We all know we need technical skills, certifications, or whatever an employer is looking for today.
There is a HUGE part of security that can be easily overlooked. And that is soft skills.
Soft skills are traits or attributes you’ve developed as a person or professional.
Do you work on your “soft” skills? I know I didn’t for a long time.
But it’s HIGHLY important in your security success.
I speak from experience because I’ve learned the hard way on this one! And still do…every single day.
This is the first of a 3 part series on 6 essential soft skills of any security professional.
In this article, I’m going to discuss 2 of the 6 soft skills.
These traits have been a key to any of my success as a security engineer. That and awesome co-workers (you know who you are!).
A quick story on this…
When I think about the traits we’re going to talk about, I think about difficulties I’ve had doing my job.
The arguments, disagreements, and meeting after meeting of frustration.
The frustration came from people that didn’t want to secure the system I worked on for one reason or another.
I’d always walk away thinking “I’m trying to help you!” But why did I meet so much resistance?
Or “I thought I was clear in the consequence of not fixing security issues.”
“How can they not see how important this is?” I’d say to myself.
Very few seemed to care and that was frustrating. I was fighting an uphill battle.
But I have, and sometimes still have the wrong attitude.
I expected people to act because “I’m the security guy! I know what I’m doing!” Right? Wrong!
After thinking about it more, I realized I wasn’t as clear as I thought. And I didn’t present the facts like I could have.
That’s why no one seemed to care. Because they either didn’t understand, or they didn’t trust my judgement. Both of those factors cause conflict every time.
After some personal reflection, I realized there were a few things I could be doing differently.
It wasn’t “them” that caused the problem, it was me.
I needed to develop better soft skills.
So I narrowed down 6 traits/soft skills I needed to work on every single day.
Traits that create trust, reduce conflict, and help get things done.
Traits that can make all the difference in your work.
The 6 essential soft skills of ANY security professional
In my course, Get a Cyber Security Job, I talk about professional attributes. These are the traits and soft skills I have found to be highly important in my career.
This article is dedicated to my short fuse in those meetings I talked about. (I seriously could write extensively on these meetings alone! 😉 )
In my course, I teach you in detail about these traits and their importance in cyber security.
The traits are:
- Team Work
- Problem Solving
Some of us have a few of these traits already. So you probably don’t need to focus on that.
But, I encourage you to work on ALL of these every single. As a professional, and a person!
Let’s look at these in more detail.
This one is obvious, but can be a lot harder than you think.
To have good ethics, it means to be honest and do the right thing.
It also means to NOT think about what’s in it for you. You can’t think about your ego, credit, or a need to prove someone else wrong.
We all want to be that person who saves the day! We want to hit that home run that wins the big game.
But, we need to put that aside when making security decisions.
Ethics is what’s best for the information you are protecting.
No credit or saving the day. Put the security of information and data first, and your ethics will follow.
When you can do that, others take notice.
They see your decisions, hear your comments, and start realizing your focus.
They realize you’re focused on helping. Not focused on your own ego or gratification.
Good ethics then creates humility. And that is one of the greatest human traits ever!
Communications (both in writing and in person) is REALLY important. But it’s also hard.
This is how you let others know what needs to be done. Whether it’s what’s required, your opinion, or trying to work through a problem.
To be a better communicator, use the ethics approach as a starting point.
Security of the information/data comes first! Focus on that!
Explain the facts, specific details, and reference others in your communications.
It helps show:
- You’ve done your homework.
- You’re focused on the problem, not yourself.
- You can point to other sources to support your position.
Here is an example of what I’m talking about.
What sounds better?
1. “Listen. You have to do this because [insert lame reason].”
2. “It’s important we do this because it will prevent an attacker from compromising the system. There is a security control that specifically talks about this in detail. It also tells us how to solve the problem. I have a good idea how we can do that. Here is a link to that info if you’re interested.”
Obviously the second answer is better right? It was a trick question!
But here is why #2 is better.
First off, never say “YOU”…right? It’s a virtual finger point at someone assigning blame.
Not a good way to communicate!
But when you incorporate “WE” and give examples on how to solve the problem, it has a better message.
It doesn’t scream “THOU SHALL DO THIS!”
It says, “we’re in this together and I’m trying to help.”
Plus, when you give outside references (links, other professionals opinions, etc.) it shows others are giving the same advice.
It’s been my experience that others are more agreeable to work with you and understand your method of communications better.
If you enjoyed this post...
Why not join our newsletter? You’ll get updates for FREE!
We value your privacy and would never spam you
Are you missing these security skills? Part 2: COMING SOON!
Are you missing these security skills? Part 3: COMING SOON!