.

(ISC)2 Publishes Hiring Guide to InfoSec Profession

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Jan 16, 2008 3:54 pm

(ISC)2 Publishes Hiring Guide to InfoSec Profession

Thought this might be of interest to those already in the InfoSec field as well as those just entering. Here's a copy of press release:

(ISC)2® PUBLISHES FIRST ‘HIRING GUIDE TO THE INFORMATION SECURITY PROFESSION’

Part of (ISC)2 Hiring Resource Center, Free 30-Page Booklet Provides HR Professionals Tips on Recruiting and Hiring Qualified Information Security Staff

PALM HARBOR, Fla., USA, Jan. 16, 2008 – (ISC)2® (“ISC-squared”), the non-profit global leader in educating and certifying information security professionals throughout their careers, today announced the publication of its “Hiring Guide to the Information Security Profession.”  This free reference guide for human resource (HR) professionals, hiring managers and recruiters provides tips on how to best find, recruit, hire and retain qualified information security staff.
Written by (ISC)2 with input from leading HR, recruiting professionals and subject-matter experts, the Hiring Guide highlights the history and growth of the information security profession, typical job functions and career paths, and ideal candidate traits. Providing tips on crafting job descriptions, screening, interviewing, extending an offer and more, the 30-page guide concludes with a section on retention and a list of online resources.
“Securing an organization in a world driven by global commerce requires security specialists who can create and implement a program, obtain support from the executive team, and create security awareness among employees – all while complying with legal and regulatory requirements,” said Eddie Zeitler, CISSP, executive director for (ISC)².  “Hiring first-rate information security staff is critical to mitigating risks that can destroy a company’s reputation, violate privacy, result in the theft or destruction of intellectual property, and even endanger lives.”
“As the field of information security evolves, companies are searching for a new breed of information security professional who possesses business and technical acumen," said Joyce Brocaglia, founder and CEO of Alta Associates, an executive recruitment firm specializing in information security, IT audit, IT risk management and privacy.  “By understanding this evolution, HR professionals can add value to their organization by attracting and hiring the best possible candidates.  The Hiring Guide offers much-needed, practical suggestions on how to do just that through the recruitment and retention of the best in the industry.”
The guide is available in hard copy or in electronic format downloadable from the (ISC)2 Hiring Resource Center at www.isc2.org/HRCenter.&nbsp; The (ISC)2 Hiring Resource Center offers other materials to assist HR professionals and related fields, including:
•        A white paper titled, “Securing the Organization: Creating a Partnership between HR and Information Security,” which describes how the two fields can work together to better secure the organization;
•        A case study titled, “Securing the Right Information Security Team,” which provides a detailed account of how UBS Investment Bank in Switzerland created joint responsibility between HR and line management in security professional placement;
•        Results from (ISC)2’s annual Global Information Security Workforce Study, which provides a detailed picture of the industry, including information on salaries, the growing need for professionals, the latest threats, etc.; and
•        An online career center that matches qualified information security professionals with companies and organizations free of charge.  Only certified (ISC)² credential holders may post resumes on the career center, but any HR professional may search the resumes.

“With the increasing dependence upon the virtual world in every corner of business and society, the need to find, hire and retain qualified professionals to protect information assets has never been greater,” added Zeitler. “We hope this guide helps HR professionals, recruiters and hiring managers better understand the scope of this burgeoning profession and lessen the pain of obtaining the best and brightest information security staff.”

About (ISC)²
The International Information Systems Security Certification Consortium, Inc. [(ISC)2®] is the internationally recognized Gold Standard for certifying information security professionals. Founded in 1989, (ISC)² has certified over 57,000 information security professionals in 135 countries. Based in Palm Harbor, Florida, USA, with offices in Washington, D.C., London, Hong Kong and Tokyo, (ISC)2 issues the Certified Information Systems Security Professional (CISSP) and related concentrations, Certification and Accreditation Professional (CAPCM), and Systems Security Certified Practitioner (SSCP) credentials to those meeting necessary competency requirements. The CISSP, CISSP-ISSEP, CISSP-ISSAP and SSCP are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers a continuing professional education program, a portfolio of education products and services based upon (ISC)2’s CBK®, a taxonomy of information security topics, and is responsible for the annual (ISC)² Global Information Security Workforce Study. More information is available at www.isc2.org.

#  #  #

© 2008, (ISC)2 Inc.  (ISC)², CISSP, ISSAP, ISSMP, ISSEP, SSCP and CBK are registered marks and CAP is a certification  mark of (ISC)², Inc.


I'd be interested in hearing what you think about this guide and if you think it will help not only you in shaping resumes but also if it will help HR staff better understand what we do. Hopefully, regardless of whether they understand or not, I do hope that they include the InfoSec staff in the hiring process as they should with all areas not completely understood.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

Dengar13

User avatar

Sr. Member
Sr. Member

Posts: 380

Joined: Tue Sep 20, 2005 8:43 am

Location: The Steel City

Post Wed Jan 16, 2008 5:33 pm

Re: (ISC)2 Publishes Hiring Guide to InfoSec Profession

True, but this is a good start for companies who don't have any InfoSec staff to begin with.  I am glad and surprised that this came out.  It can show HR how important we are and not just a necessary evil that costs the company money.
A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
<<

cyeudoxus

User avatar

Newbie
Newbie

Posts: 14

Joined: Mon Nov 12, 2007 12:38 pm

Post Wed Jan 23, 2008 7:29 am

Re: (ISC)2 Publishes Hiring Guide to InfoSec Profession

thanks for the link. I think after reading it, its a great guide. Thanks Don! I thought it was somewhat accurate, but with the security field being what it is constantly changing how do you know this information is still accurate?

-cyeudoxus
“Our character is what we do when we think no one is looking.” -ayn
<<

dannioni

Newbie
Newbie

Posts: 44

Joined: Tue Sep 18, 2007 12:51 pm

Post Wed Jan 23, 2008 2:10 pm

Re: (ISC)2 Publishes Hiring Guide to InfoSec Profession

And while we're on this topic what is a typical pay for a Security Consult/Pen tester per hour/job. How does it change with your degree of education? How much can a 17 year old, without any security education, "hobby" hacker expect to be paid?

Note: I've actually done a job for a corp. and it's therefor a relevant question.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Jan 23, 2008 3:01 pm

Re: (ISC)2 Publishes Hiring Guide to InfoSec Profession

Sounds like a great new thread. Hint hint.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

cyeudoxus

User avatar

Newbie
Newbie

Posts: 14

Joined: Mon Nov 12, 2007 12:38 pm

Post Fri Jan 25, 2008 4:22 am

Re: (ISC)2 Publishes Hiring Guide to InfoSec Profession

dannioni

Hey bro, i'm really happy you are interested in pursuing information security.. its a smoking sizzling field not all the n00bs can handle. Coming from high school with no college classes or degree and looking for a job is going to take time and your going to have to relay on how well you can Bull shit you way through the interviews. If you know your stuff which you sound like you might you'll have to bust your chops looking for a opening with a small company that doesn't require you having a degree. For your first job stay with it so you can have some real experience to put on your resume and also keep an eye out for a better job at the same time. Plus when u work for company you can always take classes part time!

-cyeudoxus
“Our character is what we do when we think no one is looking.” -ayn

Return to Career Central

Who is online

Users browsing this forum: No registered users and 3 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software