this post was submitted on 09 May 2024
16 points (100.0% liked)
cybersecurity
3231 readers
1 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
My #1 recommendation is reading https://staffeng.com/book. There’s so much variance between orgs at this level (or worse, implied during a reorg).
One of the things that book helped me with is understanding the lens others view this level as four separate personas. That unlocked for me that you might be getting advice from people expecting something other than you’re going after.
Another lens is the product engineering v corp/cloud security world. They can act very differently and you often find these roles straddling 2-3 unique orgs.
Just remember there’s a lot of variance in higher level processes. Read the book above, then read 20 job descriptions for these titles. See if you can understand what they really want from the role.
<3 Threat Modeling <3