This post is part of our Women’s History Month series – follow along with us on Twitter @VMwareCarbonBlack
In celebration of Women’s History Month, we’re excited to share the next blog in our six-part Women in Security series where we highlight outstanding women on the VMware Security Business Unit team, as well as customers who are making their mark on the security industry and helping to keep the world safe from cyberattacks.
Meet Marina Liang, Threat Researcher, VMware Security Business Unit. She has a keen eye for threat hunting and research, notably discovering how a cryptomining campaign pivoted to credential exfiltration, affecting over 500,000 computers across the globe. She is also passionate about mentoring women looking to start a career in cybersecurity. We spoke to Marina about her non-traditional career path to VMware, how a conference led her to finding one of her biggest role models, and other advice for women in the cybersecurity industry.
Tell us about yourself and your background.
I have a very unconventional background. I was a Business and Psychology double major in college. After I graduated, I started off in sales but found myself being drawn to technology, and I always had a passion for STEM so I knew I wanted to explore other career opportunities.
How did you land a career in security and what led you to VMware (SBU)?
I was part of Carbon Black prior to the acquisition by VMware and ended up here based on a recruiter conversation on LinkedIn. Security wasn’t a big thing when I was in college, and it wasn’t something I thought I could have a career in, but I thought I would see where the interview would lead to. I also read on Glassdoor that the company was highly rated by employees, and culture is really important to me. I did the interview and ended up getting a role as a sales engineer. I met a lot of people at Carbon Black that were security-focused – some in Threat Research, some in the SOC, some in support – and made friends with them. I was fresh out of college and needed mentors, plus I was trying to learn about the products and about security. I asked them for help and learned as much about security as I could. That ended up being my “in” to where I am now as a threat researcher, but I had no idea that was the case at the time. Later on, those friends and mentors referred me for a role on the ThreatSight team (now called Managed Detection). At first, I was surprised by the referral because I didn’t have a technical background, but I had the drive to learn as much as I could. I ended up getting the role and eventually transitioned over to the Threat Research team.
We know there are no typical days in security, but can you tell us about what a day entails in the VMware Security business unit for you?
Every day is different. Depending on the daily news or breaches in the security world, there can be a lot of fires to put out. When there’s new breaches and new types of malware that we have to research, it can be all hands on deck. If that’s not happening, on a typical day I look at gaps in detection, look at new tactics, and see how our products will be able to detect or prevent certain types of tactics.
Was there a moment that stands out that you are most proud of?
When I was on the ThreatSight team I got an alert that was 50 line-items long. Usually, they are only a few lines long and I can figure them out in five or ten minutes. I took the initiative past the initial triage and looked through the entire kill chain. That became a greater research project for a larger botnet that impacted millions of computers worldwide. Every time I investigated the attack in more depth, the botnet kept escalating in severity, and I saw how it impacted not just one customer but millions of people. I went the extra mile, pulled all the malware samples in a sandbox environment, and tried to analyze each of them after work hours. I was super passionate about learning more, being a detective, and exposing what malicious actors were doing across the world. It was such a great learning experience for me.
Who is your role model in tech or security?
Back when I was still in sales, one of my friends on the System and Organizational Controls (SOC) team told me to sign up for Blackhoodie since I was interested in malware. It’s a free, all-female malware analysis conference run by Marion Marschalek. She is a reverse engineer and one of the women behind that movement. She taught the entire course and sent us homework in preparation for the conference. It was very empowering to see someone have such a grasp of her domain. She emphasized that there are no stupid questions and that it was a safe space to learn, meet new people and take on new challenges. This was really my first exposure to a prominent female figure in cybersecurity and I’ve looked up to her ever since. I am typically in a room full of men, so knowing she is continuing to be a domain expert has inspired me.
What excites you most about security and the future of security at VMware?
It’s so dynamic. Every day is different, and every week there is something new in the headlines. It’s exciting to know I’ll never get bored. There are always new skills to hone and new bypasses to investigate. It’s kind of like a cat and mouse game. I treat it as detective work and I want the good guys to prevail over the bad guys. The ability to respond and be the good guy in that good vs. evil concept is so exciting to me.
In honor of Women’s History Month, what advice do you have for women looking to get into the security industry?
My advice is: 1) don’t be afraid to ask questions; 2) look for mentors. I found a few by accident, but they will be your biggest advocates and give you perspective on your skillset you might not have realized. For example, if I look back at my college resume, I never thought I’d qualify for a security role. But in terms of having deductive reasoning, performing technical analysis, asking the right questions – those are all fundamental skills I needed in order to survive in this field. I had two or three mentors that encouraged me and vouched for me even when I was unsure of my abilities. Seek them out – they will provide that external support and be your champion with other stakeholders.
Stay tuned for more Q&As throughout Women’s History Month, and be sure to follow the #WomensHistoryMonth and #ChooseToChallenge conversations on Twitter: @vmw_carbonblack.
Follow the Women in Security Series: