One of the things Caliber Security Partners provides is select information security recruiting services for our clients. Once you do anything long enough, you start to notice trends. There are some specific things that security practitioners can do to further their careers or uniquely position themselves to have an advantage above others. Here are four of the most common requests we’re seeing:
No one ever said working in compliance was sexy, but it’s a growing area and one that companies continue seek for specialized individuals. If you have an opportunity to work within PCI, HIPAA, or any other compliance area, don’t turn your nose down at it. Riveting? No. Career builder? Yes.
3. Get Certified
Most people highly involved in the information security industry know that some of the most talented security practitioners have no certifications at all. But the average guy or gal doesn’t have that luxury. It’s not necessarily the hiring managers that are demanding certifications from new hires, it’s the companies. So get your CISSP, CISA, or whatever alphabet soup certifications you need to make sure you’re not eliminated before you get the chance to prove your real worth.
2. Application Security
This particular discipline is in rare supply and the people that know how to do manual source code reviews can pretty much write their own ticket. Finding someone who can do this isn’t like looking for a needle in a haystack, it’s like looking for a specific piece of hay in the haystack. So if you have the ability, inclination and focus to fine tune this skill set do it. There are plenty of companies that will line up to bring you in.
1. Learn to Communicate
Pretty much every time we talk to a potential employer about what they want, it’s followed by “And they have to be able to communicate.” Companies are looking for security practitioners that can speak to the business needs of the organization, not just hunker down and do the work. They have those guys; they have few people that can articulate to the business needs. Whether you think you have the skill set or not, improve it or develop it. Unless you’d like be locked in a room never to talk to people (something many security practitioners fantasize about) you need this very important skill.