This week, we welcome Wim Remes, CEO and Principal Consultant at Wire Security, to discuss learning how to build an Enterprise Security Team, including how to find the right people!
Visit https://www.securityweekly.com/esw for all the latest episodes!
To learn more about our sponsors visit: The Security Weekly Sponsor's Page
Hat tip to @snipeyhead (Grokability) for that link. It’s very representative on how I feel I work best with people.
Is Information Security a specialisation of IT rather than a branch of its own? Opinions might be different. When are you “entry level” in security? In most cases you’re already pretty senior in one or more IT disciplines …
Hiring/Firing: There’s often a discussion on how you attract people. The biggest challenges are keeping them and letting them go. I’ve helped people that I sorely needed move to new jobs elsewhere. Why? They were not happy and I had nothing to offer them. The upside? 10 years later I got to work with them again.
Maybe take some time to discuss the “hire for potential instead of culture fit” adage as well.
Something I realized when I did more training than I did today. Most training programs are targeted at creating carbon copies of a certain “ideal” profile. That is so wrong. If we indeed hire for diversity and breadth of coverage across a team, why do we all make them tick boxes (GPEN, CEH, CISSP, …). We should train our teams so that they not only learn new skills but also grease the wheels of working together and at the same time learn who excels at what. What do you want? 3 people that have completed the GPEN, GCIH, CISSP, and CEH trainings (not even talking about certs) or 3 people with a certain overlap in skills but one that excels in network forensics, one that excels in Linux Forensics, and one that is badass at reporting?
The myth of the badass Security Expert
Let’s be real. There is nobody that covers the breadth of infosec as an expert. You can’t do it all. It’s that simple. Why don’t we as the perceived experts recognize that there are enormous gaps in our knowledge?
|[caption id="attachment_210" align="alignleft" width="120"] Matt Alderman - CEO[/caption]||[caption id="attachment_210" align="alignleft" width="120"] Paul Asadoorian - Founder & CTO[/caption]|
|[caption id="attachment_210" align="alignleft" width="120"] Wim Remes - CEO & Principal Consultant [/caption]|