Sign up to save your podcasts
Or
Share Job Opportunity: Unqualified AND Underpaid
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Job Opportunity: Unqualified AND Underpaid
We spend a good portion of this episode of the CISO/Security Vendor Relationship Podcast mocking unrealistic job listings that ask for too many unnecessary credentials and on top of it aren't willing to pay a fair market rate. Did companies forget that it's a buyers' market right now in security?
On this episode of the podcast we discuss:
- The security semantics of "responsibility" vs. "accountability": Which one drives which behavior? And it is possible to try to compel one to the detriment of the other? See Chad Loder's post for more.
- How do you motivate employees to be concerned about security outside of hammering them with pen tests and fake phishing emails? If it hasn't happened already, those tests to see how secure your environment is may backfire. What can you do to instill secure behavior without testing employees to the point of annoyance?
- What do you think of this pitch? We get a split decision on a pitch of a company that's operating in a new category. Plus, advice on what never to do in a pitch.
- Unrealistic expectations for position descriptions: Job descriptions in the security field seem to be getting longer, with more certification requirements, and lower pay. What's going on and do companies who list these types of jobs realize they're only hurting themselves? In a buyers' market you can't just put out an unrealistic job posting to "see who will respond." It will actually damage your brand.
- Plus, a 10-second security tip (that's a few seconds longer): It's what you should be doing, but probably aren't doing.
- And a visit from the host of The Cyberwire: Dave Bittner, from The Cyberwire, joins us for a discussion about his daily security tech news show and to tell us about the launch of two more security podcasts.
As always, the show is hosted by me, David Spark (@dspark), founder, Spark Media Solutions and Mike Johnson, CISO, Lyft. Our guest this week is Dan Glass, former CISO (as of just a couple days ago) of American Airlines.
Special thanks to SpyCloud for sponsoring this episode. Learn more about how you can protect employees and customers from account takeover with SpyCloud.
Contributions. Contributions. Contributions.I am cranking out a ton more content for not just the podcast, but also the entire series so I am very open and receptive to story ideas, suggestions for segments of the podcast, or anything else. Just connect with me on LinkedIn.
Sponsor the podcastIf you're interested in sponsoring the podcast, contact David Spark at Spark Media Solutions.
View all episodes
By David Spark, Mike Johnson, and Andy Ellis
4.8
185185 ratings
We spend a good portion of this episode of the CISO/Security Vendor Relationship Podcast mocking unrealistic job listings that ask for too many unnecessary credentials and on top of it aren't willing to pay a fair market rate. Did companies forget that it's a buyers' market right now in security?
On this episode of the podcast we discuss:
- The security semantics of "responsibility" vs. "accountability": Which one drives which behavior? And it is possible to try to compel one to the detriment of the other? See Chad Loder's post for more.
- How do you motivate employees to be concerned about security outside of hammering them with pen tests and fake phishing emails? If it hasn't happened already, those tests to see how secure your environment is may backfire. What can you do to instill secure behavior without testing employees to the point of annoyance?
- What do you think of this pitch? We get a split decision on a pitch of a company that's operating in a new category. Plus, advice on what never to do in a pitch.
- Unrealistic expectations for position descriptions: Job descriptions in the security field seem to be getting longer, with more certification requirements, and lower pay. What's going on and do companies who list these types of jobs realize they're only hurting themselves? In a buyers' market you can't just put out an unrealistic job posting to "see who will respond." It will actually damage your brand.
- Plus, a 10-second security tip (that's a few seconds longer): It's what you should be doing, but probably aren't doing.
- And a visit from the host of The Cyberwire: Dave Bittner, from The Cyberwire, joins us for a discussion about his daily security tech news show and to tell us about the launch of two more security podcasts.
As always, the show is hosted by me, David Spark (@dspark), founder, Spark Media Solutions and Mike Johnson, CISO, Lyft. Our guest this week is Dan Glass, former CISO (as of just a couple days ago) of American Airlines.
Special thanks to SpyCloud for sponsoring this episode. Learn more about how you can protect employees and customers from account takeover with SpyCloud.
Contributions. Contributions. Contributions.I am cranking out a ton more content for not just the podcast, but also the entire series so I am very open and receptive to story ideas, suggestions for segments of the podcast, or anything else. Just connect with me on LinkedIn.
Sponsor the podcastIf you're interested in sponsoring the podcast, contact David Spark at Spark Media Solutions.
More shows like CISO Series Podcast
View all
Security Now (Audio)
1,983 Listeners
Risky Business
364 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
640 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
Hacked
181 Listeners
CyberWire Daily
1,017 Listeners
Smashing Security
316 Listeners
Click Here
408 Listeners
Darknet Diaries
7,952 Listeners
Cybersecurity Today
164 Listeners
Hacking Humans
312 Listeners
Defense in Depth
76 Listeners
Cyber Security Headlines
128 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
168 Listeners