The other security professional on this CIO's staff is a hands-on technical professional who has very deep technical skills but he is not strong with regulatory compliance, risk management work or work that requires strong interpersonal skills.
As they considered which security professional could be eliminated, someone suggested passing certain security issues over to a department housed within the general IT staff. Someone else quickly pointed out that they couldn’t allow IT to have control over certain security issues because doing so would result in a PCI violation.
My recruiting partner and the CIO came to the conclusion that both security professionals might have to go in order to hire someone who had a broader skill set that included both the business / risk / interpersonal skills and the deeply technical components all wrapped up in one person’ s security / technology risk management skill set.
Though this is my friend’s story to tell and not my own, I know and understand the pressures my partner’s client is under. We've worked together to serve my partner's client for many years.
Security professionals in both the present and the future need to bring broad skill sets to prospective employers in order to satisfy the growing demands found in hiring manager’s job descriptions. It is a need to get more done with less that CISOs face across the nation.
One of my college professors introduced himself to our business class years ago by telling us his class where we'd learn how to get the “Mostest from the Leastest”. Granted, this wasn’t very impressive English coming from a professor but the point was well-made and his class definately lived up to the introduction.
I don’t know that I knew enough about anything back then to fully appreciate my professor’s point. Having recruited through the Dot Com bust and now through this current recession, I’m beginning to fully understand my former professor’s point.
In today’s business environment, professionals across the board who can figure out how to deliver more value with less resources will be the employable professionals of the present and the future.