IT security pros mentoring each other for career growth

Mentor program, InfoSec Mentors, eases information security industry

Information security is a tough field to break into and a growing group of information security professionals are finding that it's a whole lot easier if someone has their backs.

Women in IT: The long climb to the top

A program started in March called InfoSec Mentors has already paired more than 100 mentors and mentees who share their expertise on technology as well as broader issues such as how to define and achieve career goals, spread their ideas about the industry and overhaul their resumes.

"I wish there had been something like this when I was trying to make my start in the industry," says Melissa Fagan, who organized the program after hearing a talk about the one-day mentor program organized by Stacy Thayer held this spring at the Source Boston conference.

Since then she has driven InfoSec Mentors by soliciting participants and matching up more veteran professionals with relative newcomers or those who are looking for guidance in making career changes.

The group got a shot in the arm recently at the Security B-Sides conference in Las Vegas where 30 more people signed up for the program, she says.

A survey of participants showed that 20% weren't making a productive connection with the mentor or mentee they were paired with. In those cases, Fagan finds them another partner. Mentors have backed out for a variety of reasons including insufficient time to devote and a mentee's interest in black-hat hacking.

Another 20% who said they were very satisfied were actively working on projects together such as resume tuning, starting up blogs or doing programming exercises. "Anyone who worked on a project was definitely satisfied," Fagan says.

The other 60% said it was too soon to declare the program a success or failure because they hadn't done much yet, but they could see that it would be successful once the relationship kicked in, she says. So far everyone who has volunteered has been matched but there are no guarantees.

Jack Kowalsky, a mentee who has been doing DOS and Linux administrator work for the past six years, has been paired up with a Web application security professional, Dave Rook, in Ireland. They've corresponded about how Kowalsky can prepare himself for an infosec career and met in person for the first time at Security B-Sides.

They've authored blogs together about application security and discussed the practicalities of how Kowalsky can move more into that area. "I'd read and studied, but I really didn't know anyone who did this for a living," he says.

Scott Hazel is both a mentor and mentee. His mentor, Tom Eston, is an expert on security of social media. Eston helped Hazel set up a Web application testing lab where he hones his skills. "It helps to talk to someone," Hazel says. "Am I looking in the right areas that are relevant to the industry today? We talk about technical questions, but also step back asking, if I want to transition to that industry, what should I look for?"

On the flip side, Hazel is mentor to an Austrian focused on malware analysis and reverse engineering. "I share my expertise if I've got any in the particular area he's looking for," says Hazel, who has 10 years experience as a penetration tester and consultant. "He really was looking to talk to someone about how to advance in the security industry."

Michelle Klinger, a qualified security assessor from Dallas, says her relationship with a mentor is peer-to-peer and has already helped her rule out one career path. She considered consulting businesses to remediate problems QSAs found in corporate networks, but her mentor told her that would mean more time away from home than she was willing to spend. "We're still working on what the next plausible steps will be," she says.

Meanwhile, she's writing a blog that lets her air her thoughts about, among other things, how PCI standards might be improved. "I don't just want to say it's bad, I want to make it better," she says.

Her mentor has given her some creative assignments including watching the old Clint Eastwood movie "A Fistful of Dollars" with an eye toward discovering lessons it teaches about IT.

"I suspect he'll be able to help me negotiate the political part of the [infosec] community," she says, and that the relationship will last a long time. "I don't see it ending."

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?