Zoom achieves new global security standards for core products with ISMAP registration
Zoom is now registered with the Information system Security Management and Assessment Program (ISMAP). Find out what this means for our customers.
Updated on September 09, 2022
Published on March 21, 2022
Celebrating Women’s History Month means a lot of things — it means championing women personally and professionally, learning about women’s contributions and accomplishments, and identifying areas in need of more female representation.
One of these areas is the security industry, which has a history of being a male-dominated field. In fact, according to an ISC² survey, men outnumber women in cybersecurity by three to one, but that’s changing. More and more women are joining the field, with Zoom alone seeing hundreds of women in our security organization.
I sat down with a few of these women — six incredible Zoomies whose work spans privacy law and analysis, incident response, security training, certifications, and much more — to hear about their experience working in security and privacy. Here’s a snapshot of their stories, as well as their advice for young women looking to enter the industry:
Senior Counsel, Privacy
A career in privacy was an intentional choice for Glory. Starting in Brussels as an environmental lawyer working on chemical regulation, her thoughts were always on the European Union (EU), even when she moved back to the U.S. Begging her U.S. firm for data privacy work, she jumped in headfirst on the General Data Protection Regulation (GDPR) when it was in its infancy. “I started my data privacy career going line by line through the GDPR advising [my client] on what they needed to do,” she said.
Now, Glory not only advises others on how to approach privacy, but also the type of thinking that the subject matter requires. “Privacy is all contextual — it’s not saying a piece of data is good or bad, it's rather about what you want to do with it. I like to say we’re borrowing data — if you’re borrowing something, you have to be prepared to give it back and explain what you did with it.”
Glory joined Zoom in June 2020 because of this passion for privacy, as she stated, “I believed that Zoom executives had an understanding of the importance of privacy.” With a growing privacy legal team by her side, Glory now manages all European-related issues and projects, as well as advises on Zoom Meetings, Webinar, and Team Chat.
While a love for privacy brought her here, her colleagues make it worth the stay. Privacy’s newness has forged a meaningful team dynamic, as Glory notes, “privacy is so young, it weeds out superegos who need to know it all. It leads to a really collaborative group of colleagues. Everyone is both talented and humble — you can bounce ideas off of each other.”
Her advice: “Have an open mind and start talking to people, because there are so many different career paths [in privacy and security]. And don’t be afraid to ask questions. Do the work to make sure you know what you’re talking about — it’s invaluable. It shows you’re paying attention. It’ll be a differentiator.”
Manager, Security Awareness & Marketing
“I’ve always wanted to be of service in some capacity since I was a little girl,” Ava reflected. Combining this drive to help others with her knack for computers, Ava has garnered a wealth of technical and people change management experience. A true believer in “it takes all kinds of kinds,” she’s even built a Myers-Briggs and Security workshop for students that includes an assessment to identify how their personality type relates to aspects of the Cybersecurity Workforce Framework.
Living and breathing the “people side of security,” Ava is dedicated to building a secure culture and creating behavioral change through awareness and education. Her work involves internal security communication, culture initiatives, social engineering exercises, and more.
Her advice: “1. Just go for it. There are so many resources available; just try different things and find something that aligns with your passion. 2. Find a mentor. It doesn’t have to be a formal mentorship; even having an ally to bounce ideas off of is beneficial.”
Senior Manager, Incident Response
While she has a pre-medical degree, Rachael’s passion for forensics (she’s a big CSI fan) and analytical skills led her toward a career in incident response.
Her forensic work — and Zoom’s focus on diversity and appreciation for female voices — brought her here as an incident response analyst and later a manager. “I really like mitigating risk because every day looks a little bit different. And I really wanted to come to a place where I could build a program like this from the ground up,” she said.
Now, she manages a program on a global scale. “I manage a forensics team across two countries — half of my team is in the U.S. and half in India.” Rachael’s team primarily handles security escalation, alerts and events in the security operations center (SOC), network and host forensics, malware analysis, and more. “You have to be a person who enjoys looking at just a smattering of information and putting a story together,” she adds.
Her advice: “Never underestimate the value you bring to the table. In security, you have a lot of loud voices and it’s a male-dominated field. Women have very analytical brains which lend themselves well to security, so look for people who support you and make sure your voice is valued.”
Former Senior Technical Compliance Lead, Current Security Operations Manager for Zoom for Government
With over a decade of experience, including four years in the U.S. Army, where she worked to get both herself and 15 others Security+ certified, Chamon was always “the go-to person for how to fix things.”
With a master’s degree in cybersecurity under her belt and a motto of “proactive instead of reactive,” Chamon’s relationship with Zoom first started as an auditor of the platform. Upon joining the internal compliance team in 2020, she played a critical role in addressing our compliance requirements under Zoom for Government under FedRAMP. Soon enough, our Chief Compliance, Ethics, and Privacy Officer, Lynn Haaland, asked Chamon to bring her expertise and skills to the security side of the house.
Chamon’s impact at Zoom has extended beyond her work on security and compliance as well, as she always looks for opportunities to give people a voice. As the co-chair of the workplace pillar of the SOUL employee resource group (ERG) and member of the veteran’s ERG, Chamon strives to make others feel appreciated and valued in the same way she does.
Her advice: “Don’t stop, don’t quit, and be your authentic self — you can be you and still be at the table and make an impact.”
Senior Security Technical Product Manager - Physical Security
Katelyn wears her English degree as a badge of honor, as she knows the security industry needs people with different backgrounds and skills. Initially “stumbling” her way into the industry, Katelyn’s experience with security education and awareness has given the field staying power. “Suddenly, I realized that I can never leave security. There’s so much to learn, I’ll never get bored,” she said.
Now, she wants to help other women feel that way. As one of the leaders of the Women in Security ERG group, Katelyn comes together with other women in security at Zoom to identify what others need to be successful and feel empowered, both at Zoom and in the industry. “I want to help others find their people and support circle,” she added.
Aside from her work with the ERG group, Katelyn is a key member of the security management team, focusing on physical security and resilience. Her team is the glue for the security organization, as she notes, “It's a really powerful tool when we come together.” She assists with project management, monthly business reviews, unblocking team members, identifying objectives and key results, and more.
Her advice: “Never think for one moment that you don't belong in this space or you can’t do it. You belong here, and you can 100% do it. I wish someone had told me that. Also, find your people — a buddy, mentor, or just someone who you trust to help support you.”
Senior Privacy Analyst
While getting her master’s in cybersecurity policy at grad school, Jenna took a privacy class and immediately fell in love. Its newness was exciting and challenged her in all the best ways. “Privacy is so dynamic — it's changing year to year at this point,” she said.
When she joined the Zoom privacy team, she was invigorated by the fact that her work was different every day. “It’s been so rewarding, I love the cross-functional nature of privacy — supporting Zoom internally and Zoom products. It impacts both the stability and future of Zoom,” she said. “I am not the same person I was before I started. I’ve learned so much; this experience is so valuable in this space. We are directly involved in decision-making.”
‘Involved’ almost doesn’t even do it justice, as Jenna has a swath of responsibilities. She’s heavily involved in our work with the Dutch cooperative association SURF, works in our privacy queue, addresses Data Subject Access Requests (DSARs), manages privacy incident response, is part of the vendor selection committee, and completes privacy impact assessments as the main privacy analyst for Zoom Meetings, Webinar, and Team Chat.
Her advice: “Everyone suffers from imposter syndrome, but trust yourself and be your own advocate — because you’re probably right.”
These are only a handful of the amazing women who work to safeguard and protect both Zoom as an organization and our users. As our security and privacy program evolves, team members like Glory, Ava, Rachael, Chamon, Katelyn, Jenna, and so many more help us create a platform built on trust.
To learn more about Zoom privacy and security, explore our Trust Center.