How To
How to Invest in Your IT Security Career During Tough Times
Four fundamental job strategies in the uncertain economy
By Jeff Combs, Alta Associates
November 04, 2008 — CSO — When meeting someone new and describing my background in this industry I often say "I've seen the best of times, I've seen the worst of times and most of what falls in between." I've been recruiting in Information Security long enough to have experienced the heady times of the dot.com boom and the dark days that followed after it all came crashing down. I've also been here as the industry has grown and evolved—sometimes as a result of and sometimes in spite of significant difficulties. This evolution leads to adaptation, and it's the ability of people to adapt and rise above one challenge after another that makes our industry so dynamic.
Given what I do, communicating with and connecting people, I've offered both a shoulder to cry on and kick in the pants to those that need it—especially in uncertain times like the ones we're facing. I don't enjoy either situation. For the purpose of this column I wanted to offer some sound advice to those Information Security professionals who are concerned about the future of their jobs. Think of it as a general checklist of things that you probably should be doing all the time but need to devote some time and consideration to right now, especially if your future is uncertain.
First, know your differentiators. Understand what sets you apart from your peers and how you can use these qualities to best advantage. Similarly, think about your personal "brand". If you had to describe to another person who you are, what you do and most importantly what problems you can solve, how would you do it? Develop a personal branding statement that will allow you to do this whether it's in the elevator with your boss's boss or on a job interview.
For example, I was speaking with a candidate who had very strong application security skills. She also had a great sense of humor and was a natural communicator. She was frustrated because she was falling behind in her work due to the number of times she was personally requested to sit in on IT project meetings. I laughed when I heard this because she didn't realize what she was saying. The result was one more critical differentiator that strengthened her personal brand. So now, when somebody asks her what makes her stand out, she'll tell them "Although my primary focus is application security risk assessment, I'm the person my company relies on to bridge the gap between business and security requirements and who gets everyone work and play well together."
it security career
Log Management in a Cyber World
With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.
Comparing Research in Motion and Microsoft Mobile Solutions
Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.
- Continuous PCI Compliance and Security with Tripwire Solutions
- The Pursuit of a Standardized Solution for Secure Enterprise RBAC
- Building a Secure and Compliant Windows Desktop
- Root Access Risk Control for the Enterprise
- Demystifying IT Risk to Achieve Greater Security & Compliance
- Cyber Crime: A Clear and Present Danger
Stay current with insightful news and analysis on information security, business continuity, identity and access management, loss prevention and more with CSO newsletters!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
