Hypothetically, if my friend wanted to move from being a CISO at a large company to a consultant, what is the best way to go about it?

  • UniqueSanja@mastodon.social
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    @jerry@infosec.exchange Just have coffee at favorite consulting firms and start talking. Big or small, international or local. Focussed on non-profit or otherwise. Consider what skills you’d look for in a consultant and be honest with yourself. Find a firm that handles acquisitions if it’s not in your skillset or find a firm where you can learn this. Don’t be afraid to jump in.

  • Patrick Maddox@infosec.exchange
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    @jerry@infosec.exchange I don’t know if there is a glide path for it that doesn’t start with talking about this hypothetical with a wide range of people - generally a head hunter and then a bunch of CFO/CEO/COO’s who hire consultants that fit the persons demographic skill set. I spent some time trying to figure out if I was going to go the consultant path and ended up on the same track as before but I think I easily could have stood up my own practice.

    I’d tell your friend to just start talking with everyone in their network where it was reasonable to do so.

  • Iain McLaren@infosec.exchange
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    @jerry@infosec.exchange consider joining one of the big consulting firms. I expect that they would like your expertise and contacts

  • Bill@infosec.exchange
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    @jerry@infosec.exchange Seriously, buzz up @wendynather@infosec.exchange. She’s head of vCISOs at Cisco, and is honestly one of only a handful of human beings in the industry I would go work for. She knows a boatload about consulting as a CISO.

  • Florencio Cano@infosec.exchange
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    @jerry@infosec.exchange I would suggest to your friend that they think twice before doing that. Consulting is like being a CISO but you have more stakeholders to report too.

  • @ui3o@chaos.social
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    @jerry@infosec.exchange learn how to do consulting, it’s just a different profession from what she did so far. I guess she had years of learning and experience for her current job in management. With the same amount of learning and experience she surely can excel in another field.