Foreword: Navigating the Cybersecurity Career Path xv
Introduction xvii
Part I Arriving in Security 1
Chapter 1 How Do You Become a Security Professional? 3
Create Your Story 8
So, You Want to Work in Security 13
Whats Next? 16
Chapter 2 Why Security? 19
What Kind of People Do Security? 21
What Is Your Why? 24
Whats Next? 28
Chapter 3 Where Can I Begin? 29
What Does It Mean to Be a Security Professional? 32
How Can You Make Sense of It All? 35
Whats Next? 39
Chapter 4 What Training Should I Take? 41
For the Traditional Student 43
For the Nontraditional Student 44
For the Full-Time
Nonsecurity Worker 45
Other Things to Consider 46
Whats Next? 51
Chapter 5 What Skills Should I Have? 53
The Entry Point Technology 55
Professional Skills 59
Whats Next? 66
Chapter 6 Is My Resume Okay? 67
Linking the Resume to the Job Posting 70
Elements of a Resume 71
Digital Presence 77
References 78
Cover Letters 79
Whats Next? 80
Chapter 7 Trying with Little Success? 81
Physical Location 85
Your Company 85
Get Specific 86
Know Your Market 88
Assess Your Efforts So Far 89
But Im Doing All Those Things! 91
Whats Next? 92
Part II Thriving in Security 93
Chapter 8 How Do I Keep Up? 97
Fitting It Into Your Schedule 99
Ad Hoc and Planned Learning 102
Take a Mini-Sabbatical 103
Where Do I Find the Information? 103
Whats Next? 105
Chapter 9 How Can I Manage Security Stress? 107
The Stress of Working in Security 109
Managing Security Stress 113
Whats Next? 118
Chapter 10 How Can I Succeed as a Minority? 119
Making Security Work for You 124
Whats Next? 128
Chapter 11 How Can I Progress? 129
The Security Journey 131
The Opportunist 132
The Intentional Career Seeker 136
How to Get Promoted 139
Whats Next? 141
Chapter 12 Should I Manage People? 143
Leadership and Management 145
Preparing for Your Next Role 150
Whats Next? 152
Chapter 13 How Can I Deal with Impostor Syndrome? 153
Fact-Check Your Inner Monologue 157
Know Competence and Incompetence 158
Know When to Ask for Help 159
Keep Learning and Know When Enough Is Enough 160
Keep Track of Your Successes 161
Whats Next? 162
Chapter 14 How Can I Know If Its Time to Move On? 163
Are You Happy Where You Are? 165
Have You Done All You Wanted to Do? 166
Have You Learned All You Wanted? 167
What Are Your Long-Term Goals? 168
Are You Being Pigeonholed? 169
Do You Fit Into the Culture? 170
Job Hopping 171
Are the Other Options Better than Your Current Job? 172
Whats Next? 173
Part III Leading Security 175
Chapter 15 Where Do I Start? 179
Whats on Fire? 180
What Is Your Timeline to Act? 181
Who Are Your Partners? 182
Find the Strengths and Note the Weaknesses 183
Draw the Business Risk Picture 184
Do You Have a Mandate? 185
Whats Next? 186
Chapter 16 How Do I Manage Security Strategically? 187
Consider Your Industry 190
Know Your Business Priorities 191
Be Pragmatic 193
Address Stakeholder Pain Points 194
Threats and Vulnerabilities 195
Rinse and Repeat 197
Putting It Together 198
Whats Next? 200
Chapter 17 How Do I Build a Team? 201
It Is About the How 203
Things to Consider 207
Identify Important Things 209
Identify Areas of Weakness 211
Discontinuing a Function 212
Building New Functions 213
Whats Next? 215
Chapter 18 How Do I Write a Job Posting? 217
The Challenge of Job Postings 220
Whats Next? 225
Chapter 19 How Do I Encourage Diversity? 227
Start with Numbers 229
Understand Your Cultural Issues 230
Attracting Diverse Talent 232
Writing the Job Description and Posting 234
The Interviewing Process 235
Retaining Diverse Talent 236
Promotions and Career Development 237
Leaving the Team 239
Whats Next? 239
Chapter 20 How Do I Manage Up? 241
Who Are Senior Stakeholders? 242
Help Them Understand Security 246
When Things Go Wrong 250
Whats Next? 251
Chapter 21 How Do I Fund My Program? 253
Funding a Team 255
Funding a Program 256
The Big Ask 260
Whats Next? 261
Chapter 22 How Do I Talk About My Security Program? 263
What Story Should I Tell? 264
Telling Stories 271
Whats Next? 273
Chapter 23 What Is My Legacy? 275
Making an Impact on the Industry 277
Making an Impact on Your Company 281
Whats Next? 283
Epilogue 285
Appendix: Resources 287
About the Author 291
Acknowledgments 293
Index 295