Epic Women in Cyber — Zinet Kemal
Zinet Kemal (she/her) is a senior Information Security Engineer at State of MN. She serves as a technical security resource to ensure that security is part of the development of applications or initiatives so that citizen’s data is protected and safe.
Prior to that Zinet worked at a local government as an IT Auditor in cybersecurity and risk assurance program conducting audits to strengthen organization’s cybersecurity policies, governance, and controls are in place and effective.
She has an Associate degree in Computer Programming, Bachelor’s degree in computer science and currently pursuing a master’s degree in Cybersecurity from Georgia Institute of Technology. She also has an LLB degree in Law.
She worked as an adjunct instructor for an Information Security class at a community college.
Zinet also holds industry security certifications, including CISA, CySA+, Security+, Network+, AWS CCP and Certified Cloud Security Knowledge (CCSK). She is interested in cloud security most recently and training with SANS on securing multi-cloud environments.
She was featured on Women of Silicon Valley (WoSV), ISACA’s SheLeadsTech and Women in Technology (WITI) mediums and newsletter.
Zinet is currently working on her first children’s book!
She is a mother of four kids.
How did you get into the cybersecurity field?
I have not heard of cybersecurity as a field until the year 2017. I moved to the US in 2013 from Ethiopia with my husband, 3-year-old son and myself 7 months pregnant. I have a degree in law and had a legal career. I decided to change my career and pursue a field in technology. I have always been fascinated by the power of technology in solving problems. Few months after I gave birth to my daughter, I went back to school and earned my associates degree in computer programming two years later. I then transferred to a four-year degree to get a bachelor’s degree in Computer Science.
In 2017 one of our class professors invited his students to participate in a Collegiate Cyber defense competition. I still didn’t have any clue to which aspect of the Computer Science field I am inclined to nor do I know of a possible career path except perhaps becoming a developer. However, I enjoyed the learning process with the challenges of caring for young three kids with the prospect of hopefully getting to build a career in my new home.
I decided to take part in the competition and out of the full class of students who began the training I made it to the team who represented the university. This was extra intensive self-learning, collaboration, on weekends besides the full-time classes, part time internship and being a mom at the same time.
After months of self-preparation, the team secured 3rd place from MN universities. The collaboration, the self- taught skills learned to defend a network sparked my interest into the field. I am grateful for prof. Faisal Kaleem for instilling that passion and encouraging students to pursue cybersecurity as a career path.
Then after I knew for certain that cybersecurity would be a career path for me. After that I began studying and got certified in Network+ Security+ and CySA+ while doing my undergrad program.
I was able to find my first internship in an IT audit role and 3 months later I was hired full time a few months before graduation. That’s my journey into the cybersecurity field.
What are the main challenges in this field?
I think it is very important to stay up to date with evolving technology and security trends. You have to be willing to adapt and be in learning mode to new concepts all the time which is the fun part for me. There is rapid adoption of cloud, dependency on software and hardware infrastructure which means increased attack surfaces, more sophisticated attacks so staying current is very relevant.
The challenges I noticed from the beginning in school is lack of diversity, a lot less women in computer Science classes I have been in and even very few women of color. After I entered the workplace that is also what I quickly learned. We need more women in tech and cybersecurity to solve the security problem we need to address with a more needed diverse perspective.
The other challenge I hear more recently in the industry is the fact that there is a huge number of cybersecurity talent needs and open jobs, then I hear a lot of people with degrees and certifications having a hard time breaking into the industry. I hope there will be some kind of career pathways so that folks who are passionate and hungry for a security career are given chances and provided with training and mentoring. That way I believe we will be able to close the huge gap.
What are the things you’ve learned being a woman in cybersecurity?
I understand that the percentage of women in the cybersecurity industry isn’t where it should be yet. However, when I think of women in cybersecurity I think of diversity, perspective, technical, attention to detail and problem solving.
We can all agree that we need the diverse perspectives to be able solve the evolving and sophisticated cybersecurity problems we face today. We need more women in the industry, we need to stop with the stereotypes associated with the field when it comes to images of a practitioner in cyber or a hacker or as to who is technical or not.
What advice would you give to women who would like to join the industry?
If you have the interest, pursue it! I would say cybersecurity is too broad so explore interactive sites such as (cybeseek.org) to see which path within the industry best suits you. You don’t have to be a programmer, still get involved in so many technical aspects of cybersecurity to advance the industry as well as build a fulfilling career for yourself.
Even career changers are coming with a ton of transferable skills which the industry needs a multidisciplinary approach. This is something I haven’t thought about until recently to talk about having a prior career in the legal field mainly because of societal beliefs that education earned from overseas isn’t valued here. However, I believe the transferable skills are relevant to the field be it manifesting in a form of core skills.
Also seek mentorship for guidance and join organizations who promote & support women in cybersecurity.
Who are your role models?
My role model has always been my mother. She taught me the importance of education, being an economically independent woman, to be consistent and very resilient with achieving goals.
I didn’t have a role model in the industry that I look up to until recently. Mostly because of lack of networking on my part or not having a mentor till very recently . Now I do have many amazing leaders in the field such as Yatia Hopkins who is the founder of Empow(H)er Cybersecurity, AJ Yawn, Co-Founder & CEO of ByteChek who is also my amazing mentor. I have huge respect for them with the way they give back to their community out of their busy schedules and advocacy for diversity in the industry.
If you could go back in time to your first days in the industry, what would you do differently or tell yourself?
I am still in the beginning stage of my cyber career but I would tell myself not to underestimate myself, my ideas and contributions to any table. I tend to assume that my ideas are obvious, or everyone knows it and be reluctant to share or speak up until I hear those same ideas from other people get praised for being great ideas/questions. I am still working on it and on overcoming my public speaking fears.
I also didn’t know the value of or what a mentor is really for nor did I have one until recently. I would have looked for a mentor for career guidance.
Otherwise for someone who figured out most of the things on my own such as navigating into a new country, going back to school in STEM with no background, being a career changer in a male dominated industry, while also raising four young children etc. I would say I did quite alright.
When entering the industry I became an advocate for myself knowing my skills worth, negotiating salary, knowing my next career path or what certification/grad program to pursue etc. Therefore, I would say I am grateful for the route I took, decisions I made, the people I met who believed in my potential. I would give myself a pat on the back and say the future is full of possibilities and exciting opportunities :)
If you are a founder or a member of a community for women in security, can you introduce it?
I am currently a member of Empow(H)er Cybersecurity. It is a safe welcoming space for women of color, by women of color, to share resources, stories, tips, and learning from one another.
Women in Cybersecurity (WiCys) is a global community to recruit, retain and advance women in cybersecurity.