A common question I often get is: “How did you become a product manager in cybersecurity with no tech or cybersecurity background?” Well, let me tell you about it!
I’m not your typical IT product manager who has a degree in computer science, years of working as a software engineer at a FAANG, or done a coding bootcamp. Believe it or not, I started out as an artist and almost went to art school. But after some research, I learned how competitive, demanding and risky it would be to pursue a career as an artist. Not to mention that my Asian parents wouldn’t be too thrilled.
I decided to pursue Computational Engineering Science at UC Berkeley, which sounded fascinating but I quickly realized it wasn’t my cup of tea with all that dry data modeling. I wanted something more creative, which led me to switch to a hybrid engineering and business major, and subsequently, to a more business-focused discipline called Operations Research and Management Science.
Eventually I noticed that I was way more interested in all my business classes so I ended up going to Haas School of Business. It took me 4 years and 4 majors to figure out what excited me, and it was definitely not the typical path of a software engineer at Berkeley being groomed to be a product manager in the Silicon Valley.
Funny enough, my first exposure to cybersecurity actually came in an advertising class where I did a marketing case on a cybersecurity company, and I remember branding the company into a superhero and thinking to myself how awesome it would be to work for one. Coincidence?
Finding a Niche
I started my career in tech at EXOS, where I worked as a marketing project manager designing customer experiences on smart bikes, treadmills, wearables, and Google Glass. Though I tried hard to avoid coding at school, somehow I ended up surrounded by developers and product managers and had to learn about both front-end and back-end interfaces of hardware and software applications.
It wasn’t long before I came across Salesforce and finally found my niche. I had one goal in mind – to master the Salesforce ecosystem – and without hesitation, I dived into consulting and spent 6 years at IBM, Deloitte and PwC solving some of the biggest challenges at Fortune 500 companies.
It was through consulting that I built a solid foundation in tackling system integration and application development. I remember staying up all night to study for my certification exams. It was a humbling experience working with some of the most respected and innovative companies like Google and Salesforce and traveling around the world exactly like the scenes from Up in the Air. Security almost always underpinned my consulting engagements, and you know what happened next? Palo Alto Networks came knocking on my door during the pandemic.
A Match Made in Heaven
There are few companies in cybersecurity that have the ambition, products, and the ability to deliver on behalf of customers like Palo Alto Networks does. As digital transformation and remote work accelerated in the last few years, it’s a very exciting time to be in cybersecurity and to help make our world a safer place. After meeting with the IT leadership, I was hooked and accepted the offer to be the Principal Product Manager and Integration Manager for Mergers and Acquisitions.
It was a match made in heaven. All the years of my consulting experiences had taught me everything I needed for this role. To transition from being a consultant to the client side where I get to manage my own product roadmap and hire my own consultants was not only a dream come true, it’s also coming full circle from presenting a cybersecurity case in my business school to actually working in the space.
Mergers & Acquisitions Fun
When Palo Alto Networks acquires other companies, I help integrate their IT landscape into ours by designing and implementing an end-to-end process so that we can sell, transact and support the acquired company through our systems. Like any product manager, I own a product roadmap and lead a cross functional team to deliver an integrated product offering for any acquisition.
My job is cyclical in that every M&A is a project or a brand new product launch, and I can be juggling multiple ones at once. In a typical M&A lifecycle, I would go through discovery, design, build, test, and deployment with a broad team of business and IT cross-functional stakeholders to drive application tools, process alignment, and key process decisions. I’d conduct process harmonization workshops, develop business capability maps and process flows, and manage overall integration strategies.
In one of my most recent M&As, I helped launch and rebrand one of our flagship Saas security products with data loss prevention capability that was integrated with our recent acquisition, Gamma. This has enhanced our data detection capability and significantly accelerated our product roadmap. After lead-to-cash integration and migrating 2000+ tenants, this suite of products is now available for ordering and enabled for easy customer onboarding.
Sometimes it feels like I’m an internal consultant bridging two companies together and I have a huge arsenal of resources and tools at my disposal. Every M&A is different, and every day is different and presents new challenges. I get to work with some of the brightest CEOs and leaders from the acquired companies, which is pretty inspiring!
I took an unconventional path to break into tech, product management, and cybersecurity, even though I started out with neither the technical education, required experiences, nor industry knowledge. It took 4 major changes in college, 11 certifications, and 20 consulting projects to arrive here. Needless to say, it is OK to explore and follow your passions because you never know where you will end up. I went through many trials and errors, and the journey is part of the fun. What matters most is taking actions, crafting your own story, and trusting that your story will turn out well.