Building Impactful Security Teams and Landing Your Dream Job with Tom Alcock

01/24/24 • 59 min

Join us for an insightful exploration of Security & GRC hiring with Tom Alcock from Code Red Partners. Tom illuminates their bespoke recruitment strategy, expertly aligning Security organizations with candidates who are not just technically proficient but also a cultural fit. We delve into the ever-changing world of Security & GRC employment, delivering actionable strategies for both industry novices and veterans. The conversation underscores the significance of perpetual learning and the power of networking in this rapidly evolving field.
Tom highlights the crucial role of community engagement in Security hiring, demonstrating how building a trusted network can open doors to extensive connections and opportunities. We discuss the pivotal moments when specialized firms like Code Red become invaluable, be it for large-scale recruitment drives or assembling foundational teams for emerging startups. This episode brims with insights for those contemplating the right time and approach to engage with recruitment experts who deeply understand the ins and outs of security organizations and the ever changing security landscape.
Wrapping up, we focus on Security & GRC career progression strategies. Tom provides pragmatic guidance on role transitions, from individual contributor to managerial positions, emphasizing the advantage of maintaining hands-on involvement in certain situations. We also venture into pathways leading to senior management and C-suite roles, sharing inspiring success stories and identifying the distinctive qualities of industry leaders. Tune in for a compelling discussion about forging a triumphant career in the dynamic world of Security & GRC.

For show notes, please visit The GRC Podcast website.
Sign up for our Bi-Weekly Newsletter

For show notes, please visit The GRC Podcast website.
Sign up for our Bi-Weekly Newsletter

Previous Episode

Making GRC Your Career Superpower with Chris Honda

In this episode of the GRC Podcast, we sit down with Chris Honda, a seasoned Senior Security Analyst at Whistic, who walks us through the multifaceted world of Governance, Risk, and Compliance (GRC). With his unique journey into the world of Security, Chris sheds light on the transformative nature of cultivating GRC expertise and the value those skills can bring to the business and security landscapes.
GRC Unpacked: More Than Acronyms
Chris starts by demystifying GRC, breaking it down into its core components: Governance, Risk, and Compliance. He shares an accessible approach to explaining these concepts to non-experts, using relatable analogies like the Rosetta Stone, underscoring the importance of GRC as the lingua franca that bridges the gap between business operations and security imperatives.
The Human Element in InfoSec
Delving into the art of presenting at conferences, Chris emphasizes the need to bring one's personality into play. By humanizing InfoSec, he advocates for presentations that resonate on a personal level, which in turn fosters a more resilient and relatable security culture within organizations.
Career Trajectories in GRC
Reflecting on his own path, Chris discusses how asking the critical question "why" catalyzed his move from finance to security, highlighting the role of curiosity in driving career progression within GRC. He reassures listeners that a background in IT is not a prerequisite for a successful career in GRC, as the field welcomes diverse professional experiences.
”Technical” Redefined
Chris challenges the misconception that one must be highly technical to succeed in security. He argues that problem-solving, communication, and understanding technology as a means to exceptional outcomes are just as crucial. This broader definition of 'technical' opens doors for GRC professionals to be recognized for their strategic and enabling contributions. (but also they should strive to have developer empathy and recognize stagnation in learning will significantly limit upward mobility, salary and future employability.)
The Convergence of Security and Privacy
Exploring the nuanced relationship between security and privacy, the discussion pivots to how these disciplines intersect within GRC frameworks. Chris provides insights into how evolving privacy laws create new opportunities for those passionate about privacy and compliance, demonstrating the dynamic nature of the GRC field.
The Specialist vs. Generalist Debate
Chris shares his experiences as a GRC generalist in a smaller company, weighing in on the benefits of wearing multiple hats against the deep focus of specialists in larger firms. He advocates for the value of generalist roles, highlighting their ability to manage a broad spectrum of GRC challenges and drive comprehensive security strategies.
Giving Back and Building Community
The episode wraps up with Chris reflecting on the importance of giving back to the GRC community. By volunteering and engaging in acts of kindness, professionals can cultivate a supportive network that not only fosters personal fulfillment but also strengthens the collective knowledge and resilience of the GRC industry.
Join us in this enriching discussion that promises to inspire both personal and professional growth, whether you're new to GRC or a veteran looking to reinvigorate your career with a fresh perspective.

For show notes, please visit The GRC Podcast website.
Sign up for our Bi-Weekly Newsletter

Next Episode

The Art of Resume Writing and Applicant Strategy with Gina Gabriel

In this conversation, Gina Gabriel shares inside information, tips and tricks for resume building that she accrued from over a decade of tech recruiting experience. Gina and I discuss the importance of resumes in career development and growth. We explore the resume review process, including what happens once job postings go live and resumes start coming in. We debunk common misconceptions about resumes and provide tips for making resumes memorable. We also discuss the value of referrals and networking in the job search process. Gina shares success stories of transforming resumes and offers insights into the storytelling aspect of resumes. Gina and I even conduct a live review of my actual resume, highlighting changes and recommendations. Gina provides information about her consulting services and offers free resources for resume improvement.

Unlock the secrets to transforming your job application from forgettable to formidable, as Gina and I share the tools you need to navigate the tumultuous waters of the job market. From uncovering the behind-the-scenes chaos of job postings to mastering the applicant tracking systems like Workday, our comprehensive chat is the beacon you've been seeking. Discover the potent combination of an impactful resume, the weight of employee referrals, and the nuanced art of tailoring your narrative to sail through the hiring process.

Step into the inner circle of application strategy, where we spill the insider details on making your resume resonate with recruiters and hiring managers alike. Through a live review of my actual resume, Gina and I show you firsthand how to stand out in the interview process by selling yourself as effectively as the slickest SaaS product. You'll learn how to format your resume to tell your professional story and how to wield your job titles like a seasoned marketer, ensuring your skills and experience capture the spotlight.

Concluding our journey, we explore the treasure trove of free resources that can elevate your job application toolkit to new heights, and Gina extends an open invitation to anyone seeking tailored advice for career advancement. Whether you're a fresh-faced job seeker or a seasoned professional, my conversation with Gina arms you with the strategies to not just land the interview, but to ace it and confidently step into your next career chapter. Join us, and let's turn the page together on your professional success story.

For show notes, please visit The GRC Podcast website.
Sign up for our Bi-Weekly Newsletter