The answer to this question is most often “a lot.” When you limit the question to the security industry alone though, the answer can sometimes be “not much,” which is a reflection of the path a candidate takes to enter the profession.
Understanding the secrets to building and advancing careers is a common topic of discussion and debate amongst the hundreds of security professionals we’ve had the good fortune to meet in our respective careers.
As many of you have observed, a number of executive roles leading corporate security department are filled by senior-level federal government officials from the law enforcement, intelligence and military communities who are retiring and seeking a second career.
Over the past few years, women have represented approximately 10 percent of the information security workforce, but analysis from two recent (ISC) information security workforce surveys shows that women are quickly converging on men in terms of academic focus, computer science and engineering, and, as a gender, have a higher concentration of advanced degrees.
Your resume is a marketing document. Too much information presented as a career biography may not achieve the results you are hoping for. A recruiter or hiring manager, who has never met you, will judge you by its content and appearance alone, and decide whether you deserve further consideration for the role in which you have expressed interest. A brief, clear, attractive resume will recommend you more highly to a recruiter than a long-winded, poorly designed one will – even if the content is the same. The time investment is significant, even if produced with the assistance of a professional writer.
With cyberattacks making headlines almost on a daily basis, the role of the chief risk officer (CRO) is important now more than ever before. In addition to analyzing, monitoring, predicting, mitigating and evaluating many types of risks and conditions, chief risk officers (CRO) are held responsible for ensuring compliance to rapidly evolving industry regulations and analyzing IT operations to prevent data leakage.
For the next generation of enterprise security leaders, is there a clear path forward to success? Enterprise security leaders discuss mentorships, education, certifications and the skills new CSOs and CISOs will need to succeed in their evolving roles and bring value to the business. But the problem is: with existing security leadership roles varying so widely, is the development of a uniform skill set even possible?