The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/80353
smart moves A Secure Position in Information Security by Sherri Vollick of Holland & Knight LLP As many folks in the legal IT profession have witnessed and (hopefully not) experienced, I was a victim of the layoffs felt around the world in 2010. I always thought I would retire working for this employer, but quickly came to my senses about the instability that economic conditions can induce. Flash forward to 2012, and my two-year anniversary with Holland & Knight LLP occurred this May — how time flies! The experience of finding, securing and expanding my role at the firm has been a wonderful story of self-exploration. Hesitation Turns to Gold My official last day with my past employer, one of the "big four" global financial services firms, fell upon me, and as part of the process of looking for new work, I signed up with my local unemployment office. After about a month of answering ads on my own, I was (semi)forced to go to the unemployment office's official orientation on how to find a job. Part of this orientation included how to use a database on which employers within the state advertised jobs. And there it was! I had seen this position listed on other job boards — I was definitely interested in it, but the employer had chosen to remain anonymous. I hesitate to answer anonymous ads, because you never know the validity of the advertiser, but this time it was different. As I began looking at the job posting, I noticed the employer's name at the very bottom of the form. I was so surprised! I was quite familiar with Holland & Knight — they were the executor of my grandmother's will, they were a tenant in the building I worked in for nine years, and they were the past employer of my very best friend of 26 years. So guess who I called? By the next day, I had a phone interview with the director of human resources and a face-to-face interview with the chief information officer. I was thrilled, to say the least. Within a month, I was offered the position of IT security manager — the firm's first employee in this role. The lesson I learned was to try every route and take advantage of every opportunity to find a new role. You never know when you'll strike gold. Certification Leads to Expertise Landing this exciting new career within a great organization motivated me to go the extra mile to secure my position. I have several credentials (some call it alphabet soup) trailing my name, and each was earned, not given. I passed the Certified Information System Security Professional (CISSP) exam, which provided me and my employer with the assurance that I could perform my role as an IT security advisor on a global team whose primary areas of responsibility were outside the U.S. Around the same time I was studying for the CISSP exam, our security team began working on obtaining ISO 27001 certification. Everyone on the team was trained, tested and certified to be ISO 27001 Lead Auditors. This was a strategic move by our global chief information security officer to ensure everyone on the team knew what kinds of questions an auditor would ask and how to answer them during the audit for certification. If you're being asked the questions, it's a bit like being on the witness stand — you want to try and answer either yes or no; if you're the one asking the questions, you want to be sure they are open-ended so the "witness" spills the beans. 32 Peer to Peer