As our globally competitive and hyper-connected digital marketplace has grown, so too has the field of risk management. Organizations are establishing comprehensive enterprise risk management programs to streamline security processes, mitigate risk, and meet compliance.
This shift is leading to the 'operationalizion' or embedding of IT security into broader business and IT functions. As such, security professionals can expect to see growth in operational process and control areas including risk assurance, data governance, technology governance and risk compliance, legal compliance and standards, digital rights management, privacy, cybercrime investigation, forensics and e-discovery, and identity management.
Job titles are already showing movement in this direction: Hybrid and newly created roles such as Chief Data Officer, Legal Technology Risk Officer, Information Risk and Compliance Officer, Cyber Law and Compliance Officer, etc., are already emerging and creating new disciplines and direction for security professionals.
This means that practitioners have broader opportunities for specialized and converged areas including information risk management, data governance, technology law, regulatory compliance, operations, cyber assurance, and intelligence, to name a few.
However, as more experienced professionals become available, technical competencies that were once highly sought in the marketplace eventually become a commodity, become redundant, or move offshore. So the question becomes, what are the keys to career advancement and success?
A strategic and tactical plan that outlines key goals and resources and is helpful. The plan should include:
- Self-Assessment. Who are you? Where are you now? Where do you want to be?
- Career Assessment. What have you accomplished? What experience, education
training and soft skills do you still need?
- Goals & Objectives. Match your goals with a timetable and strategy to get there. If
you are not sure what that is, that's OK; keep going and keep mapping.
- Consideration of Key Strengths. Leverage your expertise, what you like and what
you do best.
- Resume & Bio. Develop an impressive, polished, well-written and up-to-date
resume. It should be a synopsis to showcase your experience and background,
highlighting areas of accomplishment, business acumen, and expertise. Also
maintain a short, one paragraph bio of career highlights. It's also a great way to
track your accomplishments!
- Credentials. Continuing education, training, certifications, licenses and advanced
degrees will always be a part of staying relevant in the IT-related workforce. Keep
an eye out for certification trends going forward.
- Positioning. Get involved in your organization's initiatives, special projects,
community and volunteer activities. Increase professional recognition with
speaking engagements, white papers, media briefings, presentations, and
publications.
- Plugging In. Join professional social networks and industry forums, increase your
knowledge and expand industry relationships and contacts.
Mentoring. Find a mentor, a coach or trusted person who has skills and insight to
help you evaluate, identity and achieve your goals.
- Characteristics of Champions. Integrity, confidence, emotional intelligence, and
business acumen are sought-after traits for any employee. Risk management
professionals will also need the ability to engage, communicate, strategize,
collaborate, execute, lead by example, and provide mentorship.
The shift toward risk management brings growth opportunities for security professionals to broaden their partnerships and alliances across business units and among their greater community of peers. To nurture a career in a changing risk climate, focus and determination are critical. Keep in mind opportunities for advancement, professional fulfillment, earning power, respect and recognition while on your career journey.