To be considered a respected Information Security Professional nowadays requires more than just knowing the bits or bytes, or the controls required by a given framework by heart. Being successful in your Information Security career requires you to have a deep understanding of the business needs (and how to enable, not disrupt them), sharp communication skills and a swift ability to sell yourself.
The following tips presented in this article should broaden your field of sight about the way you conduct your career (even if you are unemployed), and will definitely give you the edge when the message they transmit are absorbed and put into practice.
1. Learn to communicate effectively
Have you felt a project manager staring at you while you explain a security concept or a solution as if you were talking Greek and Latin to him? Information Security is only effective if it can be communicated clearly to the audience. You must always keep in mind the level of technicality that must be communicated to the recipient. There is no point using technical words or acronyms to either a project manager or a senior manager who doesn’t understand a word of security. However, if you were to communicate the business benefits in monetary terms or how the current procedures and processes could be managed effectively or even the number of man days reduced by implementing a solution, that would be more effective than proving your technical knowledge. In case you are unemployed, being a good communicator can make the difference between landing a job or not.
2. Learn to say ‘may be’ rather than ‘no’
As a security professionals I’m sure many of us had this perceived outlook that any request or suggestion to implement a solution should always be looked at with a negative sense. Mainly the idea is to say ‘No’ if it doesn’t fulfill the requirements of the security standard. But now I personally feel this is a wrong perception. We as security professionals shouldn’t be perceived by our organization or clients as party poppers or bottlenecks. Rather say we will review the request and maybe it could be implemented differently and securely.
3. Social networking sites are not just extensions of instant messengers
With the advent of web2.0, social networking sites have taken off quite well. Sites like facebook, orkut, linkedin, twitter and so on are breaking records of number of users by the day or even minutes. But how can social networking sites be useful to security professionals? There are a number of advantages like security groups, discussions, brand awareness, research, etc. This is the era of interactively sharing information with like minded people. So, try using social networking sites smartly rather than plain old chatting.
Pages: 1 2