Undercover: A Painful Lack of Security Jobs
- 15 October, 2009 04:43
- Comments
We can blame it all on this dastardly economy, but even in good periods, qualified individuals find it difficult to land a job as an executive.
Just recently, I applied for a job as a director of information security. The position reported directly to the company's hiring manager (CIO). It was widely advertised at the company so many of my friends and colleagues knew who the hiring manager was. I had already contacted the CIO directly -- and had subsequently been introduced to him and recommended by other CIOs who knew him well, so the hiring manager immediately e-mailed me to say to contact the HR director for an initial phone interview and to call him later that same day.
Both interviews went extremely well, with conversations lasting well over an hour. We covered their challenges that I could address and gravitated to small talk on our past experiences. We clicked and had long, enjoyable conversations. The CIO said he would bring me in for a face-to-face meeting the following week once he had a chance to interview other candidates.
Deep down I was overly cautious, having been burned in the past, as I explained to another candidate who had applied. I said, "It would appear to you I'm a natural shoe-in or on the CIO's short list by knowing so many people and from the work I do. But it is getting to the point that it no longer matters who and what you know, not even if you're a close friend of the hiring manager."
Being well-known in the industry and the local IT community, I knew who these other candidates were, and we shared much information. It is a small world.
In the weeks that passed, I sent the CIO two follow-up e-mails, I also e-mailed the HR director in California. All three were met with silence. I also left the CIO two voice mail messages -- one on his office line, the other on his personal cell phone -- and neither was returned. After three weeks, I received a phone call from the HR director telling me the CIO was unsure about the position. He was contemplating diminishing the role to a lesser grade and I was, of course, overqualified, and so were the other candidates.
The HR person did offer to help me network. He was just as puzzled as I was, and I explained what many information security executives go through. Through subsequent conversations with the other candidates, I learned that the CIO hired someone in an engineering role.
I was not surprised. This has happened to me on countless occasions, as it has with many others across the country.
Here are some of the problems we job seekers are up against.
Corporate Russian roulette
Is it the current economy that forces companies to ask employees to do more for less? Is it the misconception that companies don't really know or understand the enormous value that the CISO/CSO can bring to the table? I have notes recorded in a vast database where I keep track and document every detail of every job. It is an aggregator of executive-level jobs posted across the country that I and others have applied for. It includes the job descriptions, contact information, conversations, e-mail correspondence and communications with other candidates who applied. Interesting enough, a pattern is emerging where a director's job or even that of a CISO/CSO is diminished abruptly to that of an analyst/engineer role, or the job is placed on indefinite hold.
This characteristic pattern is directly responsible for the myriad security breaches happening at many organizations.
I embarked on trying to find out why this is happening, why so many qualified individuals struggle to find employment as an executive in information security, only to experience the same frustrations I've experienced.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
Face Time - Interview with John Brennan and Robert DiStefano
-
Face Time - Interview with John Brennan and Robert DiStefano
-
Phones are distractions during catch-ups
-
Google's Sidewiki lets people post comments about Web pages
-
Leaving your job? Take your data with you
-
Print security and the mobile workforce
Where, when, and how we work is changing. Whether your employees are working on the road without a dedicated workstation or from a home office, they need a safe way to print. Driving this shift is the accelerating adoption of smartphones, tablets, and other mobile devices. But even with these devices, printing remains a key business function for virtually all employees, and many may already be using them to print. Read more. -
Mobile Security: Don’t leave employees to their own devices
No organisation can afford to ignore the rising march of consumer devices in today’s workplace. But neither can they ignore the risks that consumerisation brings. Companies must adapt IT and security strategies accordingly, balancing the needs and demands of more flexible work models with the often thorough information security safeguards that were implemented to protect the business in the first place. Fortunately, there are ways of doing just that and achieving a balance that works for all concerned. -
Best Practices for Oracle License Management: Optimise Usage and Minimise Audit Liability
With Oracle audits on the rise, organisations that can best align license agreements with actual database and option usage can reduce their financial risk and maximise the value of their Oracle investments. The goal is to “right-size” Oracle across the enterprise and gain control over the entire license management process – from accurate needs projections and licensing negotiations, to deployments and audit preparation. Read on.
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment