Read a Transcript of Our Virtual Event with Trail of Bits
Science of Security: Virtual Networking with the Women Tech Leaders at Trail of Bits
*** This transcript provides a meaning-for-meaning summary to facilitate communication access and may not be a fully verbatim record of the proceedings. ***
Deveshe Dutt: Hello everybody! Good afternoon and good evening! Thank you for joining tonight's event. I'm Deveshe and I'm based in India. I've had the pleasure to work with Trail of Bits in the last several weeks.
Power to Fly is a women led company for highlighting women's roles in certain sectors. Power to Fly is proud to host virtual events to have the opportunity to learn. Over the past few years we've hosted in person and virtual events, with startups, online and in person.
We strive to foster honest conversations that foster conversation with women and allies. For the seminar today we brought together leaders who are in high end security research to reduce risk.
They take on difficult challenging, building new technology, reviewing the security of new tech products. I'm looking forward to learning more about this tech company.
With that, let's get started. We have a great line up of speakers today. Our panelists will introduce themselves shortly. We'll also ask panelists some questions. Today, we'll dedicate the second half of the webinar to your questions. Before I kick off with the formal agenda I'll go over housekeeping agenda to give us the best experience.
It's likely many of us are familiar with most of these tips since working virtually has become the new norm. I'll go over these points.
In case you have a bad connection, don't worry, you can call in from a landline. You can find the dial in in the audio panel. We ask you please mute when you aren't speaking. If you're comfortable have your video on, we'd love to see you. You can ask a question during the Q&A section. You can also visit Power to Fly to see daily virtual events, with career coaching, and other events.
This event is being recorded. Don't worry about taking notes. Last but not least we love feedback. We'll send over a 2 minute survey once this concludes and we love to hear from you.
Know this is a safe place. Type your question to the chat box or ask it live during Q&A. If you asked us something beforehand, we'll also touch on it.
We'll end by talking a bit about Trail of Bits. Now our panel introductions. Johanna, why don't you kick off our introductions by telling us a little about yourself and your role at Trail of Bits.
Johanna Ratliff: I'm a security engineer at Trail of Bits based out of Colorado. That entails me auditing various pieces of software for security vulnerabilities and delivering that to customers.
Deveshe Dutt: Thank you Johanna. I'd love to introduce Skylar.
Skylar Rampersaud: Hi. I'm working out of Washington, DC. I just started with Trail of Bits but I've been in security for 19 years. My job description is similar to Johanna's. I'm looking forward to answering your questions.
Deveshe Dutt: Thank you!
Claudia Richoux: Hi I'm Claudia. I'm new to Trail of Bits and new to the security industry. I'm still in college. I'm security engineer in cryptology team. I look at software and cryptocology protocols. Many things.
Deveshe Dutt: Thanks, Claudia. Let's wrap you up introductions by looking at CEO and cofounder Dan Guido.
Dan Guido: I'm CEO and cofounder, founded with 2 friends of mine, built it to the 50-60 folks working with us today. Excited to share our projects with you today.
Deveshe Dutt: Awesome Dan. We'd love to get into the keynote address. And hear about the projects you're working on.
Deveshe Dutt: Sure. You can bump it to the next slide.
We are a software and research company. We address computer problems to address everyone's use of technology. We're predominantly in tech and finance space. We are a small team of 67 people but on the other hand not many companies have that many engineers in one roof. We tackle really complicated problems. We're a hybrid remote company. Our headquarters are in New York. But since day 1 we employ people not in New York.
As we suffer in this pandemic, our transition is quite easy as we're used to working with people not here.
There's 19M in revenue, there are challenges to get to that size with the 2013 government shutdown. But our services are in demand for challenging projects. We never took money to get to that size. There are a lot of downsides to taking any form of investment that prevent you from working on projects you want.
We turn down a lot of work. There are projects I'm not interested in and I don't feel we need to answer to anyone. We are bootstrapped, we play with our own money.
The company is split into three teams. Security research, for long term research. Various branches of United States military, science foundations, research agencies. We use the work to give us sometimes a 4-year runway to make progress on difficult problems. We write academic papers, apply new research techniques, for the problems. We open source for the vast majority, if you're interested in that. A lot is on our blob or github. I'm not content leaving that in the DC beltleg. We bring that to the public as best we can.
Alongside that, we build software to prove the research techniques. We have competency for security engineering. Mostly that's security software, endpoint security tools. They need code written requiring specialized expertise. We're nothing but specialized experts. A lot of open source software is adopted to make it usable. We've also ghostwritten venture funded startup products. Or high insurance projects like embedded systems.
Finally, people give us code to help them understand where risks are. We don't look at people's firewalls and Gsuites and other configuration things that can go wrong with running a company, but the technology products they build. That requires mystery of computer languages and computer architecture and generally how computers work. We have a lot of folks we work with.
For a small company like ours, we need to specialize. We can't solve every problem under the sun. There are a lot of projects we turn down. We focus exclusively on product security. We only do low level engineering. Our research teach specializes in binary analysis. We have a cryptography team.
There are other things on the edges and fringes of these 5 bullet points but it's hard to justify doing anything else. We want to be the best in the world at what we are doing. These are things we're best at.
A lot of people recognize we're best in the world at what we do. It's been in the news a lot lately that we were hired by Zoom to work on a lot of the clients they have. The software you're using is something we are currently reviewing to address security issues. There are a ton of other firms we're proud to work with that gave us difficult problems to solve.
A key value of the company is we share our knowledge. We try to do that through many avenues. I mentioned our blog. You may have seen our twitter. The Power to Fly team tweeted beforehand.
We have resources and publications we made available. To help you understand things. We're specialized experts but you can fall in the trap of keeping it away from people who aren't experts. There's a wide gulf between experts and non-experts. You know everything or don't know much. We're doing our best for people to gain expertise.
Empire Hacking was the largest meetup in New York City which we can't have now. Maybe people on this call can join us again later. That's for others to share knowledge gain with a wider audience.
Instead of a real technical demo because all our projects are different we have some reusable tools and techniques we have developed and refined. But it makes more sense to think about it holistically and look at the project end to end and look at what people come to us with and how we help them.
Keeping up with the current moment and time, the big question is how will we vote in November? There's not a lot of certainty that people will be able to go to their local gymnasiums and pull all those levers and not get sick. So online voting is a discussion we are having around the country and we are at the center of that.
Our voting solutions are very important. We are at the center of this. There could be as little as 500 votes cast in an area. Just a single vote being wrong could determine the election. And the risks are higher.
If you were around in 2000 and we get down to a point in time where there's just 40 people in Florida deciding who is President, you want to make sure that the technology being used is accurate within those 40 votes. The vote is very high stakes. So we worked with Voatz. They were the market leader in voting. We did their security and used cryptography and mobile security and offered a combined package to look at the whole thing end to end.
This was revealing to them and to the public. Unfortunately, depending on where you stand, this has identified lots of security issues that people didn't know were present. It changed the national conversation around if these technologies are safe to use in November and if we need to use different methods that don't get everyone sick then.
This is a unique project. You can see the results public. Go to our blog and you can search and bring up the whole report. So if you want to know what it looks like, you can see it.
We thought that was very important. The public is as much a party to this conversation as the vendor is. We wouldn't even work on this project unless we could work on it publicly. So now I will stop speaking! You can go to the web and look at what I'm talking about.
Johanna Ratliff: We also did a Kubernetes Review for the Linux foundation. They are a massive code based project. They hired us as their first really holistic assessment from a security perspective. They chose us because we had applicable expertise in all sub groups that could apply. If you don't know Kubernetes they are in workload management software developed by google. And it's open source owned by the Linux Foundation. It's used everywhere right now in terms of workload management.
Doing this huge assessment of go projects like this, we did a in depth architectural review and threat model that surfaced the issues around the architectural vulnerability when things grow too organically and are that massive. You run into issues around maintaining the security of a project as a whole.
We focus on that architectural review and did kernel fault protection and manual review and assessed the default state of this, even the standing at Kubernetes can be difficult, so showing these limitations in scaling and default config, how secure or insecure it is by default and to make sure everyone running the software has this good security.
Speaker: It taught us lots about go. The problems we work on stress the limits of what we thought we already understood. We found new bug collapses in Go and we built tools to work in Go that we work in other projects.
Johanna Ratliff: Kubernetes is still open source so we still find bugs there and they request the report from Trail of Bits and look deeper into the issue. It has built up a whole lot of investigation into the software which is really cool.
Dan Guido: I think this was Claudia.
Claudia Richoux: Yes. ZCash is cryptographically difficult for people to learn about your transactions. Until recently I was on this project but they needed lots of people to dig into the crypto. There were iterations in this over 100 page documentation. It's not very accessible to casual users.
But we used our experience to check out the protocol and other protocols to make a more digestible white paper to help our users understand it better.
So that's ZCash. Then the other tool, OSQUERY is more the engineering team. It's a psych-ops that lets you turn your database into queries.
It's so cool. But it's under development. It was started by facebook and it works on everything. It scales well to larger organizations. It's so good.
But yeah, some things we have done include adding real time integrity monitoring to find malware. So if you can monitor that and know instantly you know there's malware on the fleet you can do something with it.
Monitoring the MTFS journal, you have to hack around that. In Linux it monitors Sis calls and for file rights and editing.
We did AWS that you can integrate with the data querying. I talked to a coworker about his tools in container introspection so you can use osquery there. But we make cool tools and do cool audits.
Dan Guido: I would like to explain that. I have been in this for many years and it's a real area of investment. When facebook developed this first, these companies just throw them out on the internet and then people use them and they don't work. Because you don't have the same problems that facebook has. So when they developed this they had to make it more useful and to make sure that others could use it. So they asked us to do that.
If they want to make this a successful end point security system it has to be accessible with Windows. So they called us!
Now the project is so big and enough parties of interested that it outgrew it's container at facebook. Trail of Bits was successful in moving this project from ownership by facebook to the owners in the Linux Foundation and so we determined the product direction. It's not a product, it's an open source repository so there's no infrastructure around it to determine where it can go. But we stepped in and offered that structure so people are confident in this project.
Sorry, but I had to make that point! Tell us about SIEVE.
Speaker: This is on the crypto team so I'm a little involved in this. It's a Darpa contract. We are working with Darpa --
Dan Guido: It's a program.
Speaker: So it allows these bug bounty hunters and then expect companies to pay them. But sometimes the companies are bad about that and they lie and not pay you. That stinks and makes the bug bounty hunters economy broken.
So I won't hand you how I broke this, but I will say I did and I will tell you know with zero knowledge proofs. These are protocols that were up to know used in things like ZCash. So you can prove that you have an exploit that runs on a computer without showing it. That's so so cool. But that involves representing the underlying logic of the code that's relevant to the export as a boolean circuit.
This gets us more equitable bug bounty programs and then publications that push that forward. We are working with Johns Hopkins. So that's one of our research projects.
Deveshe Dutt: Thanks all! That was fascinating. I know we will talk a lot more about some of these projects that you mentioned in the question and answer session. But I will ask some questions and then open it up to the audience. I see a few questions coming in. We will get to those.
Johanna Ratliff, I know you joined the Trail of Bits team a few months ago. What motivated your decision to join the company?
Johanna Ratliff: I have actually passed as a software engineer and did distributive systems building and was interested in security for a long time, learning on my own kind of thing.
I thought it would be fun to get paid for it! [Laughing.]
So I had an old coworker who introduced me to Dan after I had a couple of times throughout the years expressed interest in security. He was like, I know a guy! So that's what started the process of me joining the Trail of Bits team. I just liked to write software and play with it but from a security perspective.
Deveshe: That's awesome. I hope to hear more stories especially from our audience about how they joined their jobs they're really passionate about. Skylar, you're next. Security is a hot topic with everything we're doing online. What is one of the largest misconceptions about security today?
Skylar Rampersaud: In my experience, one the largest misconceptions is that there are no people like me doing security, that I won't get a mentor, that I won't do well because it's not for me. I got into computer science because there were scholarships for people majoring in that.
What I really found is that if you put yourself in a position where you're always learning as you work, and find organizations that really support their people in that continuous learning, then you can kind of build your career into what you want it to be. And then people will come to you and you don't necessarily have to wait for someone to recognize you. You are the one building your skills.
I think security as a field is good for that. You can really build yourself.
Deveshe: Wow. That was really insightful, Skylar. I'm sure the audience found that really helpful. Let's hear from Claudia next. How has security changed since you first entered the field? Where do you see it moving in the future?
Claudia Richoux: I'm 22, haven't finished college, mostly through. I started messing with cryptography at 16 when my friend asked. I started with hacker culture, it's become a lot less a free for all in some ways. And more so in others, with people hacking and people having to defend it. There is cybersecurity and it's not like a 16-year-old can just steal money from a bank. There's also so much more stuff on the internet. It's more integrated.
There's the internet of things or the reaper bot net. There's a lot more crappy code running around. That's interesting for someone interested in breaking into software. People are a lot more interested in security. There's also the cryptoanarchist movement, doing blockchain stuff. There's so much interest in privacy now that google makes money off our data. People are more interested in privacy. It's gotten more interesting. Even if you can't do it as you would 10 years ago.
Deveshe: You know what they say about fact being crazier than fiction. That's the case with what you described. Thanks for that, Claudia. There are a lot of questions coming in. First one, from Jan. Who wanted to it, have you been working with self-sovereign identity?
Dan Guido: I'll take that one. Not specifically. Trail of Bits is a services provider for security. If you are using weird blockchain you might find yourself at my doorstep because you don't know if the technology you made was safe. We've worked with the largest in the world, with weird lending protocols and people doing everything under the sun with blockchain. Can't point to one specifically. But if someone doesn't know if they can trust it and asks how much they should, we have expertise to help them.
It's just a matter of what other folks are doing. Whatever is hot and new, where people are pushing novel technology and the limits of what's possible.
Jan: You mentioned a research arm. Besides self sovereign identity or IOT, are you researching these areas? Or areas where you are already getting jobs? Is it led by what the marketplace asks for?
Dan Guido: Research team is different, they put out things they need solved. The United States government wants a way to disclose vulnerabilities without information on the vulnerabilities. We have a code translating into circuits. There's automated program analysis and stuff allowing us to understand what a binary system is doing. Sometimes by emanating electronic signals. We've looked at automated vulnerability research. Pairing a machine with a human brain to be faster than a human with their own two hands.
We are looking at automated patching. Given a description of a patch or information on an automated bug hunting system can we use information to correct the defect without interacting with a human. A lot is at the intersection of analysis and cryptography. A lot of the topics you dropped, spatial web and others, are outside.
We are trying to stay focused on software security. There are a lot of problems. I choose the ones I can solve. That's what I choose to focus efforts on.
Jan: You are choosing interesting projects. It makes me think of other ones in the world.
Deveshe: Thank you Dan. And Jan.
A little pivot to talk about the culture at Trail of Bits. There are questions submitted by the audience. Can you talk about the culture and how it approaches inclusion and equitable practices? Who'd like to take that?
Dan Guido: I don't know if people are waiting for me to take it.
Deveshe: Looks like it.
Dan Guido: I probably should have prepared but I'll do it off the top of my head. There are a lot of things. A lot comes from the cultural perspective of how we have always done remote work. You're judged on what you can achieve at the office. There are people I only see through a screen like this.
What am I trying to get at here?
Well I don't really know what I'm trying to say. I think from a cultural perspective, we really count on each other as a team. We try to be transparent and engage openly. We have a guide on how to be a project maintainer to help you see the perspective of someone using the product. So you have empathy for what they are going through. That courses through a lot of it.
There are company procedures in place. We've taken a step at looking at the employee handbook. Making sure there are systems for when issues arise. Sexual harassment doesn't take a back seat. We've made sure we're prepared. We want it to be a safe workplace.
Also how we engage with the public. When we list job recs we make sure there's not biased language so everyone has a fair shot and they can visualize themself in the role.
We look at the way we work with Empire Hacking. When we give talks we want to make sure it's representative of the community out there. We had a good run of 50-50 men and women. I was hoping to keep it up. But I don't think we can have the meetup this year.
We also offer family leave early. For a small company like ours that's not a google, we always offer parental leave. We are lax about how you can get your job done. I think that was what I was trying to get to at the beginning. If you have to leave for your personal life for a couple hours, it's no consequence to ours. You can get the job done however you have to.
I think that covers a lot of it.
Johanna Ratliff: I can add a couple things from what I noticed. It was a good interview experience. It was a remote interview around a holiday when I couldn't fly to New York. It was easy to manage a remote interview. Everyone spent the interview nerding out around cool things like Go. We spent the interview nerding out about the same kinds of edge cases and bugs that drive us up the wall. You get a feel from how it will be to work at the company.
For hours, it's very flexible. To be honest, when you have everyone around the globe-- there are people from Argentina to Poland. When you have everyone around the globe, time frame is based more on when you work best. Depending on pandemic, I might not be productive at 3pm. 2am might be my sweet spot! That's appropriate.
Dan Guido: A core value of the company is sharing knowledge. That invites people to the community who don't know they could be part of it. Doing engagements like this. "This field exists, you should participate." That's a big part of what we do. I target that to diverse audiences. This event is great, we've also participated in SummerCon. We gave them money to diversify speakers a few years ago. They provided it as grants to people for research before their talk. We reviewed those people to make them confident.
We have done lots of work with Women in Cybersecurity and other organizations. I'm not getting invited to too many Meet Ups these days, but I try to book extra when it comes to talking to young people or women or other diverse groups of people around what you can do in this field.
What might be engaging to you?
Deveshe Dutt: Thanks Dan, we are looking forward to you speaking at the summit, June 14th-17th with that diverse audience.
I wanted to go back to something that Johanna Ratliff brought up around this crazy time we are in, and a question around that.
Especially in the age of COVID-19 how do you maintain a strong work life integration and how does Trail of Bits support you in this?
Claudia Richoux: I can answer that. My manager is so chill. As long as you make the client meetings and get your work done, no one cares when you get it done. The pandemic is crazy and I flipped to nocturnal a few weeks ago. I get my code written up at night now.
It's chill. Lots of 9 to 5 jobs though, it's like when can I go to the doctor? I have to take the afternoon off and things are not open Saturday, so how do I do That?!
But at Trail of Bits it's so chill. Lots of people work from home 1-2 days of the week, or more. My manager is so flexible and my teammates are also on flexible schedules. We get Facetime together. But if you have a different work schedule we are flexible to that.
Dan Guido: I gets back to what someone else said where we already work with people in Poland. Not everyone can work synchronously. So our adjustment in the company happened many years ago.
We already record all our meetings so if you are not present, you can watch and we have meeting notes for those who weren't present can understand what happened. And opportunities for spontaneous connections. We set up random video chats with people.
When you work remote sometimes the only conversations you have with people are about work! So we force other conversations to happen because they are beneficial.
And from a transparency perspective, everything I do happens in a public channel and it's easy to keep up with even though I'm the CEO. You can keep up with all the projects. That helps people stay motivated and engaged and see everyone kicking butt. It's a nice common mindset that we are all here, doing what we have to do, even though there's crazy stuff going on outside.
Speaker: I'll say in addition, in terms of how we are handling COVID-19 and everybody's different reactions to that, we were already remote so we are rampage up the amount of Dan called them "forced Interactions" -- [Laughing.] -- between people so you can talk to your coworkers and feel like you are regularly seeing each other. Things like that.
One of the cool things is that we are open, depending on who you are, about mental health at this company. It's a small enough company still where you can say, "hey, I'm having a weird day." Then you hop on the coffee time call and Dan has brought alpacas!
That did really happen last week! So it comes from having that small company.
Dan Guido: I'll direct you to a Tweet that I made of pictures of the llamas. We have proof that I did that!
Deveshe Dutt: So it's not in your imagination! [Laughing.]
Dan Guido: But you got to keep things interesting. And I thought that might be fun.
Deveshe Dutt: Absolutely. Skylar I will call on you.
How does Trail of Bits compare to other jobs you have had in your security career?
Skylar Rampersaud: It's the best job.
Touching back on the remote from the start, in previous jobs I had to be the office, and develop a rapport and trust before I could work from home, or choose the areas that I wanted to research.
Coming into Trail of Bits it was, "what are your interests?" That's great. It aligns with what we want to do. So do it!
The work from home, work when you need to. It's done. It's not an issue.
I don't know if Jan or anyone else was interested in more technical aspects? Doing security assessments has gotten harder over the past 10-15 years. It used to be something you could do in an afternoon but now it's like multi-week projects. But that's not an issue for me personally. That's just an overall change that companies must shift to.
Dan Guido: And some people got good at securing our software! We have to work harder!
Deveshe Dutt: It's more challenging and that's more exciting. A question from Mercedes to all the panelists.
Bug bounty programs and how do these compare to [don't understand.]
Dan Guido: Bug bounties. I think lots of people lot at that and think it's easy. They think they can just throw up a website and say please, show me all the bugs and then the software will improve in quality over time.
People don't realize the problem at first. They reach out with open arms with a pile of bugs and someone walks up and punches them in the nose. They don't know all the insecurities and then they get this avalanche of issues. Then they handle it poorly and the communications are not well received and then it causes an issue.
Or the opposite happened what someone can't look at your software and then no one checks. Then you have this false sense of security. But was someone motivated enough to even look?
And this is tactical. When you do bug bounties the way you do it is drive bys. You try to find just a few bugs and you try to find these on every website on the internet. But that's not good architectural guidance or assessing risks or helping people improve. I like bug bounties are the last thing, and the final stage of the software maturity but lots do them first.
We have reviewed public research around bug bounties and put it on the blog On Bounties and Boffins. This was a journal article from data on facebook and Hacker 1s bounty program over 2 years and drew conclusions on who does the bug bounties and what their motivations are.
It's a purito [sp?] distribution. Some people find all the issues, but then there's a long tail of others that find one or no issues. So there's misinformation out there. Yes, there's the wisdom of crowds and many eyes looking at your code, but the reality is it's just 50 people! And that's it! But it shows in the data.
So how do you get one of those 50 people to look at your code? You need to structure the communication and plan how to engage with a high performer. So at Trail of Bits we take the opposite approach. It's not indeterministic if you will get information from us but we work with you to understand the end to end product and look at the structure and help you build a secure product. Then we can help you run a good bug bounty program.
I'll post the article in the chat, but I hope that provides some perspective on the bounties. Claudia, or Skylar, or Johanna Ratliff, other perspectives?
Claudia Richoux: Coming from my background and doing CTFs, there's a guarantee for a solution and I thought, oh bug bounties the same, but you don't know where to look towards in bug bounties. In CTFs it's directed and you get points. You know there's a prize. But with bug bounties it's not that fun. You don't know if you will find anything and you don't know where to look. You don't get the source code and if you find something, the company might just be rude to you and not pay you!
So as someone who breaks into things, I won't say that bug bounties is a waste of time, but if you are interested in breaking into things, do CTFs or white box reviews. You don't want to just poke around in the dark and not hit anything.
But I think bug bounties are a bit silly.
Dan Guido: In a CTF you know there's an issue. Once the competition is over, you have a solution. You can complete your learner cycle with a CTF, but with a bug bounty you look and look, And not find anything. No one reveals the answer to you.
If you are just starting, then CTF is the place to go. Hey, bug bounty is nice, and if you want to get a couple thousand bucks in a weekend, but it's more helpful to do the CTF.
Speaker: With knowledge ramp-up as well, the difference in what we do we don't always have source code. But the benefit of having it and mentally traverse a potential intended path and come at it from the security perspective and figure out, "okay, if I mess with it here, what's the entry point from outside the box?" But with bug bounties when you have that veil shading what's happening and you can't see the logic path they coded in, lots of it in my opinion is scatter shotting tools at the software to see what falls out. To me that's not as fun.
Deveshe Dutt: Skylar, this is the last question. I hope you can close us out. We want to hear what you have to say on this topic?
Skylar Rampersaud: I'm a little older, the web stuff is not what I'm interested in. If you want to learn about security of other things that's not web-based, you're really not going to get that in a bug bounty program.
That's where doing capture the flag exercises or finding some other training exercise to build up your skills is a lot more valuable than throwing a bunch of tools at a website hoping some bug will shake out.
Deveshe Dutt: Thank you for that Skylar. Claudia, we love that your dog just came to say hi!
Thank you so much, panelists. This has been really insightful and interesting. If we didn't get to your question, we'll do our best to follow up with you, you'll hear from us.
I want to tell you more about Trail of Bits. [Reading Trail of Bits description on screen]
This has been made evidently clear today. Trail of Bits is hiring. Even before this 50% of employees worked remotely. Many chose to work from home. It's in the best work from home companies 2020. Especially when you hear additional benefits include 3-4 months parental leave, charitable donation matching, and PTO. You can find out more by typing in Trail of Bits in your search.
Dan Guido: There's discrepancy on whether or not we're hiring. I'll throw roles online then we can close it down. The current business capacity is uncertain but we encourage folks to join, we're in a different spot than in march. After the call we'll open up a few positions, and take it one step at a time. Just like everyone else.
But I'm lucky that the kind of situation we've got ourselves into is, we've lost a couple clients. There were people paying us who suffered a lot from the pandemic and they can't pay us. But we also picked up remote work from technology companies who need us. We've had minuses and pluses. We are on a steady foundation for the rest of 2020. We'll carefully start growing the team again. I'd like to start with the folks here first.
Deveshe Dutt: Thank you Dan for your transparency at a time like this, nothing is more appreciated. As we wrap up today's chat, check out our many daily virtual events. Dan will speak at our virtual summit, the 14th to 17th of June. We'll be chatting about security. You can go to www.powertofly/summit to continue the conversation. You can follow Power to Fly on social media. Or visit the blog updated daily.
Thank you for being part of our discussion today and asking great questions.
The summit link is posted in the chat, feel free to join in. We'll send a short survey. We'd love to hear your opinions so we can continue to make these events. I hope you enjoyed the event. Thank you so much for joining us, have a wonderful rest of your evening. Stay safe. Bye bye.
[End of event]
*** This transcript provides a meaning-for-meaning summary to facilitate communication access and may not be a fully verbatim record of the proceedings. ***
According to a recent study, anti-Asian hate crimes have risen 150% since the pandemic started. But these acts of violence are not new — they are part of a much larger history of anti-Asian racism and violence in the U.S.
That makes celebrating Asian American and Pacific Islander Heritage Month (which was named a month-long celebration in May by Congress in 1992 "to coincide with two important milestones in Asian/Pacific American history: the arrival in the United States of the first Japanese immigrants on May 7, 1843 and contributions of Chinese workers to the building of the transcontinental railroad, completed May 10, 1869") this year all the more important.
As we reflect on recent events and how they fit into a much larger history of discrimination, we're also taking time to celebrate and acknowledge the many achievements of the AAPI community.
We asked several of our partner companies what they're doing to honor AAPI Heritage Month at work, and we were inspired by the range of responses, covering everything from campaigns to #StopAsianHate to educational events on AAPI history.
Here's what they're doing, in their own words:
Empowering authenticity - LogMeIn
"Our theme this year is AIM to Be Real. We are embracing our new company values and celebrating those who bring their authentic selves to work, who help create space to celebrate diversity of thought, and who give back to the API community. Our Asian ERG, Asians in Motion (AIM), is hosting several events: a discussion about bringing your authentic self to work with Jerry Won (Dear Asian Americans podcast); a refugee-led virtual cooking class; ERG Movie Club discussions featuring Bollywood films, and a virtual volunteer event where we will offer career development mentoring for young women across Asia."
Learn more about LogMeIn here.
Educating on current events — Raytheon Technologies
"Raytheon Technologies is honoring Asian American and Pacific Islander Heritage Month with an enterprise-wide global town hall event – Real Talk: Building CommUNITY Together. Organized by the Asian American Pacific Islander (AAPI) employee resource groups across the company, employees will share their personal experiences and discuss ways to support Asian American Pacific Islander communities. The event will also feature prominent leading advocates from renowned civil rights organizations to provide insight into the national context surrounding recent events. We will also feature AAPI employees internally and on our social media channels."
Learn more about Raytheon Technologies here.
Encouraging awareness, growth, and learning — Moody's
"Moody's is encouraging awareness, growth, and learning during Asian American and Pacific Islander Heritage Month with the following activities, led by our Multicultural Business Resource Group and DE&I team:
- Weekly newsletters featuring AAPI employee profiles and cultural resources
- Video screening and small-group discussions supporting #StopAsianHate
- Cultural panel discussion featuring employee stories
- Professional development activities
- External speakers speaking about Asian leadership"
Supporting professional development — Freddie Mac
"Asian American and Pacific Islander Heritage Month at Freddie Mac – Together, We Are Stronger
Freddie Mac supports the professional development of Asian and Pacific Islander employees while promoting an increased awareness of the value they bring to the organization and our local communities. Our InspirASIAN Business Resource Group is hosting various activities throughout the month such as:
- Personal development session on empowerment led by a coach from our Employee Assistance Program.
- "Stop Asian Hate" lunch and learn geared toward discussing the hurdles facing the AAPI community.
- Fireside chat about racial injustice with leaders from our InspirASIAN and ARISE (employees of the African diaspora) BRGs."
Fostering inclusion, learning, and belonging – Nestlé USA
"At Nestlé USA, the Pan Asian Network (PAN), one of our many employee resource groups that support our Diversity, Equity, & Inclusion initiatives, will host a variety of events to honor and acknowledge Asian Pacific American Heritage Month. These activities will foster greater inclusion, enhanced learning, and belonging for the AAPI community. PAN will highlight women's development in Asian cultures, Asian leadership and what their culture means to them, culinary innovation of Asian cuisine, intersectionality of LGBTQ+ and Pan Asian community, as well as an enhanced learning watch party of the PBS movie 'Asian American.'"
Learn more about Nestlé USA here.
Promoting cultural literacy – Relativity
The Community Resource Group at Relativity
"For Relativity, Asian American and Pacific Islander Heritage Month is an opportune time to not only celebrate the rich AAPI cultures represented within our company, but to also foster awareness and allyship amidst the current rise of AAPI hate. RelAsians, our internal community resource group, has organized a few activities for May: a book club focused on AAPI heritage—because we feel it's never too early to gain cultural literacy, a weekly spotlight on AAPI Relativians, and a virtual event that takes attendees on a tour through an Asian grocery store, introducing native vegetables and staple ingredients for traditional home-cooked Asian recipes."
- Contribution from Neha Pant, Sr. Performance Engineer & Angie Ocasek, Sr. Specialist, Partner Enablement – Co-Chairs of the RelAsians Community Resource Group at Relativity
Learn more about Relativity here.
Creating transformative experiences – Facebook
"At Facebook, our APIs employee resource group's mission is to create transformative experiences for all APIs at Facebook, Inc through key cultural awareness and engagement highlighting the API community. To kick off APIHM, we will host a series of events and conversations for the community and its allies designed to support the API community around the theme, The SUM of Us, including:
- Letting Others In: a mindful discussion series that privileges intersectional voices, storytelling, feedback, and vulnerability as tools for building empathy and inclusion amongst organizations.
- Racial Healing Learning Session: specific to the API Experience focused on naming of experiences and emotional responses, understanding the body's responses to racial trauma, what the audience can do in the moment for self-care, and long-term strategies to overcome the effect of the traumatic experience.
- Bystander Training/self Defense Workshop"
Learn more about Facebook here.
Extensive and exciting programming — 2U
"At 2U, Inc. we'll be honoring Asian American and Pacific Islander Heritage Month with extensive and exciting programming coordinated by our employee-led Asian Pacific Islander Network (APIN). In a year marred by exceptional challenges APIN has centered activities around the ameliorating themes of joy, culture and wellness. Be it delighting in a ukulele mini concert, reading an interview highlighting an API coworker, winding down after too much screen time with a somatic healing session or engaging in a panel discussion with API tattoo artists, we have a packed month ahead with opportunities to support oneself and the API culture! Follow along @Lifeat2U on Instagram for more!"
Learn more about 2U here.
Amplifying voices and educating others – Smartsheet
"During APAHM, the API at Smartsheet community will be hosting several events and activities to educate others, amplify AAPI voices, and celebrate the AAPI community! We plan to kick off the month with a documentary viewing and discussion to learn about AAPI history, and hope to share personal stories from our AAPI employees throughout the month. We'll end with an opportunity for the community to celebrate itself by gathering together for fun and games, while eating food from local Asian-owned restaurants."
Learn more about Smartsheet here.
Rising together in sports and culture – NBA
"For Asian American and Pacific Islander Heritage Month, APEX is proud to present a multitude of celebratory activities, headlined by an NBA Family Virtual Town Hall and, with the NFL and MLB, an Asians in Sports & Culture Symposium themed "Together We Rise" featuring prominent Asian personalities from the sports world. We are also launching a PSA with an NBA star, honoring Eid-al-Fitr at the end of Ramadan, offering a bystander intervention training led by AAJC, and – because the celebration wouldn't be complete without food – hosting a sushi making class for our members."
Learn more about the NBA here.
Creating courageous conversations – Commvault
"This May, we are celebrating all our Asian/Pacific Islander employees, not just Asian Americans. We will spend the month learning about and celebrating the diverse cultures of Asia through weekly events and activities led by our Multi-Culture ERG. Vaulters and external guests will teach us the history of practices such as yoga, origami, and Asian cuisines. We will also discuss topics like the rise of hate crimes against Asian people and the recent spike in COVID-19 in India. These activities and courageous conversations will engage our workforce and create support for our Asian and Pacific Islander communities around the world."
Learn more about Commvault here.
Honoring history through virtual events – Collins Aerospace
"Collins Aerospace supports our AAPI colleagues not only in May, but all year. Our parent company Raytheon Technologies hosted a virtual Town Hall last month to provide a safe space for open dialogue about recent events targeting Asian Americans in the U.S. In addition to this entity-wide event, our Asia Pacific ERG at Collins is hosting events that educate and honor the importance of Asian Pacific American history such as virtual Lunch & Tours spotlighting South Korea, Vietnam, Singapore, and India; and Thoughts & Support sessions. Site-specific events include virtual cooking class, and viewing PBS docuseries Asian Americans."
Learn more about Collins Aerospace here.
Highlighting new perspectives – MongoDB
"MongoDB will share daily historical facts, highlights of Asian American pioneers, and perspectives from our AAPI employees in a dedicated Slack channel. We will also be providing access to an Asian Pacific American Heritage Month webinar, organizing a trivia night, and holding Processing Together sessions for our internal AAPI community due to recent hate crimes happening across the globe. These sessions are a safe space for employees to share their stories and sentiments of what it is like as an Asian American in America today. (Read MongoDB employee Monica Lu's story about being an Asian American woman in tech here.)"
Learn more about MongoDB here.
Spotlighting diverse communities – Bumble
"At Bumble, moments like heritage month celebrations are often our anchor to ensure we are spotlighting diverse communities. In alignment with AAPI Heritage Month in May, Bumble is rolling out a series of thoughtful programming to encourage internal education and around how to support the Stop Asian Hate movement and better serve the Asian community globally. The lineup of initiatives include:
- BuzzWord DEI Discussion Series with featured guest speakers: This conversation will focus on the Asian community within the context of larger cultural issues such as dating app experiences, fetishization, masculinity, and representation.
- Bumble will be inviting employees to join a virtual Vietnamese coffee-making class. Created in partnership with Phin Bar, an urban brew-bar that offers Vietnamese-style steeped coffee combined with house-made ingredients, Bumble hopes to facilitate a deeper cultural learning and community bonding experience for the team.
- Bumble will also be activating channels across social media and our product to educate our community about bystander intervention and raise awareness around the importance of supporting the Stop Asian Hate movement."
Engaging in daring conversations – Procore
"In celebration of Asian American and Pacific Islander (AAPI) Heritage Month in May, Procore recently organized an internal event to recognize and support the AAPI community. The event was hosted as part of our ongoing internal speaker series, 'Daring Conversations & Allyship,' to create space for an open dialogue around diversity, inclusion, and belonging. All employees were invited to tune in as employees from our AAPI communities shared their unique experiences, addressed anti-Asian hate, and discussed actionable ways to support our AAPI community."
Learn more about Procore here.
Taking action to foster change – SeatGeek
"This month the POC ERG will be meeting and hosting different activities to celebrate Asian American and Pacific Islander Heritage Month. This includes creating a safe space to discuss current events, and what actions our communities can take to foster change, sending out a newsletter which will highlight the Asian community in every aspect, and lastly, we will be hosting a guest speaker.
We hope with these planned activities and meetings, we can highlight, and uplift the Asian/Pacific American community, as well as bring awareness to the horrible ongoing attacks they are facing."
Learn more about SeatGeek here.
Uplifting and inspiring the community – Okta
"Okta's People of Color (POC@Okta) ERG is planning to commemorate AAPI Month with a series of fireside chats and iconographical facts posted internally in the #poc and #all diversity Slack channels! These chats will feature Dion Lim of ABC7 News and Comedian/Actor, Ronny Chieng. We will conclude the series with a partnership with Pride@Okta featuring supermodel, TED speaker, and transgender advocate Geena Rocero. The goal of this series is to educate, uplift, support, and inspire! The Okta leadership supports its AAPI employees, customers, and community."
Learn more about Okta here.
Empowering cultural diversity and leadership – Quip
"Salesforce will be celebrating through multiple virtual events, such as a leadership panel on the power of cultural diversity, a tea tasting, a tai chi class, a haka workshop, and more! Members of the Quip team have also compiled an extensive list of resources to support AAPI communities, including ways to donate, take action, and learn more."
Learn more about Quip here.
Focusing on lived experiences – Mindbody
"The Mindbody United ERG focuses on a different heritage or history each month, with May devoted to Asian & Pacific Islander Heritage Month. This ERG seeks to provide a platform to both celebrate and learn together. This will manifest in two ways: As a newsletter and a Zoom meeting. The newsletter will feature contributions directly from team members, while the meeting will feature Assembly member Evan Low as our speaker. It is our goal to focus on the lived experiences of the AAPI community, address discrimination, and how to chase after the part of the world we can make better."
Learn more about Mindbody here.
Promoting harmony and unity – T. Rowe Price
"T. Rowe Price is aware and appalled at the recent spike in hate crimes against the Asian community. In response, the firm will center Asian/Pacific American Heritage Month efforts around harmony and unity, in alignment with the Hawaiian value, Lōkahi – Forward as One. To share best practices, successes and areas of opportunities, T. Rowe Price will co-host a Leadership Panel on Asian Leadership Challenges with Baltimore Asian Connect, a consortium of Asian business resource group leaders at local corporations. The firm will also host a book club and restorative listening circles for Asian American associates and their allies."
Learn more about T. Rowe Price here.
Celebrating Asians globally
"May is Asian Pacific American (APA) Heritage Month. Although traditionally a US celebration, at Autodesk we are celebrating Asians globally. The Autodesk Asian Network is hosting Innovative Leaders, including Lori Mukoyama and Jonathan Zee. Lori Mukoyama is redefining experience-driven design globally at Gensler. Jonathan Zee has an extensive portfolio of buildings that are helping to shape cities around the world at Goettsch Partners. Lori and her husband Jonathan combine design, architecture and engineering in their work while simultaneously manage a family together during this pandemic. This event is hosted by AAN, as part of a monthlong series of APA Heritage Month events."
Learn more about AutoDesk here.
💎 Get ready to bring your best self to a job interview at a commercial real estate management company!
📼 Press PLAY to hear insight from a recruiter at VTS, a commercial real estate management company, into how to best prepare for your interview. Andres Harrison, Senior Talent Acquisition Manager at VTS, shares some tips on putting your best foot forward in a virtual setting, as well as the steps for the application process at VTS.
📼 What's the first thing to do before your interview with a commercial real estate management company? Always do your research. Check out the company's web presence, its "About Us" webpage section, social media profiles, everything! You should learn about the company, the position, and the company values. As Andres says, it's important that you know beforehand what you're walking into, not just about the scope of the role.
📼 Andres' go-to questions for a candidate in an interview dig into their motivation for applying to a position at a commercial real estate management company. The recruiter will want to know why you're excited about this role and that you did your research on the industry.
How to Dress for Your Interview at a Commercial Real Estate Management Company?
As a recruiter, Andres is often asked how candidates should dress during an interview. It's important that you do your research on the company culture. If it's more of a buttoned-up corporate environment, you should dress the part. And if it's casual, then you should also dress the part. In a virtual interview, it's no different. As for your interview with VTS, as long as you bring your best foot forward and your authentic self, you're good to go!
📨 Are you interested in joining VTS? They have open positions! To learn more, click here.
More About VTS
VTS is commercial real estate's leading leasing and asset management platform, bringing together landlords, brokers, and tenants to make deals happen. VTS software enables office, retail, and industrial landlords and brokers to transform their leasing process and convert leads to leases 41% more efficiently. MarketView™, the industry's first market benchmarking product gives landlords real-time information to inform deal negotiations and leasing strategies.
Completing the VTS platform offering is VTS Market & Marketplace, the industry's first, integrated online marketing platform and marketplace, powered by the 12B square feet of space managed on VTS software. VTS Market & Marketplace is designed to drive tenant demand for landlords, and remove friction from the leasing process for tenants and tenant rep brokers.
Join the team that's revolutionizing commercial real estate! The company vision is for every team member to bring a full expression of themselves – including their unique experiences, thoughts, and backgrounds – to their work. They innovate by earnestly engaging with, and including diverse perspectives to transform the technology and commercial real estate industries, and the communities they live in.
Learn more about the amazing speakers and sponsors from our September 2021 virtual summit Diversity Reboot: Early Career Connections & Mid-Career Pivots; 4 days of fireside chats, workshops, panels, networking sessions, and an interactive virtual career fair.
Our Early Career Connections & Mid-Career Pivots summit welcomed 8,000+ registrants to the PowerToFly community! From pro-tips on how to kickstart your career as a young professional to restarting your life after caregiving - we covered it all! If you tuned in, thank you! If you missed the summit, you can now relive the entire experience! If you're feeling the itch to pivot or learn some new skills, make sure to use your special PowerToFly code: POWERTOFLY750 to get $750 off your next course with Springboard.
We want to extend a HUGE thanks to our Gold sponsors Smartsheet and American Express and our Influencers Palo Alto Networks, amazing.community, Path Forward, and APCO Worldwide. Also, don't forget to visit our Merch Store and grab yourself some PowerToFly apparel, we donate 100% of the proceeds from our sales to TransTech Social, supporting transgender people in tech.
Last but not the least, registration for our October summit Lifting Latinx Voices at Work is now open! With topics ranging from bilingualism to growing Latinx representation in the C-suite, you won't want to miss this free opportunity to connect with your peers, network with top companies, and learn from leaders who've been in your shoes!
Our Gold Sponsors
In 2005, Smartsheet was founded on the idea that teams and millions of people worldwide deserve a better way to deliver their very best work. Today, the company delivers a leading cloud-based platform for work execution, empowering organizations to plan, capture, track, automate, and report on work at scale, resulting in more efficient processes and better business outcomes.
Smartsheet went public on the New York Stock Exchange in April 2018 and currently enables collaboration, better decision making, and accelerated innovation for over 76,000 domain-based customers in 190 countries, including 96 of the Fortune 100. Smartsheet is a passionate team of 1500+ employees spanning offices in Seattle, Boston, London, Edinburgh and Sydney.
As a global company, it is vital to their success that their employees are as diverse as the customers and communities they serve. American Express has built a diverse workforce and an inclusive workplace— a culture they are committed to continuing.
Through their Global Diversity & Inclusion strategy, they're able to channel their efforts in specific ways. They aspire to continue to develop a talent pool that brings together unique perspectives, backgrounds and experiences. They foster a workplace culture where differences are valued and expressed freely and all employees have the support they need to take risks, learn, and collaborate.
American Express logo
For your next bookclub:
Take charge of your career and create a life full of learning, adventure, joy, and success utilizing these never-before-shared leadership principles Ann Hiatt learned working alongside the world's top tech CEOs—Google's Eric Schmidt, Amazon's Jeff Bezos, and Yahoo!s Marissa Mayer.Whether you're stuck in your current job, starting your first job and wondering how you can use it as a stepping stone towards your dream career, or mid-career and wanting to finally be recognized for promotion or a leadership role, this book is for you.For the first time, Ann Hiatt shares both the daily habits and long-game strategies she learned working side-by-side for decades with the giants of technology at Amazon and Google.
Next Move, Best Move: Transitioning Into a Career You'll Love by Kimberly B. Cummings
Kimberly B. Cummings, author of Next Move, Best Move: Transitioning into a Career You'll Love, leaves no stone unturned with this thorough, expert guide for professionals seeking to understand how to navigate the world of work, from beginning to end, starting with uncovering personal and professional values in an effort to align their expertise and skills to roles and companies that will finally change the trajectory of their career and set them up to be leaders in the workforce. As a former career development adviser in some of the nation's top universities and a diversity + inclusion professional in a Fortune 100 company, Cummings has recognized that people work for the sake of working without understanding how to leverage their unique gifts and position themselves for success. As a result, Next Move, Best Move: Transitioning into a Career You'll Love shares transformational lessons to ensure success and puts the ball back in your court.
At twenty-five, Tracy Timm experienced a crisis of identity. She had a life that many would envy, but was plagued by the guilt that she was deeply unhappy with her career. Trapped on a Wall Street trading floor for more hours than she cared to add up in a week, and unfulfilled by her daily activities, Timm knew that there had to be more to life than this. But, much to her disappointment, she could not find a proven system that would help her identify her ideal career. That's when Tracy did the unthinkable: she quit her six-figure job, joined the undergraduate program Semester at Sea, and set out to discover her dream job. After two years of soul-searching, three years of human capital advisory work, and countless career and mentor conversations, Tracy made an incredible breakthrough.
Burn Down, Rise Up by Vincent Tirado
For over a year, the Bronx has been plagued by sudden disappearances that no one can explain. Sixteen-year-old Raquel does her best to ignore it. After all, the police only look for the white kids. But when her crush Charlize's cousin goes missing, Raquel starts to pay attention--especially when her own mom comes down with a mysterious illness that seems linked to the disappearances.
Raquel and Charlize team up to investigate, but they soon discover that everything is tied to a terrifying urban legend called the Echo Game. The game is rumored to trap people in a sinister world underneath the city, and the rules are based on a particularly dark chapter in New York's past. And if the friends want to save their home and everyone they love, they will have to play the game and destroy the evil at its heart--or die trying.
Special Offer from Springboard
Use your special PowerToFly code: POWERTOFLY750 to get $750 off your next course with Springboard.
Springboard is on a mission to transform one million lives through education by 2030. They are an online learning platform that prepares students for the tech industry's most in-demand careers with comprehensive, mentor-led online programs in software engineering, data science, machine learning, UI/UX design, and more.
Learn about other companies that joined us
Part of PowerToFly's Employer Conversations Series: DEI All Year Long
Being your authentic self at work can be a struggle. That's where Employee Resource Groups (ERGs) come in. An ERG builds connections between teams that go beyond simple work relationships. Whether the focus is on race, ethnicity, gender, sexual orientation, or being a parent, an ERG can be a powerful growth tool for both the individual and the company; and they go a long way in creating more diverse, equitable, and inclusive workplaces.
Join PowerToFly and its partner APCO Worldwide, as we break down the ABCs of ERGs. Whether you are looking to start your own ERG, grow your membership, receive stakeholder buy-in, or take your group to the next level, we hope you'll join and participate in this interactive discussion with your fellow leaders. There's no need to prepare anything in advance, but we hope you'll lend your voice to the conversation. Questions are welcome!
This interactive discussion, part of PowerToFly's Employer Conversation Series: DEI All Year Long, will take place on October 7th from 12pm to 1pm ET.
Our subject matter experts will include:
- Dominique Scott, Associate Director, APCO Worldwide
- Grace Boyle, Senior Designer, Co-Chair, Asian and Pacific Islander (API) Employee Resource Group, Co-Chair, North America DEI Council Co-Chair, APCO Worldwide
- Clarence Clayton, Manager, Data Privacy, D&I Community Chair, Founding Member of Blacks United in Leadership and Diversity (B.U.I.L.D), Red Hat
- Michael Russo, Senior Talent Acquisition Partner at Dassault Systèmes
Some topics this talk will discuss include:
- The dos and don'ts of starting an Employee Resource Group
- What types of ERGs can you have
- Events and initiatives that your ERG can participate in
- Maintaining an ERG in a hybrid or remote workplace
- Securing executive buy-in to take your ERG to the next level
- Finding a balance between your "day job" and being involved in an ERG
- And much more.
Can't make the live session? Be sure to RSVP anyway and we will send you a recording.
From PM to Chief of Staff: How Kensho’s Meaghan Cassidy Approaches Career Growth & Continuous Learning
Meaghan Cassidy had all the cool pandemic hobbies before they were cool pandemic hobbies.
She started baking sourdough years ago. She took up yoga and bouldering even before that. And when much of America was frantically googling "how to keep a plant alive," she was caring for her thriving vegetable garden and turning its cherry tomato harvest into a delicious and easy Caprese salad (served alongside fresh sourdough, of course).
It's no surprise, then, that Meaghan has been an early mover when it comes to her career, too—or that she's continuously pursued opportunities to learn and grow on the job.
In fact, she said yes to her current role—Chief of Staff to Kensho's CEO, Bhavesh Dayalji—specifically because Bhavesh said she didn't know how to do it.
"He said to me, 'You're a great PM, but you don't know how to run a business.' I remember bristling and thinking, 'Yes I do!' But he's right. I actually didn't," says Meaghan, who has been at the AI innovation hub of parent company S&P Global for the past 18 months. "The message was, 'You don't know how to do it now, but you can learn. Would you like to learn?'"
Meaghan said yes, and we sat down with her to hear more about that decision, as well as her path to Kensho and what their learning-focused culture looks like writ large.
Stepping into—and out of—PMing
Meaghan came up as a product manager when it was still a brand new field.
"I remember being an intern and asking to have the difference between project and product management explained to me," she says.
While she got her undergraduate degree in social entrepreneurship, she spent half of her last three years of school working at a med tech startup that had her straddling marketing and product. She joined them on the product side full-time after graduating because she thought it would give her the best opportunity to learn about running a business and one day being a CEO, which is still a goal of hers.
After working at a startup in Tanzania where she was employee number two on the ground, she came back to the U.S. to take a job at a slightly larger startup back in the Boston area, where she stayed until getting to experience the volatility of startup life firsthand.
"The co-founders called an all-company meeting one Monday and told us, 'Hey, we weren't able to close our latest round of funding. Everyone's going to be laid off at the end of the week,'" remembers Meaghan.
Over the course of her career, Meaghan has learned to value companies where she can see a real path for her own growth. "It was less about what I would be doing right at the start and more about evaluating the company's mission and vision. Where are they in their own growth trajectory? What opportunities would there be?"
Kensho's work in the ML and AI space excited her, as did the company's growth plan. "I thought I'd have the room to grow and try new things without too much bureaucracy, but also have the stability of not coming into the office on a Monday to hear, 'The funding round didn't go through.' It was a really nice balance and a good mix for me," she says.
She worked as a PM for her first year, and when Bhavesh asked her to be his Chief of Staff, a new position for Kensho, she said yes without thinking twice.
In her role now, her mandate is to solve problems before they hit the CEO's desk and oversee the company's culture, including Kensho's DEI initiatives focused on creating an inclusive environment where every Kenshin feels they can bring their full selves to work. Her PM roles, which required her to translate business goals and values into product strategy and to deeply understand customer problems, have set her up well to run her suite of executive projects.
Making the most of a culture of learning
Kensho is committed to continuous learning, says Meaghan. From monthly knowledge days where engineers take a day to upskill themselves to impactathons where Kensho employees do 1-2 day projects with ESG partners, she notes there are plenty of opportunities to keep pushing yourself to learn and do more.
"There's a sense of intellectual curiosity," she says. "It's about learning, staying motivated, coming from a place of self-improvement and just being able to try things and go for it."
Meaghan credits her can-do attitude, her bias for action, and her self-confidence when approaching learning opportunities (like her new job!) to her family and other people in her life that believed in her from the get-go. Now she tries to pay that forward.
"I love telling my friends or people in my networking circles, 'Go for it, you can do this, what's the worst that will happen? You'll fail. And you'll get another job. It's okay,'" she says, also recognizing that there's privilege in being able to take those kinds of risks.
"I like to challenge myself. I like things that are hard," she says.
For those who aren't lucky enough to get a 1:1 Meaghan pep talk, we asked her what advice she has to keep pursuing growth. Here's what she said:
- Communicate your interest. "Sometimes you need help changing something to kickstart growth, and you shouldn't feel like you have to solve that on your own," she says. She recommends talking directly with your manager if you're in a healthy environment where they'd support you, or if not, finding a mentor or colleague who you can talk about career development goals with. "It can be as simple as, 'Hey, I'm looking for opportunities to be a lead on a project or learn Python.'"
- Volunteer to help. Meaghan points to a Kenshin who put a meeting on Meaghan's calendar and asked if she needed help with any PMing. "She straight up told me she was looking for more PM experience, and my response was, 'Ok, cool, what can I offload to you to help me and help you?' After checking with her manager, of course!" says Meaghan.
- "Sometimes it's just time to take a scary next step." If you feel like you've reached a learning ceiling, it might be time to leave, says Meaghan. "Eventually the time comes when you outgrow your current company. Parting ways is bittersweet, but it's also a time for celebration and reflection where you're looking back on all you've learned before you're onto something new."