There are many paths a career in cybersecurity can take. Just ask Jerry Gamblin, who has worked in both the public and private sector. But at his government job, he felt bogged down by red tape—and as an employee at a large corporation, he got lost in the shuffle. Gamblin wanted a hands-on role where he could make an impact, which is what he found at Kenna Security, a software company that specializes in calculating the true risk of cybersecurity vulnerabilities in a business’s internal applications and technologies.
“Kenna solves a real-world problem that anyone who manages a security program runs into every day,” he says. “Coming to work and helping people understand how to keep their companies safe is always a great motivator.”
For Gamblin, who joined Kenna Security three years ago and was recently promoted to Manager of Security and Compliance, working at this fast-growing company allowed him to participate in different parts of the business.
Here, Gamblin shares how he stays up to speed on the latest trends and technologies, why he believes Kenna is years ahead of others in the industry, and what it takes to succeed in the field.
Tell us about your career journey, and what led you to your job at Kenna Security.
I spent the first 10 years of my career working for the government learning the basics of security and cryptography. It was an interesting and challenging place to start my career. I was on the cutting edge of cybersecurity, but was limited by bureaucracy and budget on what you could actually achieve.
I spent my next five years working for a large corporation and learned a lot about how a company balances security and operational goals to help the company achieve its financial goals.
I learned about Kenna Security when Ed Bellis, its cofounder and CTO and someone I have admired for a long time, started to build out his team with some world-class talent. I really wanted to be part of that.
What are you responsible for as Manager of Security and Compliance?
I am responsible for all aspects of information security and technical compliance at Kenna. I help our sales and product teams understand complex security and compliance issues, and ensure that our platform and infrastructure are securely built, maintained, and monitored. I also work with the research team on blue team (a group responsible for maintaining internal network defenses against all cyber attacks and threats) and application security issues.
What does a normal day in your job look like?
There are no “normal” days in my role, which is why I enjoy it. Today I am writing some code, participating in a virtual panel for our marketing team, and having a series of meetings for an engineering and development project that is ramping up.
What do you like most about working in cybersecurity?
I love that every day offers a new challenge to explore, understand, and solve. It means that no matter how senior you become in security, if you are not improving yourself you will quickly fall behind.
What sets Kenna Security apart from its competitors?
Kenna was founded on the idea that the only way for a company to truly understand and evaluate its risk is to be more proactive when it comes to vulnerabilities. An older train of thought would be a reactive approach: once an incident occurs, utilizing some sort of software to figure out how large a breach may have been and find the affected pieces. But if companies are able to proactively knock out the low-hanging fruit, they can continue to refocus efforts on what is important. While other companies have started to understand the need for this new approach, Kenna has 10 years of experience of making it a reality.
Tech and cybersecurity are two areas where change is a constant. What do you do to stay up to speed on the latest trends and technologies in your field?
I constantly read and participate on social media. I also try to attend as many security community events as possible to keep up to date.
What are you working on right now that excites or inspires you?
We are working at providing more actionable information for our customers to help them understand and address application security vulnerabilities. It excites me because this is probably one of the most complex and important problems facing cybersecurity in the next five to 10 years.
What has been your biggest accomplishment since you’ve been at Kenna Security?
I see my journey at Kenna a lot like someone building a new house. While there are specific things I am proud of doing, I am most proud of the overall success of the company over the last three years. When I started three years ago, we had less than 100 employees. Since then, we have almost doubled in size both in terms of employees and customers.
What do you like best about the company culture at Kenna Security?
The culture of Kenna has always been one of balance unlike any other company I have worked at. While we are growing and expanding quickly, it is also evident that we care about the employees and their continued growth. No one at Kenna is considered a “cog” that could be replaced tomorrow without consequences.
What advice do you have for someone looking to follow a similar career path as yours?
My career path is a little unorthodox: People don’t typically move between the public and private sector a lot, and going from a state government to tech companies would typically be a big shift in terms of problem sets and culture. What I’ve learned is that to be successful, you will always need to work hard, show your value, and have someone willing to take a chance on you because they see your potential to grow.