Public engagement’s influence on your security career

oatawa / iStock / Getty Images Plus via Getty Images

A little over a year ago, we wrote a column focused on pandemic-induced challenges to in-person engagement to advance your security career. Conference and meeting attendance had gone to zero, and security professionals had to find creative ways to maintain visibility and source information other than at live events. That has remained the case across the past 13 months, and a good deal of networking activity moved online into forums and on boards.

Most security practitioners now know there are positive ways to develop and maintain your professional reputation, even if they are done virtually. They include meaningful engagement in professional groups and authorship that demonstrates your depth of knowledge. You can initiate research on industry-relevant topics or volunteer to serve on or chair study committees.

These activities, even if done only online, still provide an opportunity for the security community to learn about you. They can also be effective in bringing you to the attention of potential hiring managers who may be starting recruitment for someone like you.

However, where you choose to engage matters, as does the substance of what you are sharing and the content of your questions. Your goal is to positively impact your career, not lampoon it.

There has been an increase in questions and comments posted into security community boards and groups that do not take possible ramifications into consideration, career or otherwise. How you phrase a question to crowd-source your information can have unintended consequences that impact your reputation and brand. Unlike one-on-one conversations, everyone in the group can potentially learn what you don’t know or where your employer’s security vulnerabilities are.

We regularly see questions like the ones below that typically include the writer’s name, company and contact details:

“I am the Director of Global Security for XYZ corporation, and I have been asked to write a policy on conducting investigations. Does anyone have an example they can send me?”

“Does anyone know of a professional, reputable security company in XYZ location?”

“Can anyone advise on best practice?”

“I have been tasked with upgrading a corporate security policy for a large organization. Can someone share a current manual for my review?”

“Does anyone have suggestions on how to convince senior management to support a security program?”

“We are seeking to replace our company-wide access system, which keeps crashing. Does anyone have recommendations?”

Engagement with peers and benchmarking to assist research can be very helpful and effective. However, telegraphing in open forums or on social media that you may not be up to the role you are currently in may not be an effective approach.

Further, most organizations consider their work products to be protected and for internal consumption. Publicly asking for others’ materials may not be a wise choice. Generic requests for assistance also may not provide you with the most effective and relevant advice or materials, which you will then have to vet for reliability, quality and effectiveness.

Consider what information you are putting out for public consumption, how it might be used and by whom. Then be prepared to evaluate the expertise and/or motivations of the individual(s) responding.

Lastly, consider what this might look like to a recruiter or a potential hiring manager. If your resume or CV paints a picture of you as an accomplished security professional, posting questions that highlight your lack of knowledge or foresight does not support that position.

Jerry Brennan is co-founder and Chief Executive of the Security Management Resources Group of Companies (www.smrgroup.com), the leading global executive search practice focused exclusively on corporate and information security positions.

Joanne R. Pollock is the co-founder and President of Security Management Resources. Previous to SMR, she had a 20-year career at leading global corporations, working across diverse functional areas including human resources, sales and marketing, and information technology services.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.