Navigating Imposter Syndrome in the world of Information Security
Hi, my name is Dominique and I sometimes feel like an imposter in my own career. Whew. There. I said it out loud.
For those of you who might not be familiar with the term, Imposter Syndrome is defined as the persistent inability to believe that one's success is deserved or has been legitimately achieved as a result of one's own efforts or skills.
While contemplating whether or not to write this article I was embattled on how to put my feelings into words that didn’t sound pompous and self-serving. How do I describe that despite having almost 7 years of experience in Technology, with 4 of those years specifically in Information Security, I still question my successes and my place in the community? How do I accurately convey a message of doubt without seeming overzealous? I’m not sure, but I decided to write it anyway. In part to the fact that I know this isn’t a journey that only I am experiencing.
So how did I recognize that I was feeling like an imposter? The most vivid example I can give was when I was invited to participate in the creation of a prominent Cloud Security Certification last year. It was a wonderful opportunity and one I am happy to say that I took part in. I was the youngest professional and immediately thought “I don’t think I belong here. What could I offer in comparison to these more experienced professionals?” That thought process stuck with me for a while and took some serious reflection to get out of. It affected my mood and how I thought I could participate. I had to reassure myself that having these thoughts of “I shouldn’t be participating in these great opportunities because I don’t have enough this” or feeling bad for the positive trajectory of my life, despite knowing I put in hours of work, is invalid. It turns out I had plenty to offer and was invited further to continue with the process. In the end, I can proudly tell the world now that, yes, I helped create this certification and I did belong in that room.
I have recognized two reasons for feeling this way. The first being having the ability to believe in me. I, as I am sure others can also relate, tend to downplay myself. You know when you receive a compliment and you search to figure out how to compliment back, or wave it off with a hand and say “oh, it’s nothing.”? Yeah, that’s me. It is something I have become more aware of at the moment and have become conscious of stopping. No more hand waving — a simple “Thank you” suffices. Thank You for acknowledging me and assuring me that I am doing good work. (Can you tell my love language is Words of Affirmation yet, lol?) It has also been a journey to be confident in my ability to execute and be humble enough to understand that there is still more to learn. I will not achieve my goal of becoming a CTO overnight. Yes, this full workload you have taken on will be worth it. This confidence building, to me, comes with time and more IssaRae style soliloquies in my mirror.
The second part of this syndrome stems from a lack of familiarity in my line of work. By familiarity, I especially mean being in a space inclusive of women, and women of color. For the majority of my career, I have had to work with, seek advice, learn from, and try to relate to men. I would be on teams, or in meetings, that were run by and consisted of only men and myself. It wasn’t until my recent organizations where I was able to work alongside women, yet alone women of color. I am reminded every day — when I seek out Security blogs, webinars, meetups, and conferences — that this is still a space dominated by peers who don’t look like me. It is a weird feeling being in a room, aware of being an “only”. Wondering if I speak up if I will be seen in a certain light or if my words are being taken as seriously when I am teaching my students about Cybersecurity, as my male counterparts.
I have been fortunate enough to have, both past and present, AMAZING allies in the men I have worked with. I would be remiss to not mention that. The previous point isn’t to say that there are not any women pioneering their way in the Information Security space. I am encouraged every day when I connect with women in security on Twitter, LinkedIn, or other means. I know there are women out there, like myself, who want to be here and make a real difference. My aim in this writing is to be a voice of familiarity for others who are navigating to find their way not only in InfoSec, but this entire journey called life. To lend some words when it may escape you and to let you know that you are not alone in feeling this way. So let me say to you, what I say to myself, when doubt, fear, or any (insert negative feeling here) take hold:
"Yes, you belong here. Yes, you make a difference. Yes, your opinion matters.