In Depth

Make Yourself a Dream Security Job Candidate

A sharp suit and a set of acronyms won't be enough to land a top position. Leading recruiters share the specifics that make CSO job-seekers easy to place.

By Sarah D. Scalet

Page 2

If you're that rare candidate who has the whole package, you're going to have an awful lot of opportunities. But if you're a person who excels on the technical side but is lacking the people skills, there is going to be a ceiling. Does that sound harsh? It's reality. If I were talking about CFOs, it would be the same. The people who ascend to the top of the company are the people who have outstanding communication skills. Yes, they have to understand their subject matter. But if they don't have outstanding communication skills, there's going to be a limit to what they can accomplish.

Pete Metzger, vice chairman and head of the global security practice at Christian & Timbers in Washington, D.C.

It's not what my dream candidate is; it's what the clients want. The first thing a client will say is, I have to have someone who can lead this organization, someone who can influence people and events. The other thing is threat analysis. Our enterprise is threatened by man-made disasters, by natural disasters, by radical reformist groups and by state-sponsored terrorists. How do I prepare my enterprise to deal with these threats? That generally requires a forward-thinking person who is also able to network with national-level sources in law enforcement and intelligence. The CSO also has to have experience in designing, practicing and implementing disaster recovery plans, and have the executive presence to knock on the door [of the CEO] when necessary and say, here's something you need to know about.

Then the client needs someone who understands business. An MBA is an important advantage for a CSO candidate.

Vincent Sorrentino, president of J & S Resources & Associates in New York City

I'm looking for a solid work background, not a candidate who takes a new job every two years. I'm not looking for someone from a ho-hum school. I'm looking for someone who has moved from one good firm to another good firm. We advise candidates to trade up, and when we say trade up, that's not only in terms of compensation. You don't want to go from a Merrill Lynch to a firm that's not recognizable. You don't want to go to a startup just because there's an opportunity to make millions of dollars. If you trade down, it's gotta be a minimal trade down.

The other thing is personality. You're talking about somebody who's going to come into a new corporate environment, and he has to know how to win over his peers to get the job done—especially from a security perspective, because you don't come in and just lay down mandates. You don't want to come in like a bull in a china shop. You have to be able to negotiate. You have to get people to buy in to your program.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WHITE PAPER
Maximizing Site Visitor Trust Using Extended Validation SSL

VeriSignNow with Extended Validation (EV) SSL available from VeriSign, you can show your customers that they can trust your site. Learn about EV SSL benefits in the free VeriSign white paper.

» Read the Paper

Featured Sponsors
Sponsored Links

Manage your IT more effectively

Secure your virtual and physical environments with the same software

Simplify your data center with Juniper Networks. View the webcast

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

Enabling Compliance with Converged Mainframe Security and Storage

Managing SSL Security in Multi-Server Environments

The Latest Advancements in SSL Technology

How to Offer the Strongest SSL Encryption

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

Get in Compliance With Government Data Regulations

Taking the Botnet Threat Seriously

CA's IT Security centralizes your identity management to turn security into a proactive, business-building tool

Efficient - Flexible - Compliant

Any company can promise identity protection. Only Debix can prove it

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

When Customer Relationship is Everything, Businesses Bank on SSL Solutions

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

The Case for Business Software Assurance ~ Securing Your Applications

Maximizing Site Visitor Trust Using Extended Validation SSL

Solving Online Credit Fraud Using Device Reputation

Understanding Data Location is Imperative for Data Loss Prevention

5 Steps to Secure Outsourced Application Development