You might be perfectly happy in your job right now, but at some point in your career, you might decide that it’s time for a change. Or perhaps your company will be acquired, and the decision for you to move on won’t necessarily be yours to make. Whatever the scenario, the time to prepare for a job change is now, and you can start by carefully managing – and even cultivating – your reputation as someone who companies really want to hire.
This primer provides tips on managing your reputation to help ensure an optimal outcome for both you and your potential employers.
Give people a reason to trust you
The Chief Information Security Officer (CISO) role is all about creating trust and protection for an organization. Likewise, you need to give people a reason to trust you. You will command a premium salary if you are perceived to be credible and trustworthy. This is something you must foster now and manage during a job search process.
Be forthright with the companies that may be looking to hire you. Do not misrepresent yourself because you really want the job. There are many different types of CISO positions – those that are more strategic in nature and those that are more technical or operational. As long as you are transparent about your intentions, it’s acceptable to position yourself as a change agent or a “fix-it” candidate that will go in to a company, make the necessary changes to get the company up to security best practices, and then move on in two to three years’ time. Some companies may be fine with that.
If you are fortunate enough to have multiple companies interested in hiring you, don’t play games with them, such as pitting one against another in a bidding war. Part of why a company wants to hire you is for your good judgment and business acumen, which includes managing your own reputation and search process. If companies catch a whiff of game playing – and they will, if it’s there – then your credibility will be called into question and the interest could dry up.
Take a long-term view of your career
The market for cybersecurity leaders is very hot right now, and it will be for some time. It can be tempting to want to job hop to continue to increase your compensation package. However, making a move to chase the money can be so short-sighted—and possibly damaging to your career, if you get a reputation for jumping ship quickly or move into a position that doesn’t suit you well.
You need to manage your career moves, whether you plan to work for just another five years, or for 10 or 20 years. As you plan to make a move, ask yourself, “Is this the right move for me at this time? What new things can I learn? How I can be a change agent for this company? Will I have the leeway and the resources to accomplish good things?” Do your due diligence before accepting an offer.
Brand yourself as a continuous learner
The cybersecurity industry is changing very rapidly. You have to be a continuous learner to stay current with threats, technologies and trends. Invest in yourself. Your resume should show that you are fresh on relevant certifications, you keep up with current topics, you take courses to expand your knowledge, and you participate in ISACs and other programs to gather and share knowledge.
Part of learning is taking on challenging roles that will stretch your mental muscles. Look for opportunities to do new things. For example, many companies offer to cross-train their key employees by moving them around within the organization. Welcome these opportunities to learn something new, even if they take you out of your comfort zone for a while.
People can look pretty much the same on paper, so there should be something on your resume that makes you pop. Your differentiator could be a unique degree or certification, hands-on experience with a hot topic, a unique combination of education and skills, or whatever you believe sets you apart from others. Highlight your differentiator on your resume if you know a prospective employer has an interest in that area.
For example, maybe you go deep on a specific topic, like privacy. With the GDPR looming large for global companies, anyone who can tout special expertise in privacy protections is a standout. Other trending topics today that are good differentiators are cloud security, artificial intelligence, blockchain and machine learning.
Get noticed for your leadership
There are numerous ways to get noticed outside of your own organization. One way is to create thought-leadership content that demonstrates your expertise, such as through published articles or speaking opportunities. You can take a leadership position within industry organizations, such as the SANS Institute, your industry’s ISAC, or groups like the Cloud Security Alliance.
It’s good to align with universities and/or schools and their cyber curriculum. It shows that you are interested in preparing the next generation of security professionals for real-world jobs.
Be a catalyst for others to be successful
Too often, people get focused on how to make themselves successful. Companies look for people who have a knack for helping others be successful too. For example, one CISO I’ve worked with participates in his industry ISAC. He has a reputation for being incredibly helpful to the ISAC, in terms of pushing the boundaries of information sharing and openness among the member organizations. He helps individuals and he helps his entire industry. He is just a catalyst for goodness that is helping to change the industry. His reputation will precede him if and when he goes on his next job search.
You are in an exciting professional field, in exciting times. There is plenty of growth in the market, as well as lucrative financial rewards. It’s important that you manage your reputation to put yourself in the best light possible with the people who might want to hire you.
Let me summarize my tips:
- Engender trust and credibility in your reputation. Honor the commitments you make.
- Take a long-term view of where you want to go. Don’t simply chase money to move from job to job.
- Keep current with your knowledge and brand yourself as someone who is always learning.
- Be a team player with a reputation for helping others be successful.
- Establish yourself as a thought leader.
- Look for opportunities to learn new things.
- Develop a differentiator that will make your resume pop.
Caldwell Partners is one of the world’s premier providers of executive search and has been for more than 45 years. Matt Comyns is managing partner of the firm’s Cyber Security Practice. His focus is on recruiting chief information security officers and next-level-down top lieutenants in information security for large global corporations and fast-growing private companies, as well as cyber security consultants for leading professional services firms and top executives for cyber security technology companies.