Professional Advice for Security Wonks

So you’re one of the lucky people that actually managed to land a job in the security field.  Bully.  New Scientist has some good advice for scientists that adapts readily to any professional’s career, but particularly well for security wonks.

First they harp on communication, and who can’t benefit from improving their interpersonal communication skills?

Then they discuss the publication imperative, and this is becoming a more important piece as the field gets more and more crowded.  Not that there’s a shortage of work, but there is a shortage of best places to work.  Like here at Digital Trust.  Professionals that give talks, write articles, run a blog, or just generally hang their reputation on putting stuff out in public, are better prospects for employers.  Publishing something (and not getting trashed for it by your peers) demonstrates characters and commitment.  Anyone can attend a con, but a presenter will probably get preferential hire treatment.  Unless they spoke about something senseless, like Class 3 firearms (that won’t get you anything but giggles).  To be the best, you must contribute something of value.

The rest of the article is self explanatory and easily mapped across.  Don’t neglect the last step, planning.  If you float around the industry you’re not going to end up in the best place.  There are 55 year old firewall admin’s, but there’s also 18 year old firewall admin’s, so the salary situation is sort of feeble.  There are no 18 year old Pen Test leads.  That we know of.  Feel free to submit examples.  So plan out your future.  Use an old person to help you do it.  If step 2 in your plan is CISO, you probably need external assistance.

One thing not mentioned in the article, oddly enough, given recent headlines, is STAY OUT OF TROUBLE!  Just because you think The Man is the enemy at the moment, doesn’t mean you will in 10 years.  And a hacking conviction ruins your chances at certain jobs.  Jobs you may not want right now, but trust us, a bad past is an albatross nobody needs.  It’s the first thing we check when we  hire people.  So don’t.  Just don’t.

Along those lines, and another omission from the article, is DON’T SAY STUPID STUFF IN THE INTERWEBS that you’re not willing to live with forever.  Because it will come out at the most inopportune times.  Like in an interview.  Hey, one of our products is background information on job applicants.