I have started a position as a Senior Specialist, Security Awareness and Training at Acadia Healthcare. I’m excited for this opportunity because it’s a role that’s only more recently started to get some traction. I’ve been doing security awareness activities at previous organizations as a part-time thing. I’m excited to get the opportunity to really focus on security awareness training. It’s something that has been seen as a checkbox for a lot of organizations. I think it can be more than that. I think it can help build a security culture and foster a security mindset at an organization which result in a more secure organization.

I’ve been in a bit of a career transition the last 2-3 years. I’m not looking to get super technical. I’ve been in management and would probably be okay going back but I don’t play the political game as well as other. Reflecting over these last few years, I discovered that I enjoyed educating others. It’s actually something I wanted to do since high school but the only path I saw then was a high school teacher and I wasn’t really interested in leaving high school only to return shortly thereafter.

In the Navy I got the opportunity to go through instructor training and do some training while being an electronics technician. That led to me getting into the information technology field and eventually into security. At previous roles I’ve always either created content for distribution or presented internally. This past fall, I started looking for security awareness roles and found that several organizations were hiring for security awareness roles. This fit well with my desire to educate and where I was at in my career. I have a generalist background so I can speak to a variety of different fields within security.

I want to make security awareness interesting and impactful for an organization. Not just a checkbox. In my view I am here to foster and improve the security culture at the organization. To do that I’ll have to be creative and identify what engages people to think more about security. I’m excited for this challenge. I see people as the most complex systems in an organization.

I am going to continue to run Exploring Information Security (EIS) with a focus on security awareness. I believe this new role and EIS will compliment each other well. Next week I am planning to post my job search log. As part of the job search I decided to put in entries documenting my progress and thoughts during the hiring process. I wanted to show others that the hiring process is stressful, even for someone with 22+ years of IT experience. It’s also changed significantly since I first got in the job market and I wanted to highlight some of those changes as well.