Wednesday, November 14, 2012

Candidate Questions: What happens to security jobs in your pipeline?

A Candidate Asked
Jeff, what happens to some of the security jobs in your pipeline?

While this is a sore subject, I’ll answer the question.  This is a great question and I might not have dealt with it publicly had someone not come along and sincerely asked for the answer.
I used to openly talk about and write about what I call pipeline security jobs.  Those are jobs that had been discussed with me and I’m aware that they exist but we don’t yet have a signed search contract and the search process is not ready to kick off.

The words people used to share with me were enough for me to develop trust and to sometimes take action.
I won’t be discussing pipeline searches anymore.

VP, IT Risk Management and Compliance
The candidate who recently approached me asking about my pipeline specifically asked about this brand new IT Risk Management leadership role that I once mentioned when discussing what was in my pipeline.  The original discussion around this search came to me near the end of August. 

An HR person from a Fortune 50 company called me as he followed directions from his CISO.  This is one of those too-big- to-fail companies that was bailed out by the federal government.  Your tax dollars and our deficit paid for this company to continue doing business.
August 30, 2012

The HR conversation led to a scheduled call between me and the Global CISO on August 30.  I was promised a contract by the HR person the first week of September.  This contract delivery to me never happened. 
October 3, 2012

A couple of weeks went by.  I checked in with the CISO who in turn leaned on his HR person in another city.  On October 3, I called the HR person and caught him after only two rings.  He answered and said:  “Jeff, how are you?  I owe you a contract don’t I”?  I kept my answer short and sweet.  My answer was simply the word Yes.
October 4, 2012

I was verbally promised a signed contract that would be delivered on Thursday October 4.  The date came and went and the contract once again was not delivered. 
Human Gap Analysis

This time, I wrote down every word the HR person said during our October 3 conversation.  I sent a transcript of this conversation to the CISO as I had now determined that there is always a gap between the HR person’s words and his actions.   In fact, this gap is the size of the Grand Canyon. 
November 7, 2012

Last week I read an article the day after the election suggesting that the new Senator in Massachusetts could possibly be a challenge to the banking industry.  This article caught my attention and gave me a reason to call on the CISO to check in on the status of the search that was going nowhere.
The CISO has always been professional and courteous. He returned my call within 15 minutes.  I said nothing about the VP of IT Risk Management and Compliance search or the fact that I still didn’t have a contract.  I asked if the new Senator in Massachusetts in his opinion was going to cause his organization to see more regulations from the federal government. 

We talked for a few minutes about the election and the CISO’s perception of the implications of a second term for the Obama Administration.
He then started talking about the success they’d been having in identifying candidates for the search.

Hurricane Sandy
The CISO told me that his company’s New York offices would likely be out of operation for 6-8 weeks while they wait for power restoration.  This was not good to hear but the fact that his NYC offices did or didn’t have power today wouldn’t matter in the context of this story if my search contract had been delivered in September or October as it was frequently promised. 

The HR person’s total lack of follow-through on multiple occasions seemed to not matter to the CISO.
The Game Changed

At this point, the CISO began describing a couple of Big 4 candidate profiles they’d surfaced  in the city where the job exists. 
The problem with this information is that on August 30, I was specifically told by the CISO that I’d have to deliver candidates from some of the nation’s largest banks.  I was prepared to do just that.

The CISO specifically told me that he had no interest in any candidates who were coming directly out of consulting.  He needed someone in this mission critical, newly created position who worked on the inside of a very large multi-division financial services or banking institution.  His desired candidates would possess both deep subject matter expertise and relationships with the right regulatory body at the federal level.
The Conclusion

I’ll let you conclude this story because the ending is my subjective opinion.  The story you’ve just read is 100% accurate and not a single fact has been altered.
I think I know why some of our nation’s largest companies, companies that handle billions of dollars in revenue needed to be bailed out.  This HR person I’ve mentioned is the fourth HR person who has reached out to me from this company in the past four years.  Three of the four HR people I’ve personally dealt with from this company never connect their words and their actions.

Does the word integrity mean anything to anybody?
Jeff Snyder’s Security Recruiter Blog's Security Recruiter Blog