Title and areas of focus:
– Range of skillsets and specializations/focus – InfoSec is not all hacking and pentests
– Being an expert without being an expert in everything
– Resumes and Interviewing
– Lifetime of learning
– Gradual advancement: gaining a depth of experience takes time
– Audit vs Consulting
Notes on areas of focus:
Range of skillsets
– Variety of technical and governance/business development types of roles
– Audit, consulting, network design, system monitoring, risk management
– What skills should a person working in InfoSec have?
Being an expert without being an expert in everything
– Increased pressure as a woman to “know it all” (usually self-imposed)
– Relying on your team and being comfortable within your area of expertise, being able to admit you don’t know, and knowing where/how to find the answers
– Keeping up with changes in technology, without feeling like you’re drowning
Resumes and Interviewing
– Technical vs Governance roles – what skills should you communicate
– Using concise language in resumes (key word search for larger companies, typically benefit males)
– Interviewing to show your strengths but admitting your areas for growth
– Certifications: CISSP, CISSM, Security+, SANS GIAC Security Essentials, CEH Certified Ethical Hacker
Lifetime of learning
– The world of technology and thus InfoSec is constantly changing. How do you keep up? To what degree do you keep up?
– Having a focus, getting involved in InfoSec communities
– It’s not a race to the top. Take the time to gain experience you need.
– Beginning with grunt work – enjoy the time to focus, as you move up you may miss it
– Benefits of knowing “how” something is put together – tech and governance both
Audit vs Consulting
– Difference of minimum requirements vs advice on building a secure program
– Different skill sets, different depth of experience, different career paths/certifications
Lori Blair, Senior Security Analyst and vCISO
Lori is a seasoned Information Security professional with over 30 years’ experience in information security and risk management. During Lori’s career, she has been involved in a number of organizations that have assisted in the creation and updates to information security standards and regulations including but not limited to ISO27001, SOX, FFIEC Handbook, and HIPAA.
Megan Larkins, Security Analyst and vCISO Team Lead, FRSecure
Megan Larkins, CISSP, is a member of FRSecure’s Information Security consulting team who’s driven to help organizations of all sizes recognize the urgent and critical nature of taking an active role in information security. With 8+ years of information technology leadership experience, Megan thoroughly understands the challenges of addressing the wide range of responsibilities that frequently fall into the bucket of an Information Technology department.
Brenda Bjerke, Sr. Security Director, Target
She is Senior Director, Information Risk Management at Target. In her role, she leads Policy, Risk & Compliance teams for the enterprise. Brenda has earned a Bachelor of Applied Business and Masters of Business Administration. She is also a Certified Information Systems Security Professional (CISSP) and Certified Information Privacy Professional (CIPP). An important aspect of her life is her family including two teenagers. In her free time, she enjoys exercising and trying new restaurants.
Kat Traxler, Security Analyst, Best Buy
Evan Francen, CEO and Founder of FRSecure, bio found here
We are looking for Volunteer Leaders, More Info and you can sign up here: 2019 AnitaB.org Volunteerism Levels
Click here to Register: