Say Hi to the New Guy: How Diverse Backgrounds Can Mature Your Security Program

Presented at Blue Team Con 2022, Aug. 27, 2022, 5:30 p.m. (30 minutes).

In a sea of candidates, why should you consider hiring a teacher as a SOC analyst? In what world would you hire a salesperson as a pen tester? As the need for more holistic security professionals grows, the Infosec field has a unique opportunity to address security concerns by leveraging the unprecedented number of converts from seemingly unrelated field. The bad guys will always continue to develop and evolve their techniques, so strategic organizations are finding success pulling from more diverse backgrounds. Fresh thinking and function-specific experience can help these diverse defenders protect data and the basic human right to security and privacy. Let’s talk about the influx of new blood, strategic positioning, and how qualified professionals from other industries can leverage their experiences to benefit your security team. Session attendees will leave with: 1. Advice on qualities to look for when searching for non-traditional team members – what can we give HR to help them help us find the right people? 2. Tips for supporting employees with non-traditional backgrounds in demonstrating their strengths 3. Real world examples of diverse backgrounds uniquely benefiting security programs

Presenters:

  • Ross Flynn - Senior Consultant, Echelon Risk + Cyber
    Ross is a husband, musician, escape room expert, and hot sauce connoisseur who happens to love his job as a Cybersecurity consultant. Prior to his career in Infosec, Ross was a family preservation counselor in the social services field where he helped families involved in the Child Welfare system identify strengths, develop healthy boundaries, and ensure a safe environment for their children. After a major career switch, he started down the path of ethical hacking, risk management, and business continuity. On a normal day you might find Ross performing a penetration test, conducting an incident response tabletop exercise, writing disaster recovery plans, or performing NIST, PCI, or Maturity assessments

Similar Presentations: