The Internet is awesome, isn’t it? At any moment, you have the ability to see hundreds of job postings and post your resume for all to see. However, if the only thing you are doing to find a job is fishing by dropping your resume “lure” in the water hoping for a hiring manager to bite, you will be waiting a while.

You need to get out and hunt for your next job. Know the terrain, have spotters in the field, pick the right tree to sit under. Truth be told, I know nothing about actual hunting but, after nearly 10 years of helping IT assurance professionals find new opportunities, I know a few things about hunting for a job.

Here are my top three tips:

Don’t Post Your Resume Online
Monster, CareerBuilder, Indeed, Dice; I have nothing against these services, but you are not their target audience. If the service is free, you are the product, right? The main problem with posting online using these types of sites is that you immediately lose control over where your resume ends up.

One of the pitfalls of the typical recruiting firm is what I call the shotgun approach. They fire your resume in every direction to every client they have, hoping that someone will want to interview you. Now you are faced with a potential situation where your resume is in front of a hiring manager (if it makes it there, more following) from multiple sources, and you start to look desperate.

There are ways you can safely post your resume online anonymously. But, it is hard to do, and even the most “scrubbed” resume can still be figured out. (Word document author metadata, anyone?) Yes, I even see professionals in the information security space get it wrong. It is safer just not to mess with it.


Use Your Relationships
The common belief is that only a small percentage of jobs are actually posted online. Not sure if that is completely true anymore, but I can tell you that most hiring managers have an idea of who they want to hire long before the posting goes up. You want to be the person they think of.

Make sure your personal brand in the marketplace is a positive one. I am always surprised at just how small our IT assurance world is. Make sure people know you for being honest, self-motivated, dependable and collaborative, and word will start to spread about the positive impacts you have had on your organization. Be intentional about networking. Seek out people at ISACA events who work at companies you are interested in. Don’t just add people on LinkedIn, take them to coffee. Make relationships and use them.

Applying Directly Online
It should be your very last option. I’m not telling you to never apply online. What I am saying is use what I’m about to tell you first, and if you still come up empty, that is the only time I would suggest applying directly online. The companies that pay to advertise their job openings will not even be upset at this. Their goal is to make sure they see qualified candidates, and if you became aware of their opening through their online listing, then their money was spent wisely.

I hear it all the time: “I applied to this job online but never heard anything back.” I know for a fact that job-seekers who could have gotten the job they applied for do not get contacted at all because the resume never makes it to the right person. Most companies have talent acquisition teams with increasingly complex systems that are heavily dependent on keyword filtering. I don’t blame HR or talent acquisition teams for wanting to use these filters. Their job is tough. They have to work on potentially hundreds of jobs at the same time. They can’t possibly dig into the level of detail it would take to understand what it takes to be successful in an ISACA-related position.

Applying to a job without an external or internal advocate will more than likely result in silence. You need someone who knows your values, personality and skill set who can help you get visibility with the hiring manager, the real decision-maker in the hiring process. It all comes back to reputation and relationships.

This is just the very tip of the iceberg on how to successfully navigate an IT assurance job hunt, and the first in a series of ISACA Now blog posts I am planning on IT assurance interviewing and hiring. If you have additional questions or a topic you would like to see discussed in the future, feel free to post them in the comments section.

Author’s note: What tips for successful job hunting have I missed? What is the best or worst piece of job search advice you have ever been given?

Brad Owens, Recruiting Director, Duval Search

[ISACA Now Blog]

By Philip Hung Cao

Philip Hung Cao (aka #tekfarmer), MSCS, ZTX-I, CCISO, CISM, CCSP, CCSK, CASP, GICSP, PCNSE is a Strategist, Advisor, Contributor, Educator and Motivator. He has 20 years' experience in IT/Cybersecurity industry in various sectors & positions.

Leave a Reply