How do you describe your job to average people?
I tell them I'm the cyber patrolman on the county's internet super highway. We go out of our way to explain the transformational role our IT services yield for the county's agencies. Our ability to let them tap the power of things like handheld devices and wireless connectivity lets them provide a better service to the taxpayer.
What do you think needs more attention?
Two things — sustaining current IT security exchanges between industry and government, and keeping consumer awareness at the forefront. I'd like to see more cooperation between the major software and security players; they need to enhance the sharing of cyberthreat data.
What annoys you?
Terrible Patch Tuesdays. Also, disingenuous companies that make claims they can't keep. Even worse, try to sell me something by "fearing me" into a decision.
What security threats are overblown?
I think the threat picture used to dissuade enterprises from mobile employees is real — but too often cast as why telework is not feasible. Secure remote access offers every organization tremendous advantages, and there are proven tools and practices to manage the threats around targeted malware, client-side vulnerabilities, configuration and patch issues, and so forth.
Skills in demand
Across the divide
There is a need for security focused project managers capable of collaborating with multiple stakeholders and executing on time and within budget.
The good news
Organizations face significant risks when mission critical IT security projects fail. As a result, the demand for security focused project management professionals (PMPs) is growing dramatically within corporations and consulting firms across the country. In addition to the PMP, certifications such as the CISSP and CISM, are highly valued.
A nice living
Compensation is strong with bases ranging from $100K to $150K plus incentives.
- Source: Jeff Combs, Alta Associates, Inc.