The Importance Of The Interview For Your Security Personnel

2228

informationYou have no firewalls. You have no encryption. There’s not a policy or procedure to be found. In fact, there’s very little in the way of “security” anywhere in the company. That’s ok! Because you’ve hired a highly-qualified security professional and stressed in the interview process that security is the new priority. That they will bring about a change in the enterprise and start a new era of a secure culture where everything is done with a security mindset. Sounds fantastic! The opportunity to mold a security program from the ground up with executive support. What security professional would pass up the opportunity to build and run a security program the way they’ve always dreamed?

The 30 days following this hire become crucial. What happens when the professional you hired to hit the ground running actually does it? They start building governance framework. They start getting vendors on the line and developing a relevant and cost-effective security stack. They draft a security training regimen. They do all the things necessary to start developing that framework you hired them to build. How do you respond to this?

The Best Way To Respond

The best possible thing you as a leader can do is to encourage this. Get out of their way. Provide guidance in the way of incorporating business strategy and business culture and let them do what you hired them to do. Give them feedback when asked. If the final product needs fine tuning in order to get full executive buy-in, then by all means! Polish away! Make the governance shiny and pretty and executive digestible. Make sure it fits within the overall strategy of the IT department and the corporate vision as a whole. You hired this individual because they were the best of the bunch and you had the confidence that they were up to the task. So let them take the task and give them the leeway to perform.

The Worst Way To Respond

calling Closing lines of communication. There is nothing worse in the security world than to see communications cease from your leadership. No comments on document drafts or replies to pricing quotes can make your newly hired security asset feel isolated. Furthermore, diminishing the role from what was advertised in the interview can be demoralizing. It can leave them feeling untrusted and frustrated. Hiring a highly-experienced security professional and taking their job down to that of an entry level analyst is, at the very least, insulting.

When it comes down to it, the lesson here is to not promise more in the interview than what you can really give. You can paint an optimistic view of your open position without setting unrealistic expectations. Be forthcoming with the challenges involved and transparent about what the journey ahead will look like. It sets the tone for their entire experience with your organization and can ultimately make the difference in whether or not they succeed… or stay.

About Joshua Bregler
joshua-breglerJoshua Bregler was born in Tucson, AZ and raised in Alamogordo, NM. After completing four years of service United States Marine Corps as a Sergeant, Josh transitioned back to New Mexico to work for the Department of Defense in it's Research and Development IT space. This experience carried through San Diego and on to Boston, including HewlettPackard, the Space and Naval Warfare Command, and the Defense Contract Management Agency. This led to a Security Architect position at Abt Associates, an international think tank based in Cambridge, MA. After gaining experience as the Senior Director of Security for AMAG Pharmaceuticals, Josh went on to itslearning, a SaaS based LMS, to lead their security efforts.
In this article