In this video, Marc Menninger reveals why employers want candidates who have a "depth of knowledge" in IT security and steps you can take to build your own depth of knowledge if you need to. Learn the three-step process for deeply learning any security topic. Discover the benefits of training others on your topic.
- [Narrator] You might find IT Security job descriptions which include the phrase "must have a depth of knowledge". This means that most employers don't want candidates who have just a superficial understanding of security. They're not interested in hiring someone who did just a little research on a topic. They're looking for people who have extensive experience in a given area of security. The good news is you can build your own depth of knowledge in security, if you don't have it already. When you find a security topic you enjoy, say, digital forensics, take it seriously and learn it inside out.
This is especially important if you'd like to get a job doing that all the time. Study this topic in your free time, attend sessions on it at security conferences, go to trainings about it, or take one of our courses on it. The point is to take that deep dive on it and learn it thoroughly versus just casually understanding it. Then, once you have a good understanding of the topic, find ways to implement your knowledge on the job. Even if it isn't a perfect fit, there are likely ways that the knowledge you're building can be helpful in your job.
For instance, if you're a help desk technician learning digital forensics, your knowledge can be very useful in the event of a security incident that requires forensic skills that no one else in your organization has. Finally, now that you have a good understanding of it, take opportunities to train others in your favorite security topic. As they say, while we teach, we learn. By teaching others, you force yourself to refrain everything you know in a way that other people can understand. That means you're training yourself a second time on the topic, and likely learning about it more thoroughly.
Plus, when you tech others, you're probably getting the best learning tool of all: questions. When people ask you questions you can answer, that confirms your knowledge but eliminates what you didn't cover in your training. And when someone asks a question you don't know the answer to, that's a perfect opportunity to expand your knowledge in that area. There are many ways you can train other people in your security topic. You can teach your co-workers during brown bag lunches, at company meetings, and through newsletters. You can also speak at conferences in chapter meetings for security professional organizations like ISACA, meetups, and other events.
You can also write articles and post them online through blogs or via LinkedIn. And don't hesitate to teach others even if you think your topic is too technical for them to understand. If even just one other person wants to learn from you, both of you will benefit. When you build a depth of knowledge, you benefit yourself by enjoying what you do, others when you share your knowledge, and your employer when you provide valuable service to the organization.
Marc closes with a few pieces of career advice specific to the world of information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- The job marketplace (government vs. healthcare, etc.)
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself