Parisa Tabriz: Security Princess, hacker, role model
March 2, 2015
When Google’s Security Princess, Parisa Tabriz, started at the University, the electrical engineering lab wasn’t her favorite place on campus. The equipment in the lab — transistors, oscilloscopes, protoboards — kept her dependent on things in the physical world.
That’s why web design, which yields quick results and requires minimal equipment, appealed so much to Tabriz.
“I really liked building software because I could do it from my room and nothing was dependent on any of these physical objects that might break, and it was just very iterative, a way to get quick feedback and build something very quickly,” the 2007 alumna said.
Her new interest led her to change her major from engineering to computer science and to get involved in the Association for Computing Machinery’s special interest groups (SIGS) for web design and hacking. She was also a student leader for ACM when Cinda Heeren, lecturer in computer science, knew her.
“I think it was about the time she was in student leadership where we started having conversations about gender equity in this department and being a little more conscious of the balance, the gender balance in the building,” she said. “Because I think we saw Parisa doing this amazing job, and it was very natural to ask, ‘Well, where’s everybody else?’”
Get The Daily Illini in your inbox!
As the beginning of March marks the start of National Women’s History Month, Heeren hopes that Tabriz can be a mentor for the women in the computer science field.
A role model
Tabriz explained how people are always curious of how her gender has had a resounding effect on her career. But she still has no answers.
“I’m happy in tech,” she said. “I happen to be a woman in tech, and neither of these happen to be aspects of my situation I want to change so I try not to focus on it too much. It’s just nothing that can be changed.”
She recalled a time a fellow student in ACM attributed an internship she got to her gender, which stuck with her.
Despite that experience, Tabriz said she is content as the manager for Google Chrome Security, despite the fact she may have an advantage throughout her career.
“The fact that I’m a woman in tech and that there are so few women, I’m sure, has given me some advantage in that people pay attention for better or for worse,” Tabriz said. “It’s a really interesting time now. I think there’s a lot of public discussion around women in tech, why there are so few and why the numbers are actually decreasing.”
But it’s not just in the job market: A recent study done by Pathways Resource Center has found that Illinois is trailing behind other states in girls studying science and math.
Don Hackmann, director of Pathways Resource Center and professor in education, said exposing students to different careers and areas where they are underrepresented can benefit them in the long run. Hackmann encouraged teachers to consider gender equality when inviting guest speakers.
Even though Illinois may be trailing behind, this year the University is experiencing the largest percentage of women enrolled in its computer science program, according to the Division of Management Information.
Tabriz visited the University in October to speak to students in the computer science program in a keynote address for the Women in Computer Science Alumni and Student Banquet. Heeren said that the visit allowed the women to learn from a role model who has had success in the field.
“She was both technical and human at the same time — she was perfect. I treasure that. I don’t think just anybody could do that,” Heeren said. “Parisa is somebody who plays that role for our young women so they can look ahead and say, ‘Oh, look, there’s someone a little bit farther down the road than I am who has been amazingly successful — I can do that, too.’ And that was missing for a long time.”
White hat hacker
Though often identified as a “white hat hacker,” Tabriz is hesitant to label herself as such because of the complexity of human nature.
In recent years, the term “hacker” has taken on criminal connotations, which led to the creation of the “white hat” and “black hat” terms, to distinguish the motivations of the individual.
Tabriz described white hat hackers as those who only hack for good, such as to find vulnerabilities in software, whereas black hat hackers do it to harm someone or for profit.
“I think for myself it’s something where I tend to think hackers, like people, are much more complex, and no one is absolutely good or absolutely evil,” Tabriz said. “I see people working on security for a lot of different reasons, and they get older and as they mature as a person, I think their motivations and objectives can change. I tend to not label myself and label too many people as one or the other just because it underlies why humans are complex.”
No day is ever the same
For Tabriz, there are few things typical from day to day, except the daily routine of waking up very early and “bracing (herself) for (her) inbox.”
Managing a team of about 30 information security engineers for Google Chrome Security, much of her job is finding out what is happening and knowing who the experts are to assign to the issue. With that team spread out across seven international offices, communication happens through email, chat or Google Hangouts.
However, when there aren’t pressing matters, she meets with her team to make sure things are going well, and that people are working on things that interest them.
“People who are happy tend to do a much better job at work, so another part of my job is to make sure people are working on interesting things, important things and just in general learning and enjoying their time,” she said.
Often, Tabriz decides what is important, since her team strives to be one step ahead.
“I think it’s just a grab bag of what I think is urgent and what I think is important. There’s no shortage of security things to do, whether it’s a bug that needs attention or somebody wanting to get feedback on some feature, we’re trying to do proactive projects,” Tabriz said. “We try to think about potential threats and how we can defend against them before there actually is a crisis.”