Cygilant Blog

Key Qualifications for Information Security Professionals

Posted by Security Steve on Feb 10, 2014

Here at EIQ Networks, we’re focused on bringing companies information that will make their organizations as secure as possible. Today we want to focus on one of the most important parts of your information security program: your people.


Most companies store confidential information about their operations, clients and other parties in databases. Customers and other parties that give out their information do so with complete faith that it will be handled securely. Organizations need to invest heavily in data security to keep the data in their hands safe. Enhancing data security is not just a matter of formulating policies. More than this, you need the right personnel to enforce the policies, continuously assess them and improve them. You need qualified data security professionals.


Data Security is Much More than IT


Identifying the right candidate to fill the position of a data security expert in your organization can be a daunting task. Moreover, it can be disastrous for your company if you end up hiring an unqualified candidate.


One common mistake employers make is assuming any IT professional can fill the position of a data security expert. This is wrong. According to the International Information System Security Certificate Consortium, data security has evolved into a profession of its own with qualifications and certifications.


Below are some considerations to make when looking for a data security expert:


Job Description


Employers get ahead of themselves when they realize their organization’s security might have been breached. In panic, they start looking for a data security expert without having a proper job description. In the end, they get confused when applications come flooding in and they cannot choose a candidate to fill the position.


Because data security needs differ across organizations, it is important to define the job description of your ideal candidate. You should question what data security means in relation to your organization to know the qualifications to look for in a candidate.




According to Network Computing, security failure is tied to two things: unqualified staff and inadequate funding. You should afford paying the candidate you select for the position and provide the right tools needed for the job. Find a way to fit data security requirements within your budget without compromising on standards.




All through, we have been looking at the foundation you need to set before you start looking for a data security professional. Let us now look at the data security qualifications you should check when job applications start streaming in:


i) Experience – If you are seeking a top data security professional, consider the experience of the candidates. Experience in a related position means the candidate is conversant with industry standards on security. Hands-on experience on real data security situations should give an experienced candidate an edge over the less experienced ones.


ii) Vendor Certification – Security systems are specific and you will need a data security specialist who understands your system. The ideal candidate should be proficient and certified in the same security system you have or will be deploying at your organization. For instance, if your system is based on Cisco, a relevant qualification for the ideal candidate will be a Cisco Certification.


iii) Vendor-neutral certification – This certification indicates that the data security professional is conversant with various security standards. You should consider this certification if one of the duties of the candidate will be to formulate data security policies for your organization. A candidate who has vendor-neutral certifications understands the basic data security principles.


Match a candidate’s qualifications with your organization’s data security needs. This will eliminate the possibility of ending up with the wrong person handling your crucial data and information. However, your data security should not be pegged solely on a single individual but on the policies of the organization. 


Before you hire a security team, read these 10 Reasons to Consider Managed Security Services.



Tags: Data Security, IT Professionals, InfoSec

Most Recent Posts

Subscribe to Email Updates