Behind the scenes at A Cloud Guru, Rebecca Tillman is working with engineers to get into the mind of a hacker. With over a decade of experience in software engineering and information security, she has the mammoth responsibility of keeping over 2 million users’ information safe.
Rebecca spends her days bouncing between being proactive in researching vulnerabilities and training engineers on how to spot potential threats. A trusted advisor to our leaders and a coach to her engineers, she bridges the gap between securely writing code and being prepared for whatever is thrown our way.
What Rebecca does: “My job is to get into the mind of a hacker to teach engineers how to recognize and defend against vulnerabilities and exploits.”
What’s your typical day like?
My day is a mix of research on current vulnerabilities, checking our applications for vulnerabilities, and working directly with the engineers to help them understand how to write secure code. I started off as a full-time engineer for 8 years, but when I was introduced to security and compliance, I really enjoyed it. I love coding, and never thought I’d go this route, but I still get to do a lot of work with coders.
I love teaching people new things, so this role is great. I learn about a new exploit, and then my job is to teach the engineers how to defend against it, and how to recognize and scan for it. It’s also about teaching them how to think about vulnerabilities on a daily basis. How do we protect our customers’ information while we’re developing new features and writing code?
Wait, this sounds like a TV show?! This is your job?
It’s fun! I teach engineers to get into the head of a hacker. Most engineers aren’t thinking with malicious intent, because they would never do it, so it’s a lot of teaching them how to be like, “Okay, you have this person‘s address… What can you do with it? What would somebody with malicious intent do with it?” It’s fun when I see the wheels start turning. It’s all about thinking like a hacker.
What is the most interesting part of your job?
I get to brief COOs, Senior VPs, and occasionally CEOs on our security matters. I never thought I’d be in a position where I am having regular meetings with C-Level people, but it happens quite regularly here as I report directly to our VP of Technology. C-Level people are reviewing my work directly, which is kind of cool and a little intimidating. I brief them on the current situations we are running into or even day to day security items. I also sit on our security council, where I draft documentation on how we rank risks and use that to help engineers understand security priorities.
Someday I will be a CSO. It will be somewhere that I’ve done the work to figure out the best way to help engineers securely code while keeping an agile environment. That is one of my biggest goals – figuring out what works best to keep security top of mind but doing it in an agile way that is not slowing engineers down.
How is the tech team at A Cloud Guru different from other places you’ve worked?
Other places are more clicky, and I don’t get that feeling here. We’re very welcoming to new people. The day I started I had one of the engineers saying, “I know it’s your first day, but I found this vulnerability. Can you log it or do something about it?” It was awesome! Literally the day I started I had engineers asking me security questions, and the more that I work with them, the more they are coming to me. It’s pretty great!
Where do you see yourself in five years? Still in tech?
Absolutely! I love tech! I am a math geek, so tech just makes sense. I was the girl who wanted to know how to do hexadecimal math at 16 and thought it was fun to do base 2 math, which is math in binary.
If you’re having fun at work, why would you change it? I don’t code as much as I used to, but I still get to learn new tech and new things. Someday, I’m serious about wanting to be a CSO. It would be awesome to go back to the Women Impact Tech conference, where I first heard a female CSO speak, to talk about my story being a woman in tech and all the good things that have come out of it.
Thank you for reading. Leave a comment below to share your thoughts with Rebecca!