s perspective and where it ought to be, and I soon realized that this is a valuable perspective that I could contribute, and before long that feeling of intimidation went away. That’s one of the things I appreciate here — that the environment encourages people from a variety of backgrounds, with a wide array of skill sets to join the team. It’s because they realize that diversity is what ultimately adds value to what we can offer our customers.
A Human Touch
Focusing on the customer experience isn’t typically where the priority is in cybersecurity. There’s a perception that customer experience discussions are “fluffy,” that it’s too touchy-feely with its focus on how customers feel and what they want. But what a lot of people don’t know is that it’s a science that involves collecting and analyzing quantitative and qualitative feedback. And it’s also an art, knowing how to talk to customers to arrive at the root of what problems they need and want solved. Sometimes they don’t know it themselves, so you have to know how to get it out of them, which isn’t easy.
But Palo Alto is different and transitioning to make customer experience a priority. And we know, from industry trends, that companies are no longer just competing on technological features and functionality; they’re competing on experience.
As consumers, we all gravitate toward the apps that are easy to use, right? We engage with those apps that connect with us and speak to us emotionally. That’s the level of engagement we want for enterprise products, and that’s what I’m working on. So I get to be on the forefront of this transition to a more customer-centric focus, which is really exciting. I get to influence the ways in which we can improve the customers’ experience, get into their minds, understand their needs and motivations, and translate those things into features and functions that we haven’t even thought of yet. We are working to anticipate their needs and design a delightful experience for them, which is encouraging and empowering.
Diverse and Included
There are a lot of other companies that say, “We promote diversity and inclusion,” but they don’t really practice it. I never really felt the concept of inclusion until I came to Palo Alto Networks. Not only was I given an opportunity to join the company without an extensive network security background, but bringing a woman into this male-dominated field brings a different perspective, and this company saw the value in that. My manager has been a huge advocate of diversity and inclusion, and he has demonstrated this repeatedly. For example, many women have the experience of being talked over in meetings, but here, my manager is sensitive to that; there have been times where someone began to talk over me, and he stepped in and said, “Okay, I hear what you’re saying, but hold that thought please and let Debbie finish sharing her ideas.” I really appreciate a leader consciously thinking about these things.
In my fourth week with Palo Alto Networks, I volunteered to lead a customer journey mapping workshop, to share some of what I knew about this concept with the more technology-focused members of the team. As a new member on the team who clearly didn’t have the technical expertise that they had, I was nervous about leading , although I felt it was important to talk about this idea of looking at things from a more customer-based perspective. As I said before, this isn’t often a top priority for everyone, and it seemed clear that I didn’t have everyone’s full attention or buy-in. But my manager addressed it right away. He announced that this was an important subject, but that if these team members didn’t plan to participate, they were welcome to leave. The fact that he was willing to do that for me told me he had my back, that he saw value in what I had to say, and it gave me a wonderful sense of inclusion, empowerment, and support.
In my time with this company, I’ve seen a real desire to add to the diversity of the team, which includes encouraging more women and moms to apply. Cybersecurity can be an intimidating industry for women to enter, but it really is a great thing for us to have them because it provides a much-needed perspective. As we launch products and think of new ways to solve customers’ problems, we need to have those insights into the needs and values of ALL our customers, so the more perspectives the better.
It’s also important to say that I appreciate being given a chance to share what I knew here, even though I wasn’t the obvious candidate. At Palo Alto Networks, the managers here are willing to provide the training and resources we need to feel comfortable in our positions. There are boot camps, white papers, textbooks, and a wealth of people willing to share their expertise and help you to be successful.
So for women, my advice is not to be scared of a challenge. Instead, face it head on, like a bull! Women, especially us moms, prioritize relentlessly. We are master multitaskers. We have the ability to go broad and deep, that’s just how we’re wired. For example, when I’m planning to take my boys on a trip to a museum, I’m thinking, “Okay, what do I pack for snacks? Should I pack backup clothes? What time should we leave? Should we eat before we leave? What else do I need?” Our minds are always thinking that way so we can ensure we have a successful trip to the museum. It’s a lot of planning and prioritization. And each of those choices can make a big difference — like if we don’t have snacks, they’ll be grouchy later and it will ruin the trip.
Translate that to the technology world. If you want to ship this product, you need to get all the stakeholders aligned with it, because if we don’t, the customer will call us later with issues. If it’s not effective, they’ve paid millions for it and now we have a major problem. So what happens to our brand, and to their loyalty? And what happens to our company’s longevity? So thinking about all those pieces is truly valuable. This is the value a woman, a mom, can bring! So leverage those skills and bring them into the technology world, because it’s very much needed.