• United States



So You Want to Be a Global CSO?

Jun 15, 20074 mins
CareersData and Information SecurityIT Leadership

Advice on landing a gig in Europe from someone whos been there, done that

Ever since I moved to Europe, I’ve been inundated with inquiries from other Americans wondering how they might also find a job here. I figured I’d save time and money on the phone calls by writing a column on the topic. (Yes, I’m that lazy.)

Many Americans think that Europe is an employee’s paradise just because the work hours are shorter, there is more job security, and employees get more vacation time. Those things are certainly true, but before you begin your job hunt, you should understand what you’re up against.

First, compensation in Europe tends to be lower than in the States. Even though American ex-pats get the first $80,000 of their salary tax-free, that doesn’t really make up for the difference. Also, it can be difficult adjusting to the different culture. You’ll probably need to be proficient in the language of the country where the job is based, and even then you’re likely to experience some degree of discrimination. Finally, most countries require that the employer certify that there were no available, qualified workers in the host country to do the job. It helps that information security is a technical field with a relative shortage of qualified people, but it might be more difficult to make this case in physical security.

Given these challenges, what’s the best way to proceed? In my experience, the best ways for an American to work in Europe are either to work for a global, American-based company and ask to be transferred to a European office, or to work for an international agency based in Europe. I’ve done both and know the advantages and drawbacks of both methods.

If you work for an American company, then, by definition, that company’s headquarters will be located in the United States. That can put you at a disadvantage when coordinating security issues with senior management. The time zone difference may sometimes mean working late nights. It’s often hard to stay in the loop, and you’ll have to deal with the “us versus them” attitude that tends to occur between a central management office (which makes policies) and the field offices (which have to execute those policies).

It’s not all bad, though. You’ll be able to speak with some knowledge and authority about how European laws or local conditions must be taken into account when making security policies. You’ll also be more conversant about the European market and attitudes. If you manage it wisely, you can gain the trust of both your European and American colleagues on all kinds of matters.

Working for an international agency is another possibility. These agencies typically crave American workers because it helps them demonstrate that they are truly international. The United Nations agency where I work, for example, has a keen interest in showing that it has Americans in senior management positions.

Either way, networking for an international job is similar to networking in the States. Find an organization that you are interested in working for, and try to find out if you know anyone who has a connection there. Looking for a job overseas means it is less likely that you will have some connection; the good news is that international organizations are less apt to blow you off when you make a cold call.

If you call an international organization and ask for the CSO, the chances are good that your call will be forwarded to that person, and you can have a friendly and professional conversation about employment prospects at the organization. At this stage, language should not be an issue, because English is the working language of most international organizations.

Have your questions prepared ahead of time. Ask what openings the organization can expect to have over the next six months. If the organization doesn’t have anything available, ask if your contact knows of other international organizations you might call. For example, in The Hague, where I work, there are quite a number of other international organizations, and we meet together regularly to discuss security issues. If I don’t have an opening, I might know of openings in sister organizations, or at least know the contacts in those organizations. Ask for suggestions, and follow up. You can use Skype or a similar VoIP service to save money on your phone bill.

Above all, be realistic and plan carefully. If you have good work experience in the States and really want to work here, you can make it happen. n

Paul Raines is CISO of a nonprofit group in The Hague, Netherlands. Send feedback to Senior Editor Sarah D. Scalet at


Paul Raines is the Chief Information Security Officer for the United Nations Development Programme. In that capacity he is responsible for the information security and disaster recovery planning for the Organisation’s 177 locations around the world. Previously, he worked for the Organisation for the Prohibition of Chemical Weapons (OPCW) and, like all current and former members of the organization, shared in the 2013 Nobel Peace Prize. Prior to working for the United Nations he was the Chief Information Security Officer for Bloomberg LP and the Federal Reserve Bank of New York. He is a graduate of the United States Air Force Academy and Harvard’s Kennedy School of Government. For relaxation he enjoys opera, Shakespeare, French wine and sometimes just sitting in a cafe with an espresso and croissant reading a good book on Roman history.

The opinions expressed in this blog are those of Paul Raines and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author