Does the Job Fit?

Take our quiz to figure out whether the job you're considering is a great move or a nightmare-in-waiting.

Will the CSO job you are interviewing for make your career or make you wish you never took it? Sharon O'Bryan, former CISO at ABN Amro, thought she had landed a plum position with another company as a chief privacy officer. She did her research and was straightforward in asking the organization about the challenges that it was facing. "On my first day, three executives came up and apologized for lying to me in the interview," O'Bryan recalls. They had misled her about the problems the company was facing and why they were not being addressed. She came to believe that the company had created her job just so it could say that it had a CPO. Luckily for her, O'Bryan was at a point in her career where she could walk away from this nightmare job.

The experiences of O'Bryan, and several other veteran practitioners we talked with, demonstrate that the interview portion of the job search process is not only a showcase to present your qualifications but also a valuable opportunity to discover what you can about the prospective employer. Who asks what, how they ask it, and what information the company shares about itself can tip you off about whether the organization is a great fit or a potential horror show.

Top security jobs differ. Some companies emphasize IT security; others, access control. Still others might want a mix of risk management and budgetary prowess. Take our quiz to get a sense of what your prospective new employer is looking for and check the scoring guide at the end for some tips on whether this job is the right fit for you. This is not about telling good CSO jobs from bad ones. (Well, a little of that doesn't hurt either.) It's about finding the one that best fits your skills and aspirations. Happy hunting!

1. During the selection process you are interviewed by...

a) The chariman of the board, the CEO, VPs of each major business unit, the CFO, CIO, and heads of HR, legal and audit

b) Two VPs, the CFO, CIO, and heads of HR, legal and audit

c) One business unit VP, the CIO and the head of HR

d) The head of corporate communications

2. In the interview, you ask what the goals for the first six months on the job will be. The employer says...

a) Two new global acquisitions will require you to bring their security staffs on board and ensure that their policies and practices are up to corporate standards

b) The company will be counting on you to jump-start an access control initiative that has been languishing due to its general unpopularity

c) You will need to assess the security requirements of several projects that were completed in the past year

d) You'll be overseeing the outsourcing of a majority of the company's security needs

3. You ask how the security program is funded and the answer is...

a) The security department has a separate budget that is controlled by the CSO and reevaluated on a yearly basis

b) The information security budget is part of the IT budget; facilities handles the rest

c) Security projects are funded at the discretion of the business departments that own the risk

d) A bland stare followed by a chuckle

4. When you ask about a recent project where organizational change was a critical component, the response is...

a) "You'll find we're built for change"

b) "It was a trough transition but we eventually got everybody on board"

c) "A lot of feathers are still ruffled over that one!"

d) "Try not to rock the boat too much"

5. At your prospective employer, the top security executive reports to...

a) The CEO

b) The CFO

c) The CIO

d) Someone who reports to someone who reports to one of the above

6. When you ask why the last CSO left, the response is...

a) He's taking the top spot at DHS, but keep it quiet. I don't think Chertoff knows

b) She had some great ideas, but, frankly, couldn't sell them

c) He got burned out

d) I'm not sure he's gone yet. Let me check the break room.

7. Last year a New York Times article reported on an investigation into the company's alleged fraudulent sales practices. When you ask how the crisis was handled, the response is...

a) We activated our crisis management team and they conducted a thorough investiation that identified the source of the problem. It was handled with transparency and professionalism.

b) The security group identified the culprits and worked with their management to resolve the situation

c) Heads rolled

d) I'm sorry, but that's not something we can discuss with you

8. During the interview, the executives are most interested in hearing about...

a) Your overall strategy for building a world-class security organization

b) Your plan for creating a sense of seucirty ownership throughout the company

c) The article you were quoted in about doing security on a shoestring budget

d) Your experience speaking at security conferences

9. Your impression of the organization's attitude toward security can best be described as...

a) Respect tinged with awe

b) Camaraderie

c) Grudging acceptance

d) Barely concealed scorn

10. When you ask what the current state of morale is in the security department, the answer is...

a) Extremely high. It's an enthusiastic group.

b) Good. They're looking forward to some new leadership.

c) Fine. Except for Bob. He interviewed for your position and may need some time to adjust.

d) I don't know. You seem pretty cheerful to us!

See the scoring key here.

Copyright © 2006 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)