Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Slides:



Advertisements
Similar presentations
The IT Staff of the Future: The Importance of IT Business Alignment for Staff Development Katherine Spencer Lee Executive Director Robert Half Technology.
Advertisements

Alex McCracken Director of Operations. Found out I was on the layoff list November 2009 Officially laid off January 2010 Joined Project Management Institute.
Life Science Services and Solutions
© Copyright Executive Blueprints Inc. All Rights Reserved A Suite of Services Organizational Alignment Organizational Development Executive Coaching.
The Seven Steps to Success “ I don't want to get to the end of my life and find that I lived just the length of it. I want to have lived the.
CUPA-HR Strong – together!
Strengthen Your Career by Effectively Marketing Your Credentials Cheyene Haase BC Management, Inc.
Elevate Your BC Career Presented by: Cheyene Haase of BC Management, Inc. The Skills, Experience and Credentials in Demand for Business Continuity Professionals.
Designed by: Monika Sodhi Ace Professionals
1 Careers in the Investments Industry II: Financial Planning Private Wealth Management Winter 2012 Personal Finance: Another Perspective.
Viewpoint Consulting – Committed to your success.
Manage and Safeguard Your BC Career Cheyene Haase BC Management, Inc.
Welcome ! The Office of Career Development Preview Day 2003.
Manage Your BC Career Cheyene Haase BC Management, Inc. Elevating Your BC Career & Assessing Your Worth.
Building Value into the Hiring Process
Realscape Understands Human Capital Matters The productivity and success of a business is dependent upon the knowledge, skill and energy of every employee.
Emerging Trends in Job Market. Emerging trends in the job market  The world of work is changing in myriads of ways and at rapid and intense speed  Technology.
Tools and Software  Globalization, competition and technological trends, and changes in the workforce make finding and retaining talented employees.
Computers Are Your Future Eleventh Edition Chapter 10: Careers & Certification Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Part 4 PowerPoint Presentation by Charlie Cook Copyright © 2003 South-Western College Publishing. All rights reserved. All rights reserved. The Role of.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Lean and (Prepared for) Mean: Application Security Program Essentials Philip J. Beyer - Texas Education Agency John B. Dickson.
Deloitte Consulting SCOOPS Session September 2003.
Part 1 The Nature of Staffing
FHF McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Career Mythbusters 2.0 Lee Kushner May 16, 2012 NY Metro ISSA Chapter 1.
Part 1 The Nature of Staffing Staffing Models and Strategy Copyright © 2009 by The McGraw-Hill Companies, Inc., All Rights Reserved.
Chapter 18 The Chief Information Officer’s Role. Introduction Drucker said, “Effectiveness, in other words, is a habit; that is, a complex of practices.
C r e a t i n g S o l u t i o n s B u i l d i n g C a r e e r s 1 Professional Opportunities Orientation Program David Churchill Director of Project Management.
HR Practices For I/T Success. THIS REPORT PRESENTS I/S HUMAN RESOURCE PRACTICE RESEARCH FINDINGS WITH THE FOLLOWING OBJECTIVE Understand HR practices.
Part 1 The Nature of Staffing Chapter 1: Staffing Models and Strategy McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc., All Rights.
Clarity Today – Confidence Tomorrow IT Certification Skills Clarity Today – Confidence Tomorrow switchboard:
Aligning HR & Business Strategy. “The long-held notion that HR would become a truly strategic function is finally being realized.”
Culture change through leadership Amanda Singleton Group Executive: Corporate Communication Telkom.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Human Resource Staffing and Performance Management Introduction
LINTON UNIVERSITY COLLEGE SCHOOL OF CIVIL ENGINEERING Dr. Deepak T. J. CE – 2211 PROFESSIONAL SKILLS Review: Skills and Experience.
Company Profile A&T Consulting. SOMETHINGS JUST STAND OUT You know the kind, the ones who do their job and then some. They bring more than skill, they.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
Setting Up and Sustaining a PMO/PMCOE: Real Life Experiences.
May 24, 2015 Scottsdale AZ Use Social Media to Enhance Employability and Communication.
Ask a Recruiter: An Insider’s Guide to Getting Hired Co-sponsored by the Hiatt Career Center and the Brandeis International Business School.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
The Recruitment Strategy Meeting Randall Birkwood.
Recruiting and Hiring Top Talent Alan Kinsey
1 I.U. Professional Opportunities Orientation Program Kristin Gaines Manager, Global Financial Support & Services.
| CDW.com/PeopleWhoGetIT CDW’S JOURNEY TO INTEGRATED TALENT MANAGEMENT Presented by: Dr. Tess Reinhard- Sr. Director of Organizational Capability.
I.U. Professional Opportunities Orientation Program Kristin Gaines IT Manager.
Connecting Here There Angie Beltz VP, Cisco Solutions Group Tech Data.
Unifying Talent Management. Harnessing the Power of Workforce Intelligence in Talent Planning to Drive Business Performance.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition.
The Food Talent Network
Challenges and opportunities for the CFO
Welcome Mass Placements Vijayanagar Bangalore.
Identify the Risk of Not Doing BA
Employer and HR Perspective
TALENT ACQUISITION SPECIALIST. 2 Talent Acquisition 2018 Trends Hiring Top Talent Remains Critical Game has changed, and it’s harder than ever of employers.
Messaging: A New Approach for Executive Conversations:
A look at our presentation agenda
The Food Talent Network
Needs Contribution Statement
Deloitte Consulting LLP SCOOPS Session
MAZARS’ CONSULTING PRACTICE
Organization Design Project support overview Presenter's Name
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
KEY INITIATIVE Finance Function Management
Gartner for Sales Leaders
Sales strategy Project support overview Presenter's Name
Presentation transcript:

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License. The OWASP Foundation OWASP AppSec June 2004 NYC Emerging Roles in Application Security Hiring trends and career strategies. Jeff Combs Senior Recruiter Alta Associates, Inc

OWASP AppSec Overworked AppSec Professional’s Drinking Song 99 vulnerabilities in the code, 99 bugs in the code, Fix one bug, compile it again, 101 vulnerabilities in the code. 101 vulnerabilities bugs in the code, 101 bugs in the code, Fix one bug, compile it again, 103 vulnerabilities in the code…

OWASP AppSec Alta Associates, Inc. Specialists in Information Security 17 years of experience Security focused since 1994 Front row seat to the growth of an industry Builders of wide and deep professional networks High level perspective on emerging trends and developments in our industry

OWASP AppSec Corporate Clients Financial Services Healthcare Manufacturing Pharmaceuticals Retail Utilities

OWASP AppSec Professional Services Public Accounting Firms Pure-play Information Security Consulting Firms Product Vendors with consulting services Managed Security Service Providers Management Consulting

OWASP AppSec Product Vendors Software, Hardware, Research and Development Founder level startups High growth up-and-comers Established companies needing fresh talent Industry giants

OWASP AppSec August 2001 A CISO from a major investment bank called asking for help and said: “ I don’t know if this person exists, but I know what I need them to do.”

OWASP AppSec I’m looking for someone who can: conduct vulnerability assessments on new and existing applications. work with developers to address vulnerabilities and remediate problems. teach developers how to write better, more secure code act as a liaison between Information Security and application development teams firm wide

OWASP AppSec Someone who: has an application development background understands and has a passion for security is outgoing and a good communicator.

OWASP AppSec Fast Forward Due to an increase in awareness (partly due to the efforts of OWASP and the highly publicized challenges faced by companies like Microsoft) … Application Security is an issue that every organization is working to address. Application Security has become a specialization within Information Security Newly defined roles and career opportunities are emerging.

OWASP AppSec Application Security Opportunities Professional roles in Application Security are in a constant state of flux. They’re currently being defined and continually being redefined. The goal is the same: address application related vulnerabilities, minimize application risk. General Role Profiles….

OWASP AppSec Corporate Application Security Roles Key objectives: Assessing, reviewing, remediation Evaluating application risk Promoting awareness Educating developers Providing SME to ongoing and new projects Understanding compliance issues, standards

OWASP AppSec Professional Services Key objectives: Evaluation of Application development processes and procedures Infrastructure and platform security testing Review of the application's architecture and source code Functional security testing, Penetration Testing Secure application development Provide recommendations Fly off into sunset

OWASP AppSec Vendor roles Key objectives: Application security tool development Vulnerability research and development Product development Position types: Professional Services / Sales Engineering Product Evangelizing / Strategy Product Management Sales and Marketing

OWASP AppSec Career Development Strategy A Big Picture View

OWASP AppSec DISCLAIMER The advice I’m about to offer is not given to help you write a better resume, figure out which certification to get or pick which tie to wear on an interview. The insight I’m about to provide is deceptively simple in nature but if used and applied appropriately, both short and long term career success will result.

OWASP AppSec Culture Shift Aside from the traditional qualifications that get people hired like hard skills, technical knowledge and experience… there is a culture shift within our industry that every security professional needs to be aware of, and a way to stand out above your peers that will give you an advantage when seeking your next position.

OWASP AppSec Backroom to Boardroom Technology is taken for granted. Information Security is less and less considered an elite “dark art” by executive management. In an effort to better align itself with business objectives, Information Security is being redefined as an Operational Risk Management discipline.

OWASP AppSec What does this mean to you? It means that no matter where you stand, from technically focused engineer to executive management with an acronym for a title… you need to understand the work you’re doing in the context of the business you support, the forces that affect it and the priorities that shape its direction.

OWASP AppSec Why? Because it is more critical than ever to be seen as part of the solution, to be seen as an enabler and to be seen as a person who “gets it” in the eyes of decision makers. This is the way to gain credibility and visibility with those who have an impact on the success of your career.

OWASP AppSec HOW? Know and understand the industry you support. Understand the language of business and learn to define your efforts as a security person in this context. Learn the discipline of Risk Management and use this knowledge to help you develop better risk driven Security solutions.

OWASP AppSec Standing Out, Standing Apart Despite the fact that Application Security professionals with the right combination of hard and soft skills are in high demand, there is always competition for the best jobs. To rise above the competition and stand out as the better candidate you need to find ways to differentiate yourself.

OWASP AppSec Ways to Differentiate  Technical ability, experience and exposure  In-the-trenches Application Security experience  Involvement with OWASP, industry groups and research projects  Published papers, speaking engagements  Tool and methodology development Having real world application security experience is a significant differentiator but this will only help in the short term while market demand is hot. Unfortunately, most of us will still have to work beyond this timeframe and need to plan accordingly.

OWASP AppSec Ways to Differentiate – Beyond Technical Ability Find ways to define your accomplishment in terms that are relative to the success of the business you’re in. increasing revenue reducing cost saving time saving resources executing enacting change enabling

OWASP AppSec The Results Employers and decision makers will view you as: well rounded, business savvy, progressive, professionally mature, and most importantly… as someone who stands out from all of the other people they’ve been interviewing or considering for promotion.

OWASP AppSec That’s all folks….

OWASP AppSec Thank you. Alta Associates Inc. Leaders in Human Capital Risk Management

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.