What do you like about your job?
At AEGON Canada, security has full support from management. When we present risk assessments and review reports and solutions, IT and business units take them seriously.
I am glad to see our efforts make a significant difference.
We can act quickly without being buried in committee meetings.
What, if anything, bothers you about your job?
I have been working as an application developer, system administrator, tech support and network analyst for many years — all were hands-on types of jobs. Now as an information security analyst, I am no longer hands-on due to segregation of duties. It does not really bother me, but I do miss that a lot.
How do you overcome this situation?
Although I am not installing, configuring or managing the solutions I am implementing, I do provide step-by-step instructions for the implementation team. To ensure the accuracy of the documentation, I test-run every detail in the lab environment.
What aspect of your job makes you most proud?
My first two initiatives were to implement network time sync and automated patch management. But the most important procedure would be to establish a security baseline.
How would you describe your job to your friends and family?
If IT is a vehicle, security is the brake system. We are building confidence. Without a good brake system you wouldn’t drive fast.
SKILLS IN DEMAND
Premium pay for information security certifications fell 1.8 percent in 2005 versus a 4.2 percent growth across all certifications.
Any good news?
The average value of a single infosec certification still tops
that of all 95 certs surveyed: 8.8 percent (of base pay) versus 8.3 percent. Strong performers in the sector were: CISSP, CISA, SSCP, CCSP.
Will this continue?
No. Driving the 2005 dip was greater spending on new products/services and customer-facing systems. Expect continued security breaches, customer concerns, more regulation and demand for security consulting services to fuel an upswing.
Source: David Foote, Foote Partners (http://www.footepartners.com/).