(ISC)2® PUBLISHES FIRST ‘HIRING GUIDE TO THE INFORMATION SECURITY PROFESSION’
Part of (ISC)2 Hiring Resource Center, Free 30-Page Booklet Provides HR Professionals Tips on Recruiting and Hiring Qualified Information Security Staff
PALM HARBOR, Fla., USA, Jan. 16, 2008 – (ISC)2® (“ISC-squared”), the non-profit global leader in educating and certifying information security professionals throughout their careers, today announced the publication of its “Hiring Guide to the Information Security Profession.” This free reference guide for human resource (HR) professionals, hiring managers and recruiters provides tips on how to best find, recruit, hire and retain qualified information security staff.
Written by (ISC)2 with input from leading HR, recruiting professionals and subject-matter experts, the Hiring Guide highlights the history and growth of the information security profession, typical job functions and career paths, and ideal candidate traits. Providing tips on crafting job descriptions, screening, interviewing, extending an offer and more, the 30-page guide concludes with a section on retention and a list of online resources.
“Securing an organization in a world driven by global commerce requires security specialists who can create and implement a program, obtain support from the executive team, and create security awareness among employees – all while complying with legal and regulatory requirements,” said Eddie Zeitler, CISSP, executive director for (ISC)². “Hiring first-rate information security staff is critical to mitigating risks that can destroy a company’s reputation, violate privacy, result in the theft or destruction of intellectual property, and even endanger lives.”
“As the field of information security evolves, companies are searching for a new breed of information security professional who possesses business and technical acumen," said Joyce Brocaglia, founder and CEO of Alta Associates, an executive recruitment firm specializing in information security, IT audit, IT risk management and privacy. “By understanding this evolution, HR professionals can add value to their organization by attracting and hiring the best possible candidates. The Hiring Guide offers much-needed, practical suggestions on how to do just that through the recruitment and retention of the best in the industry.”
The guide is available in hard copy or in electronic format downloadable from the (ISC)2 Hiring Resource Center at www.isc2.org/HRCenter. The (ISC)2 Hiring Resource Center offers other materials to assist HR professionals and related fields, including:
• A white paper titled, “Securing the Organization: Creating a Partnership between HR and Information Security,” which describes how the two fields can work together to better secure the organization;
• A case study titled, “Securing the Right Information Security Team,” which provides a detailed account of how UBS Investment Bank in Switzerland created joint responsibility between HR and line management in security professional placement;
• Results from (ISC)2’s annual Global Information Security Workforce Study, which provides a detailed picture of the industry, including information on salaries, the growing need for professionals, the latest threats, etc.; and
• An online career center that matches qualified information security professionals with companies and organizations free of charge. Only certified (ISC)² credential holders may post resumes on the career center, but any HR professional may search the resumes.
“With the increasing dependence upon the virtual world in every corner of business and society, the need to find, hire and retain qualified professionals to protect information assets has never been greater,” added Zeitler. “We hope this guide helps HR professionals, recruiters and hiring managers better understand the scope of this burgeoning profession and lessen the pain of obtaining the best and brightest information security staff.”
The International Information Systems Security Certification Consortium, Inc. [(ISC)2®] is the internationally recognized Gold Standard for certifying information security professionals. Founded in 1989, (ISC)² has certified over 57,000 information security professionals in 135 countries. Based in Palm Harbor, Florida, USA, with offices in Washington, D.C., London, Hong Kong and Tokyo, (ISC)2 issues the Certified Information Systems Security Professional (CISSP) and related concentrations, Certification and Accreditation Professional (CAPCM), and Systems Security Certified Practitioner (SSCP) credentials to those meeting necessary competency requirements. The CISSP, CISSP-ISSEP, CISSP-ISSAP and SSCP are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers a continuing professional education program, a portfolio of education products and services based upon (ISC)2’s CBK®, a taxonomy of information security topics, and is responsible for the annual (ISC)² Global Information Security Workforce Study. More information is available at www.isc2.org.
# # #
© 2008, (ISC)2 Inc. (ISC)², CISSP, ISSAP, ISSMP, ISSEP, SSCP and CBK are registered marks and CAP is a certification mark of (ISC)², Inc.
I'd be interested in hearing what you think about this guide and if you think it will help not only you in shaping resumes but also if it will help HR staff better understand what we do. Hopefully, regardless of whether they understand or not, I do hope that they include the InfoSec staff in the hiring process as they should with all areas not completely understood.