This interview is the second part of our "The 11%: A Look at the Women Closing the Cyber Security Gender Gap" series. This series takes an in-depth look at the variety of roles women play in the field of cyber security and the ways they're changing the industry. Check out the whole series here.
It’s often assumed that experts in technical fields are more comfortable working with systems than with people – but that’s not the case with Franchesca Sanabria, a Data Privacy practice leader at Focal Point. From the start of her career in Venezuela, to the time she spent with PwC in New York City, to becoming a leader at Focal Point, Franchesca has made people her focus.
When Franchesca chose to pursue a degree in systems engineering, she did it because she loved math and was seeking good job security. But she always knew she wanted a job that would let her work across industries and with all sorts of people. So when she graduated, she started a job in IT audit with PwC. This job took her to the Big Apple and eventually to South Florida, where she joined our team in 2012.
Throughout this journey, she has maintained relationships with the people she met along the way. The impact she has made on the lives and careers of others is what she considers her biggest success. Today, Franchesca is a Principal in our Data Privacy practice, and has mentored and trained our employees for more than half a decade. She is also one of our leading HIPAA and GDPR experts, helping clients across the globe build stronger business processes and protect their most sensitive data.
Franchesca met with Buffy Ellis, the leader of our Academy division, to talk about what motivates her in her career, the challenges she sees for young women in this field, and the importance of building strong relationships with coworkers and clients.
"You shouldn’t do things based just on what is good for you or your career. You should also think about how those decisions are going to help you with other things in your life – whether it’s your extended family or hobbies or something else."
Buff Ellis (BE): Franchesca, I didn’t realize you had a systems engineering background. What led you to pursue that as a degree?
Franchesca Sanabria (FS): Coming from a Latin American culture, and living in Venezuela 15 to 20 years ago, there were not too many career options with good job security. You would either study to be a lawyer, go into medicine, or be an engineer. If you wanted a decent living, that’s how it played out.
As an example, my parents are both professionals. My father was a Civil Engineer and my mom was a college Professor. I saw how my mom worked all her life, as a teacher, which is an amazing thing to do, but she couldn’t really provide for us as much as she wanted. And my dad worked as an engineer, so I was familiar with that as a career field. I knew I liked math a lot and I wanted to have job security and good compensation. I saw that in information systems, I could continue to pursue mathematics but also have the security and compensation that would allow me to help my family.
BE: What did you enjoy about mathematics?
FS: I enjoy how mathematics can be very exact, but at the same time, it’s open to new theories and hypotheses, as long as you can prove them. Many people see it as something boring – just a bunch of rules. But it’s beyond that. It makes you think about theories and about how if you wants to prove something, you have to come up with the math and the scenarios to get to it. I really enjoyed that aspect of it.
BE: So you have the background in engineering, but you eventually found your way into data privacy and audit and compliance. How did you find your way to where you are now?
FS: When I was graduating with a degree in systems engineering from Universidad Metropolitana in Caracas, I was looking for job security and get international experience. I also wanted to do something where I could experience a lot of different things and work in different industries. Doing something in consulting, where you’re not doing the same thing every day, really attracted me. I also wanted to leave Venezuela and study or work abroad. Working with an international company rather than a Venezuelan company that nobody knew was a better business case for me.
During my last semester, I got an offer from PwC. Even though I had an engineering background, they thought I could work in business or systems assurance. That put me on the path I’m on now.
A year and a half later, I moved to New York City with PwC. That led me to spend more than 7 years in New York and work my way up through PwC, moving to the external and internal audit sides and doing SOX and ITGC work.
I always make sure my decisions don’t just factor in my career goals, but also how it can help my extended family. I was always thinking about how I could get more opportunities and earn more, so I could send more to my family in Venezuela. I think everyone should think about that. You shouldn’t do things based just on what is good for you or your career. You should also think about how those decisions are going to help you with other things in your life – whether it’s your extended family or hobbies or something else.
BE: I want to jump back to something you just mentioned. Although you weren’t doing systems engineering specifically, as a consultant, you really were reverse engineering and studying business processes or systems and now data processes or systems. What about that work do you enjoy?
FS: At the end of the day, what I enjoy is putting those pieces together and understanding business processes, data flow, and systems and connections. For me, I’m a really practical person. When people are explaining things, I’m imagining in my mind how that process works out. First, I look at how the data is flowing. Then the different lenses you look through are compliance. Are you looking from a HIPAA perspective or a GDPR perspective?
I also enjoy learning a lot about the subject itself. I enjoy data privacy so much because it’s such a changing landscape. It keeps me challenged, and that’s important to me. I always want to be learning something.
"I enjoy data privacy so much because it’s such a changing landscape. It keeps me challenged, and that’s important to me. I always want to be learning something."
BE: Has the traveling and career success allowed you to be a mentor or role model to the family members that you have in Venezuela?
FS: A few years after I moved, my sister pushed herself to get here too. We’re living close to each other now. I think that, in a way, she wanted to follow after me, and I was able to help support her. We had different careers and everything, but I think I gave her a degree of comfort since she had someone to go to. And of course my parents. Now they live with me in the U.S., and I can help them a bit more.
I’ve also tried to develop good relationships with the people that I work with. After I left PwC in Venezuela, I stayed in touch with some coworkers through LinkedIn or Facebook. Now every time I go to a new city, I’m trying to figure out who I know who lives there now and trying to meet up with them. I’m a big people person. I like being around people.
BE: That’s wonderful to hear. I imagine that as you travel, you probably always have people to dine with or have coffee with when you’re in different cities.
FS: Yeah, for example, I’m traveling to London today for 10 days, and I already have four or five things planned on both weekends with people from different backgrounds. It’s fun. We might not have talked in ten years, but it’s like the time hasn’t passed.
They tell me their stories and what’s going on. They might not be my best friends, but we’re relating through our experiences. That might help me figure out something that I was stuck on because people outside of your common network can provide a different perspective.
BE: It’s really key in problem solving to be able to step out of your perspective.
FS: I think the most important advice I give my team is always put yourself in the other person’s shoes. Whoever you’re meeting with, think about what they want to achieve. You want to make them successful.
You can build a relationship with anyone in a few days, whether it’s over lunch or through coffee. Ask them, “How long have you been here?”, “How did you end up here?” “What do you want to achieve?” That way you’ll know what’s important for them. When you’re able to help in a certain way in their career, then you’ll have that relationship. Even if they decide to move onto a different project or company, they’ll remember you and that you were there for them.
"Always put yourself in the other person’s shoes. Whoever you’re meeting with, think about what they want to achieve. You want to make them successful."
BE: What would you consider to be the biggest success in your career so far?
FS: Developing relationships with the people I work with. I think my biggest successes have happened in the last 3 years, when two people from my team decided to pursue something else – and then later returned to the company.
They decided to leave the team for different reasons, but I talked to them about it and understood their perspective. Sometimes you need to try something else. After they left, I kept those relationships going and then those people came back and are working with us again, and for me that’s a very big thing. They’re really happy with their decisions, and I feel like I made an impact on them.
Personally, I keep growing and making personal accomplishments, but bigger than that are these two wins.
BE: What would you say your biggest challenge has been?
FS: I think it’s been trying to please everybody. I am a big people person and I want to help everybody. When I transitioned from the audit team to the privacy team, I still wanted to be able to support both teams, even though my time was more dedicated to privacy work. Being able to balance time with both teams, so they can still talk to me and come to me for advice has been a big challenge this past year.
BE: What advice do you have for young people, and in particular women, that might be considering a career in cyber security or technology?
FS: If you have even a little bit of interest in cyber security or technology, you should pursue it.
Some people sign up for this field and then think it’s too technical. But something you have to understand is that cyber security is becoming much broader. Before it was very hardcore – you were a pen tester or you went into IT and were on a very technical team. But now cyber security goes beyond that.
You also need to understand, especially women, that while it has improved over the last couple of years, you will be expected to demonstrate a technical ability and desire for continual learning early on. If you are a woman, you are going to have to be extra confident in your abilities and work extra hard in the beginning to prove yourself. There are a lot of executives from generations before yours that are more old school, and you’re going to have to deal with that.
Another important thing is don’t be intimidated by other women in the field. Early on in my career, I would get really intimidated by very successful women. But I became more confident as I became a Manager and put myself out there, and then became part of a few women’s groups and networking events. Now I see them as peers and I hear their stories and seek out their advice. I saw a lot more support than I was expecting and I got new perspectives.
BE: What does the future hold for you? Where do you see yourself going from here?
FS: It’s only been my first year as a practice leader, so I still feel like I have a lot to learn in this position. We’re always brainstorming new ideas and trying to be ready for the next thing. We’re already planning for Q3 and Q4 of next year. And there’s a lot of stuff to do for our team. How to improve retention, to differentiate ourselves, how to improve work/life balance. There are a lot of things I’m really excited about. Long term, I want to retire by 50, and travel a lot. And maybe move somewhere else like Europe. Career-wise, I’m in a great spot and there’s a lot for me to do and to give back.
BE: Before we go, do you have any parting thoughts you want to share with other women in cyber security?
FS: Sure. It’s really important that as women, we build a network of colleagues, family, and friends, so you have people you can lean on. I call it your rocking chair. People who can support you. So for every goal you have for your life – you want to be more technical, you want to be more challenged – always find people within your network who can help you in all those personal domains. Just have that person you can depend on, who will have no judgment and will listen to you.
"For every goal you have for your life – you want to be more technical, you want to be more challenged – always find people within your network who can help you in all those personal domains."
BE: While you were mentioning that I had the visual of the rocking chair and the comfort that it provides, but when you mentioned the challenge part, I was picturing my friends and support network dumping me out of the chair when I get too comfortable.
FS: That’s it! You got it!
BE: Well thank you so much for your time and sharing your unique perspective.
Franchesca is a big contributor to our webinars and blog! Check out her latest webinar on building a GDPR implementation plan below.