Skip Navigation
Get a Demo
 
 
 
 
 
 
 
 
 
Resources Blog Opinions & insights

Surfing the Mid-Career Wave: 5 Steps to Making Your Next Move

Julie Brown
Originally published . Last modified .

We’ve written articles on how to get into information security, but what about when you’ve been in the field for a few years and have outgrown your position? The career path for a driven infosec professional often involves moving into management, but that’s not the only way to grow. Mid-level career responsibilities include managing people, leading projects, and honing your technical abilities, to name a few. With many different functions and roles to choose from, how do you decide what’s next?

Here are five steps that I’ve used to navigate through my mid-level career in infosec. I hope you can find some ideas to help guide you through your own journey.

Step 1: Identify Your Strengths

A healthy sense of self awareness is vital to finding an opportunity that will be a good fit for you. Start with identifying your weaknesses and finding a way to improve on them. For example, maybe you’re not great with public presenting. Try giving a quick technical lesson to your team, or even just a coworker, as a way to improve your speaking skills. But don’t try to train for a role just to prove you can do it. Improving on your weaknesses is a great way to eliminate hurdles that may keep you from moving forward, but it’s not going to uncover the best area to focus on in the future. That’s where your strengths will shine.

What gets you excited about working every day? Think back to a day at your current position where you felt like your work had an impact and the time flew by. The reason why may surprise you. For some, it’s the thrill of figuring out a challenging technical puzzle. Others may enjoy enabling the people around them to perform at their best. For me, the best days are those when I can make the systems and processes around me more efficient, and fix the barriers that get in the way of important work. That’s what has driven me to get more involved in improving operations as a path of growth at Red Canary, rather than moving into personnel management.

Knowing both your strengths and weaknesses is an important first step in maturing your career.

Step 2: Ask the Big Questions

Too often, mid-level career professionals take a new position because it has an impressive title or it’s a “move up” in the corporate structure of their company, without stopping to ask themselves if that job is what they want. Know exactly what you want in your next opportunity so you can recognize a good fit when you see it. A couple questions I’ve used to guide my career choices include:

What drives me?

Revisit the things that keep you motivated at your job, and see if there is a position where you can focus on the responsibilities that you love. That may be in-depth malware analysis or identifying patterns within large data sets. Deciding what part of the industry you want to specialize in will help you make a deliberate decision, rather than taking any opportunity that comes your way.

Where do I want to challenge myself?

If you’re growing throughout your career, each new step will feel uncomfortable. That’s a good thing! You want to be challenging yourself to improve professionally over time. But just because a new opportunity makes you feel uncomfortable, doesn’t mean that it’s the right step for you to take. There is a difference between discomfort from growth and discomfort because a new position isn’t a good fit for you. Take some time to ask how a new opportunity would help you grow.

This came to light for me recently, when I had the option to step into team management and development coaching at Red Canary. The opportunity made me uncomfortable, but not in a “stretch yourself” kind of way. Envisioning myself in the position of team lead gave me a sense of dread and disappointment. After learning more about my strengths and skills, I decided a people management position is not a good fit for me at this point. If I had been basing my career decisions solely on the idea that you should “do what makes you uncomfortable,” I would have ended up in a position that would not let me use my strengths. Instead, I’m now finding ways to improve operational efficiency. That opportunity also makes me uncomfortable, but it’s because I’m aware of the impact that I can have and I want to do a good job. It’s a drive to succeed rather than a pang of dread.

It’s important to make a distinction between “Can I do this?” and “Do I really want to do this?” Learn to recognize the difference for yourself.

Step 3: Prepare Yourself

Once you know what gets you excited about your field, dig as deeply as possible into the details. Spend extra time learning about what excites you. One way to prepare yourself is by doing your own research. Buy (and actually read) a few books to help you learn more. The right research materials will depend on your chosen strengths and responsibilities.

Here are a few books I have found helpful in my own career development:

Windows Internals: Part 1

In my own effort to improve my technical skills, I’ve chewed my way through “Windows Internals, Part 1” by Pavel Yosifovich et al. It’s dense, but this book has helped me fill in a lot of gaps in my technical knowledge. If your next career move involves technical expertise, make sure you have a solid background in your chosen subject matter.

Infosec Career Advancement: Windows Internals


Drive

My search for motivation started with “Drive” by Daniel Pink. This book gives insight into the ideas and work styles that drive today’s workforce, including information security. Pick this one up to help you recognize the type of position that will help you feel energized and inspired to do your best work.

Infosec Career Advancement: Drive


Radical Candor

Personnel management isn’t the best choice for me, but if the idea interests you, try out “Radical Candor” by Kim Scott. Scott gives the reader a framework for managing people that revolves around empowerment and collaboration. If I were to be a manager, this is the type of boss I would strive to be.

Infosec Career Advancement: Radical Candor


Deep Work

Regardless of your chosen role, you’re going to need to increase your performance to grow in your career. To improve your productivity and motivation, “Deep Work” by Cal Newport is required reading. The modern workplace is so full of distractions that many of us have lost the skill of intense and meaningful focus. “Deep Work” will help you develop and hone your focus so that you can generate meaningful work at a high level.

Infosec Career Advancement: Deep Work


Aside from reading, working with a career coach is another great way to prepare for your next jump. If possible, reach out to someone you respect and ask for their input on your strengths and weaknesses, and how you might get closer to the position you want to have. The information security field is full of people who are used to “figuring things out” for themselves, and that means we are often hesitant to reach out for career help. Don’t simply assume that you’re fine without help, because you could be discounting a huge resource. Just be sure that you’re ready to accept constructive criticism. Pride will only prevent progress when it comes to personal development.

Step 4: Catch the Right Wave

You’ve identified your strengths, pinpointed your passion, and prepared for the next step. How do you know when it’s time to jump into something new? It’s important to be deliberate about the next opportunity you take, rather than just saying yes to whatever comes your way. Think about surfers at the beach waiting for the right wave to ride back to the shore. If they always took the first wave that came by, they might miss a better option later on. For each opportunity you’re considering, revisit your own set of big questions. Leading a small team might allow you to use your management skills, whereas managing a complex project may flex your time management abilities and technical expertise. Look for opportunities to use your strengths and do what excites you most rather than signing up for the next thing that needs a volunteer.

Similarly, pay attention to your needs and preferences when changing employers. Make sure the company culture lines up with how you prefer to work. Would you rather do most of your work independently or in a team structure? How often do you prefer to have one-on-one time with your boss? Do you prefer a day-to-day work life that is predictable, or do you relish having new challenges thrown at you when you’re not expecting it? Knowing these things about yourself will help you choose an employer that’s a good fit. Deciding what you want is the best way to get it!

Step 5: Stop and Reflect

Moving forward to a new position that engages your strengths is a huge accomplishment. Career changes have always left me feeling energized and motivated. After you’ve settled into your new responsibilities, take some time to reflect on the new position. Does your new position align with your expectations? Are you using your strengths? Do you have opportunities to grow? Hopefully your career change gives you chances to develop personally and professionally. Even if it’s not exactly what you thought it would be, identify the ways you can continue to grow your strengths. Take what you’ve learned about yourself through this process and get ready to step forward into the next chapter of your career.

Deciding what I want in my mid-career and catching the right wave has propelled me to Red Canary, where I’m continually identifying opportunities to challenge myself and grow. I’m excited and motivated to improve myself and the company around me. If you think Red Canary may be a good fit for you too, check out our open positions.

 

Why CISOs under consolidation pressure are embracing Microsoft Security solutions

 

How AI will affect the malware ecosystem and what it means for defenders

 

Why Taylor Swift fans should work in cybersecurity

 

Drawing lines in the cloud: A new era for MDR

Subscribe to our blog

 
 
Back to Top