Tag Archives: mentor

#FirstMonday Pre-Professional – Finding your Way

Published by:

Apologies for being a week late.  The dog ate my cyber 🙂

Pre-Professional: any individual who has not yet (and never has) obtained a position working in the cybersecurity field. This may include anyone who has interest in working in this area with or without formal training and education in the field. Examples of individuals and or situations who may be part of this phase are: individuals who are switching careers (former military, IT, retail, law enforcement, etc.) and students (high school or university).

Last month, I told you a little of my story in the Pre-Professional level of the Cybersecurity Career Lifecycle (CSCL).  Take the time while at this level to be a sponge.  Learn as much as you can, from as many sources as you can.  Both ISSA International and your Local Chapter have numerous learning opportunities, take advantage of them.  A good one that ISSA International offers are the CSCL Pre-Professional Virtual Meet-Ups.  I’m now going to brag about my Chapter.

We offer an annual CISSP review course.  The CISSP is by no means a Pre-Professional certification.  However, just taking the course can lead you down your path.  I would like to call out our Chapter Leadership for finding great subject-matter experts to mentor the course.  Understanding the real-world application of each domain is invaluable.

Another great place to learn is from Chapter meetings.  I remember a meeting we had that didn’t really interest me, based on the topic.  Even after the meeting, the topic still wasn’t high on my list of things to learn about.  However, the speaker that day did a tremendous job of walking us through the process she used to determine the best solution for her workplace.  That was my great take away from the meeting.  One day, along my CSCL, I might be tasked with determining the best solution to a pressing need.  I’ll be glad that I will have had the experience of listening to the story of how she went about doing it.

To conclude, use this time to become a Jack (or Jill)-of-all-trades.  As you will read in the coming months; the more you progress through the CSCL, the more specialized your work will become.  Next month, we step up to the Entry Level.  See you there!


#FirstMonday CyberSecurity Career Lifecycle Goals

Published by:

This year we are going to dive into the CyberSecurity Career Lifecycle (CSCL).  This initiative was put forth by ISSA International a couple years.  Let’s start with the goals of ISSA International and then we’ll dive into how this can help our local membership grow in their own careers throughout the year.  First the goals of the CSCL:

  • International, standardized definitions and acceptance of cybersecurity roles
  • Reduced costs & issues associated with hiring for the wrong role vs. what is really needed by the business
  • Resources for companies that alleviate them from having to develop job descriptions and other materials
  • Understanding of the skills & knowledge necessary for success in cybersecurity jobs, as well as clear definitions of what responsibilities are necessary to meet expectations

The first goal is pretty standard.  Let us create cybersecurity roles that are accepted internationally and consistent.  A cybersecurity analyst in Chicago should be doing roughly the same job as an analyst in France.  This helps us all speak the same language.

If we can do this, we tackle the second goal.  By having standardized roles, we can reduce the time and effort it takes a company to hire the right people for the business needs.  Standardized roles also help us tackle the third goal.

Imagine a company is looking for a Security Auditor, that company could essentially “copy/paste” the ISSA job description.  Then that company could just tweak the job description to fit its own needs based on what compliance policies it must follow.

Personally, I feel the fourth goal is the most important, and I really appreciate the language they used.  As a Pre-Professional (more on that in another post), I passed a number of certification tests.  I had the knowledge, but not the skills to be successful in a cybersecurity job.  As a chapter we need to help with both skills and knowledge.  Here in the Las Vegas Chapter we are tackling the knowledge part by offering a CISSP Review Course.  We have also been discussing a mentorship program that will give the participants the opportunity to learn the skills from a number of different people within the cybersecurity industry.

This is a quick overview of the goals of the CSCL.  Next month, we will dive into some the jobs that are available in the cybersecurity field.  That will be fun because there are a bunch that I bet many of us hadn’t thought of before.