Sarba Roy

Our new venture, Inspiring Journeys in Cybersecurity, is an attempt to showcase our member's journeys in the domain. We will continue to bring more inspiring journeys in the future.





Sarba Roy is essentially a small town girl from India who was empowered by education and inspired by a dream to make a positive difference in the world. A Cybersecurity and GRC enthusiast, a passionate women’s empowerment advocate, writer, folk painter, and home decor enthusiast. She loves being a mentor/volunteer dedicated to helping individuals and organizations to become more compassionate, curious, and cybersmart. A traveler by nature, she had the opportunity to travel to 16 countries and is looking forward to more such opportunities.



Tell us about your journey in Cybersecurity, your ups and downs, and your accomplishments.


I’ve been in the Cybersecurity space for almost 10 years. Starting in AppSec, followed by Governance, Risk and Compliance, to my current role in the area of Product Security Governance that is mainly focused on Secure Development Lifecycle and initiatives to drive the organization’s Security Strategy.I’ve been fortunate enough to have worked in different geographies across India, Indonesia, Netherlands, and now in the United States; across different industry verticals. I completed my CISSP cert last year and am working on my CCSK this year. I’ve spoken at the WiCyS and Google Devfest UK and Ireland Conference this year and am working towards my first ever ISC2 Security Congress presentation later this year.



What drove you to Cybersecurity?

Back in my teenage years, I had read “Digital Fortress” by Dan Brown and was fascinated by the concepts of Cryptography and Information Security.


During my Bachelor’s degree in Computer Science, my love and curiosity for Cryptography led me to an internship project based on RSA Encryption and after my graduation in 2012, I got a job as a Systems Engineer at a leading Consulting firm in India.


After initially working in Quality Assurance and Web development, luckily I got an amazing opportunity to join a Center of Excellence on Cybersecurity that worked with various clients across the world. Their job was helping the clients secure their assets, processes, and technology landscape better. The team was gracious enough to accept me with my limited experience. They not only trained and helped me learn from my mistakes but also enabled me to start my journey.


One thing you wish to change about the Cybersecurity domain?


Not even a single day is a Cybersecurity professional’s life is dull. It is like a roller coaster ride. Right from zero-day vulnerabilities to missing network level patches and from partnering with dev teams to fix code-level vulnerabilities to managing multiple stakeholders who measure and perceive security differently, there’s a lot on our plates depending on one’s role. I hope we pay attention to our well being and family as much as we are passionate about our roles. We may want to slow down once in a while to relax and rejuvenate else we might burn out if we keep pushing ourselves too hard all the time.


Do you think communities play a role in uplifting someone in this domain or does one need to play solo?


I think a great support group or community makes it much easier for women to deal with our struggles against biases and internal conflicts. We need to support, mentor, and empower each other to reach major milestones in our careers. When I was working on my CISSP certification or even seeking a job after moving to the US, communities helped me immensely. The best part is that I’ve made some amazing friends along the way with whom I can collaborate for conference abstract submissions to career advice to casual conversations about life in general. Communities like BBWIC and WiCyS are amazing!



Have you done anything in the Cybersecurity domain that has enriched the diversity and inclusion scenario? If yes, mention it briefly.


I firmly believe that an inclusive and diverse Cybersecurity workforce is not an option but a necessity given the multitude of attack vectors from across the world. I am currently volunteering as a board member for Women in Cybersecurity(WiCyS) Oregon Affiliate. I try my best to extend my mentorship to anyone who reaches out to me. I spoke at the WiCyS 2022 conference too and am excited to be volunteering in The Diana Initiative this year on behalf of my organization. I hope to do my best for BBWIC too.




One challenge, according to you, that women face in the cybersecurity domain. How did you overcome it?


For me, the struggle has been to have a firm belief that I belong here and I am here to stay. In a meeting room filled with imposing ideas, as the only woman most of the time, you sometimes tend to struggle to find your voice and get heard.The roles in Cybersecurity can be overwhelming and demanding at times, given the fast pace in which one has to keep learning. But there are ways which I learnt later on in my career where I would network with the Cybersecurity communities beyond my organization and learn from them. I found myself a few amazing mentors and also discovered ways in which I could be an active contributor to the global Cybersecurity community. All this helped me grow my confidence and the belief that I belong here and helped me find my voice.



How has your experience been with the Breaking Barriers Women In Cybersecurity Foundation?


This community is like an epitome of sisterhood for me. It is such a vibrant community filled with bright and inspiring women across different experience levels, I love being a part of this community. I would especially thank Aastha, Saman, Shrutirupa, and the entire BBWIC Advisory Board for doing a fantastic job in building collaborations across the industry, hosting exciting and insightful events and launching amazing programs for the members, all for free. I love BBWIC and hope it grows leaps and bounds in the times to come.






Interviewed and edited by Dr. Sana Fatima

(Sana is an advisory board member of the BBWIC Foundation. A dental surgeon, a writer, and a full-time editor in a publishing house, Sana is a cybersecurity enthusiast herself.)


38 views0 comments

Recent Posts

See All