5 ways to kickstart your infosec job search in 2016

posted in: Uncategorized | 0


You’re questioning your job—the company, your responsibilities, your salary and more—but is it time to move on?

Paul Wallenberg, team lead for the technology services team at recruiting company Lasalle Network, suggests you ask yourself some tough questions before launching a job search: Are you being challenged? Do the projects you’re working on leverage your skills to the fullest? Do those projects give you the ability to be creative?

But as enthusiastic as you might be to jump feet first into a new job search, approach it carefully and deliberately, the experts say. Check your emotions at the door, slow down and do it the right way. Here’s where to start.

1. Question whether you’ve reached your potential.

Have you achieved everything you can at your company? While it’s natural for security professionals to itch to move to the next opportunity, consider first whether you’ve actually reached your full potential, Wallenberg says.

For example, infosec professionals often focus too much on learning new technical skills instead of honing soft skills, he says. “There might be areas beyond your technical skills that you’re not looking at. Your boss might routinely turn down a project—but why? Maybe it’s the way you’re talking about implementing it, which means perhaps you need to master how to present information in a more compelling way before moving on,” Wallenberg says. “Soft skills are just as important as your CISSP certification to CISOs.”

Consider the big picture at your current company, too, Weinstein says. “Look at everything—your work environment, the tech and the commute before you consider other options,” he says. “You don’t want to waste time looking when it’s really not that bad where you are. You could be at a great company with great growth potential. Think about whether the grass will actually be greener on the other side.”

2. Talk to your manager.

Having an open and honest relationship with your manager is key to your professional development, Weinstein says. Consider having a conversation with her to discuss your future before you decide there’s no other place to move but out, he says.

“Don’t be too afraid about talking to your manager about this—remember that they want to retain you and contrary to what you might think, they probably won’t automatically assume you’re thinking about leaving,” Weinstein says. “This will help you gauge what the future holds so you can set a timeline for yourself.”

If your manager can’t give a clear answer about where he sees you in the next year—or if it’s not where you want to be—that could be a sign that it’s time to move on. Like what she has to say? Perhaps consider postponing your job search, Weinstein advises.

3. Lean on vendor relationships.

Vendors’ insights into the industry are an undervalued resource, Wallenberg says. If you have a good working relationship with a vendor you trust, bounce ideas off them and ask questions about technologies, trends and more, he says.

“Vendors are up to date on everything from new products on the horizon to the technologies that are booming, which can be a good indicator about which of your skills need to evolve,” Wallenberg says. “Ask them about trends and who they’re getting business from, too—that will be a good indicator of hot industries you might want to consider.”

4. Consider trainings over certifications.

Security certifications are no longer nice to have, they’re mandatory, Weinstein says. But if your technical or soft skill sets have holes, expensive, time-consuming certifications aren’t the only way to fill them, Wallenberg says.

“There are courses and trainings you can take that are not necessarily certifications — on topics like penetration testing and ethical hacking — that are sometimes free and on the web,” he says. “Look at sites like Coursera and other web-based training programs. More hiring managers put stock in those training methods because it shows the learning you’re doing outside your day-to-day at work.”

5. Research a practical salary.

Security is a hot field with many jobs commanding robust salaries—but despite the demand for qualified professionals, job seekers need to take an educated approach to setting a target salary, Weinstein says.

“You need to be realistic. I’ve run into many security professionals who think they should be paid much higher than what they’re getting—and often it’s out of line with the market value,” he says. “Be honest with what you’re making now, and know what’s fair to make at your next job. Some companies might even ask to see your current W-2 to prove that you’re making what you say—and if you pad it in hopes of getting a higher salary, you’re in trouble.”

Use sites like PayScale and Salary.com, and speak to friends and contacts in the field to gauge fair salaries, Weinstein suggests.

This story, “5 ways to kickstart your infosec job search in 2016” was originally published by CSO.