A painful job search: One IT security pro's story

Executive positions are difficult to find, especially now.


We can blame it all on this dastardly economy, but even in good periods, qualified individuals find it difficult to land a job as an executive.

Just recently, I applied for a job as a director of information security. The position reported directly to the company's hiring manager (CIO). It was widely advertised at the company, so many of my friends and colleagues knew who the hiring manager was. I had already contacted the CIO directly, and had subsequently been introduced to him and recommended by other CIOs who knew him well, so the hiring manager immediately emailed me to say to contact the HR director for an initial phone interview, and to call him later that same day.

Both interviews went extremely well, with conversations lasting well over an hour. We covered the challenges that I could address, and gravitated to small talk on our past experiences. We clicked and had long, enjoyable conversations. The CIO said he would bring me in for a face to face meeting the following week once he had a chance to interview other candidates.

Deep down I was overly cautious, having been burned in the past, as I explained to another candidate who had applied. I said, "It would appear to you I'm a natural shoe in, or on the CIO's short list by knowing so many people, and from the work I do. But it is getting to the point that it no longer matters who and what you know, not even if you're a close friend of the hiring manager."

Being well known in the industry and the local IT community, I knew who these other candidates were, and we shared much information. It is a small world.

In the weeks that passed, I sent the CIO two follow-up emails, I also emailed the HR director in California. All three were met with silence. I also left the CIO two voice mail messages, one on his office line, the other on his personal cell phone, and neither was returned. After three weeks, I received a phone call from the HR director telling me the CIO was unsure about the position. He was contemplating diminishing the role to a lesser grade and I was, of course, overqualified, and so were the other candidates.

The HR person did offer to help me network. He was just as puzzled as I was, and I explained what many information security executives go through. Through subsequent conversations with the other candidates, I learned that the CIO hired someone in an engineering role.

I was not surprised. This has happened to me on countless occasions, as it has with many others across the country.

Here are some of the problems we job seekers are up against.

Corporate Russian Roulette

Is it the current economy that forces companies to ask employees to do more for less? Is it the misconception that companies don't really know or understand the enormous value that the CISO/CSO can bring to the table?

I have notes recorded in a vast database where I track and document every detail of every job. It is an aggregator of executive level jobs posted across the country that I and others have applied for. It includes the job descriptions, contact information, conversations, email correspondence and communications with other candidates who applied. Interesting enough a pattern is emerging, where a director's job or even that of a CISO/CSO is diminished abruptly to that of an analyst/engineer role, or the job is placed on indefinite hold.

This characteristic pattern is directly responsible for the myriad security breaches happening at many organisations.

"Recommended For You"

The best way to find and keep IT staff Why CEOs prefer old-fashioned networking when hiring