It’s Not You, It’s Them: Build A Resilient Cybersecurity Career
In moves akin to the adversaries they purport to detect and/or prevent, security vendors are engaging in their own set of low and slow tactics in terms of workforce reductions. It’s hard to miss the LinkedIn posts detailing the latest security and tech layoffs trickling in, with targeted cuts coming from marketing and human resources as a starting point. And then there’s Patreon, which, in a baffling “strategic shift,” laid off its entire security team last week in favor of “external organizations.” Take it from multiple analysts that cover security services in various ways … someone has to watch the watchers, or things tend not to go well.
As a cybersecurity professional — no matter your company, role, or tenure — you could be affected by shifting macroeconomic headwinds and how your company chooses to ride them. Preparing for the worst means putting loyalty aside to build a career resilience plan with your goals and growth at the center. Use our advice below to get started before you are laid off:
- Remember that no one is indispensable … even in cybersecurity. No matter how secure you feel in your company or role, this is a great time to start cultivating new skills. Whether it’s learning a new programming language or security tool, pursuing a specialized security certification, working on your presentation skills, or just becoming more of a subject matter expert in your current domain, start working on it today. More skills give you more opportunities, and more opportunities lead to better compensation.
- Craft your “Shark Tank” pitch. Almost everyone experiences a layoff or firing at some point. Define your “elevator pitch,” describing who you are, what you do, and the situations in which you excel. Are you the kind of person that helps “senior executives tell stories with data to make decisions” or “builds relationships between experts and non-experts to drive collaboration”? Explain how you stand out and why. While constructing a pitch of yourself may feel strange, if you can summarize what you do best, it will go a long way to helping you land your next gig … and make it an even better fit.
- Update your CV before you need to — and go for it. There’s plenty of valuable advice online from recruiters, employee experience pros, and even cybersecurity leaders who talk about what they are looking for in applicants. The days after you get let go will be an emotional roller coaster, and the last thing you will want to do is start crafting a new CV. One tip: Use the job description of the role you are in now to help get your updated resume started. Take care of this prior to a layoff, and keep it up to date so that, in the days after you are let go, you can hit the ground running: When your personal network asks you to send over a resume so they can refer you internally for a gig, it’s ready and waiting. Now would also be the time to go for those “stretch” gigs that you consider just out of reach. A 2019 LinkedIn study found that women are 16% less likely to apply for a job after viewing the description and apply for 20% fewer jobs than men as a whole. Remember that firms ask for the moon on job postings, but most requirements are often preferences. If you’re 75% there, go for it and sell your relevant experience.
And if you have been laid off, take these next steps:
- Update past and current mentors … and find more. That person who helped you find your current job … have you kept them up to date on your recent accomplishments? You’ll want those who are, or have been, in your corner to know what new skills you’ve acquired and what you’re most interested in doing next. Connect with key mentors and find more regularly — not just in a moment of need — and use those meetings to take in new ideas and brainstorm new paths.
- Ask if any discussion groups, spreadsheets, or channels exist for displaced employees. When layoffs such as the ones at Patreon and others occur, there’s often a grassroots initiative for those affected to opt in to spreadsheets, channels, and apps to list their information, position, experience, and more. Recently, the Wall Street Journal reported on the commonality — and speed — based on referrals through collaboration apps such as Slack and Discord, which became common discussion venues for remote workers but now help route people to potential employers.
- Use social media to leverage old connections and find new ones. The network effect is a business model because it works, so take advantage of it. Use social media to announce your availability and what you are looking for, and don’t be afraid to ask for help. Do not be ashamed or fear going public when you are looking for a new gig — your connections often understand you and where you’d be a good fit, can advocate for you to hiring managers, and can give you the inside scoop on a potential employer. Let others lift you up and use their reach to help you land … and then pay it forward when it happens to someone else.
- Customize your resume for every role. No role is “one size fits all,” and your resume shouldn’t be either. The truth is that automated systems and human beings involved in the candidate pipeline may filter out entirely viable candidates because specific words, phrases, or descriptions do not line up perfectly with the details specified for the role. To avoid missing out on opportunities you could fill, when necessary, tweak your own resume to line it up with requisition to maximize your chances of getting by gatekeepers.
Want to learn more about career planning in security? Join us at the upcoming Security & Risk event November 8-9 in Washington, D.C. where I’ll be presenting a keynote entitled From CISO To Chief Trust Officer: The Next Step Forward In CISO Career Paths.