Women Making History in Cybersecurity: Window Snyder
In September 2021, Girls Who Code partnered with the Cybersecurity and Infrastructure Security Agency (CISA) to develop pathways for young women to pursue careers in cybersecurity and technology. This partnership seeks to tackle diversity disparities by heightening the awareness of cybersecurity and technology careers and working with employers to build tangible pathways for young women, especially young women of color, to get hands-on experience in the private sector and the non-profit sector or government.
Our first collaborative initiative is a series of features of women who work in the cybersecurity field, including the exciting work CISA employees are doing. Today we’re spotlighting Window Snyder, a security industry veteran and current Founder and CEO at Thistle Technologies, a cybersecurity startup.
How and why did you pursue a cybersecurity career?
There wasn’t much in the way of careers for folks that were interested in security when I was first starting out. I was interested in math and cryptography. I was interested in both the security mechanisms that are implemented by the operating system and also the possibility of circumventing those mechanisms. It was not as though you could just read a book about it or talk to anyone, so I read manuals for mainframe operating systems to learn about how things are supposed to work. When I had the opportunity, I read the source code of systems and debugged things to try to learn how they work.
As a software engineer, I pursued opportunities where there were security considerations. I wanted to work on mechanisms that controlled either access or were attempting to perform security functions. I worked on financial transaction systems. I found the places and projects that had security requirements or at least security problems, and were ready to do security work.
Can you tell us about your job? What’s your day-to-day like?
We’re building security components that can be incorporated into devices to make them more security resilient.
My day-to-day involves meeting with my engineering team, meeting with investors and folks who are interested in helping us scale this project and make it available widely. I talk to potential customers. I do a lot of talking about the problem space, talking about our solution, talking to folks about how they’ve attempted to address this in their own environment — what things worked for them, what things didn’t — to try to figure out how to build this in the way that best fits the need that is out there. No one is debating whether or not there’s a desperate need for tools to help folks build more resiliency into these devices. On our end, we’re trying to make sure what we’re delivering makes it easy for developers to solve a real problem they’re having, is easy to incorporate, is easy to deploy, is easy to manage, and is interoperable with their existing tools and infrastructure. Most importantly, the security improvements must be clear and tangible.
What are your favorite aspects of your job specifically, and working in cybersecurity generally?
It’s always been getting to work with people that I enjoy working with. It’s not enough to work with smart people — there are a lot of smart people working in this space. This space is littered with really smart, interesting people. But not everyone is generous with their time or with their expertise. I’ve tried to create a team that’s full of smart people that are both generous and willing to share what they know, but also curious to learn what each of us has to share. That creates an environment that’s exciting for me because I feel like I’m always learning from the people I get to work with, and it creates an environment with a lot of respect. We start with the expectation that you have something to learn from everyone and it shows in how you treat people. It doesn’t matter that this person is very junior or this person is very senior — this junior person may have just learned something on a project that is very relevant or interesting. Or maybe they’re the one tearing through all the tech blogs. Everyone has something to contribute.
Why do you think young women should consider a career in cybersecurity?
Young women should consider a career in anything that’s interesting to them. If this is interesting to you, investigate opportunities. You can work in every field and still work in security. You can work manufacturing, you can work in retail, you can work in media — they all need security folks. It’s kind of like writing, you can be a writer in all different industries and in different ways. Security work is very high-impact. It’s broadly relevant. It’s very flexible. And it pays well, that’s another reason to consider it.