How do you explain your job to non-technical people?
The role of a CIO is as much about achieving broad business objectives, as it is about technology, so most non-technical people I deal with readily understand what a CIO does. I typically explain that my job is to be the guardian of the company's computer and information resources. My primary focus is to apply those resources to better serve our customers, increase the value of our enterprise, and protect the company's assets from outside threats.
What part of your job makes you most proud?
My best days are when my team works closely with our internal customers to solve a difficult problem, or brings them a new capability that they never had before. When you hit a home run, you see it in the eyes of the users.
What's your information security dream job?
I'd like to help shape the future of information security working in a research environment to develop solutions that leapfrog where we are today. The possibilities are endless.
What would you use a magic IT security wand for?
I would wave the IT security wand over the enterprise and be able to see all the security breaches and all the leakage of critical data.
How did you get interested in information security?
Quite frankly, it is a major requirement of being a CIO. Protecting our employee information and customer information is paramount.
Any predictions for what the next five years looks like?
I'd like to see a more integrated solution for the enterprise that incorporates all aspects of security protection, including data leak prevention. I expect people will still keep their passwords on the back of their keyboard so the risk will not go away. I just hope it gets easier to mitigate.
Skills in demand
Corporate employers as well as many security vendors need security pros who offer identity management skill sets. It's all about granting system access to the right users and keeping the wrong users out.
Skill sets needed
You'll need to understand access controls, authentication, directory services, provisioning, LDAP, active directory, eDirectory, single sign-on and more.
Accumulate ID skills and you're compensation for corporate positions ranges between $80,000 at the analyst level to $130,000+ at the architecture/ manager level. Compensation for traveling security consultants or from security vendors can top $130,000.
Source: Jeff Snyder, SecurityRecruiter.com