When interviewing candidates for an information security manager (or information security executive) position, it is important to consider the personality characteristics most relevant to the job. This appendix provides both a ranked list of these characteristics as well as the reasons why these characteristics are important. The most important factors appear at the top of the list. The author suggests that you photocopy this appendix and distribute it to all those who will interview candidates (including a third-party recruiter working on the assignment). These people can... ...then rank the candidates according to these criteria to quickly determine which candidates should proceed to the next step in the recruitment process.
Alternatively, you may wish to use the following list as a starting point for an in-house brainstorming session amongst those managers who will need to work with the new information security manager. The session can then be used to develop your organization's own unique list of personal qualifications.
The following list assumes that the job candidate has the necessary technical skills to do the job, as demonstrated through both certifications and prior experience.
INFORMATION SECURITY MANAGER QUALIFICATIONS
Excellent communication skills
Good relationship management skills
Ability to manage many important projects simultaneously
Ability to resolve conflicts between security and business objectives
Ability to see the big picture
Basic familiarity with information security technology
Real world hands-on experience
Commitment to staying on top of the technology
Honesty and high-integrity character
Familiarity with information security management
Tolerance for ambiguity and uncertainty
Demonstrated good judgement
Ability to work independently
A certain amount of polish
| Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
278 pages; $495
Published by Information Shield
Download Appendix B, Personal Qualifications