9 Career Tips for Security Pros

Broaden Your Skills, Know the Business, be a Self-Marketer
9 Career Tips for Security Pros
Given the latest demands of the marketplace, David Foote, CEO and Chief Research Officer of Foote Partners, LLC, recommends these career tips for information security professionals:

  • Be Multidimensional -- Training in various areas of security and multiple threat vectors will enhance a practitioner's value in a world of constantly changing threats and priorities. However, professionals need to avoid overemphasizing technical skills in their overall talent mix.
  • Focus on a Hot Path -- Get into current growth areas such as product and technology implementation, ethical hacking, forensics, secure software design and code review. Look, too, at auditing, governance, cybersecurity, vulnerability testing and vendor pre/post sales engineering.
  • It's About the Business -- Be able to translate security concepts and objectives into language that can be digested by business leaders. Understanding basic business concepts such as shareholder value, profit margins, cash flow and supplier diversity goes a long way. "Present security where possible as a value-add and security upgrades in terms of total cost of ownership for reducing overhead," Foote says. "Be known as an enabler and not a disabler."
  • Know Your Industry -- Understand the company's business mode, or you will not be able to explain how security supports the business objectives. Be a part of your industry association to learn and develop the required know-how.
  • Communicate Clearly -- Deliver high level concepts coherently and succinctly, keeping in mind the language of business process enablement and cost reduction. "Quantitative analysis and skillful presentation of data are must-haves for anyone wanting to move beyond entry-level security jobs," says Foote.
  • Market Yourself -- Using speaking opportunities, blogs, white papers and articles, create your personal 'brand' and communicate how you can add value to any new role to which you aspire, says Foote. "Never be afraid to ask for help with your career," he says. "Find a mentor. Clear career paths in security are notoriously absent at most employers."
  • Think Non-Traditionally -- For instance, government agencies and nonprofit organizations may not pay well, but for security professionals looking to get exposure and valuable experience - these jobs can provide a great career start.
  • Join the Community -- Form a network of colleagues and friends who share your interests, and join industry groups where you can feed off the energy of highly-motivated security professionals. Be active in relevant social media, read voraciously, and be sure to pursue ongoing education and training.
  • Understand What it Means to Manage -- Pursuing a management path means letting go of the day-to-day, hands-on satisfaction of working directly with technology, which may have been the basis of years of job satisfaction. Understand this transition before you embark down the management path.

See Also: Job Trends: Top Skills, Certifications

About the Author

Upasana Gupta

Upasana Gupta

Contributing Editor, CareersInfoSecurity

Upasana Gupta oversees CareersInfoSecurity and shepherds career and leadership coverage for all Information Security Media Group's media properties. She regularly writes on career topics and speaks to senior executives on a wide-range of subjects, including security leadership, privacy, risk management, application security and fraud. She also helps produce podcasts and is instrumental in the global expansion of ISMG websites by recruiting international information security and risk experts to contribute content, including blogs. Upasana previously served as a resource manager focusing on hiring, recruiting and human resources at Icons Inc., an IT security advisory firm affiliated with ISMG. She holds an MBA in human resources from Maharishi University of Management, Fairfield, Iowa.

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.