![](https://assets.isu.pub/document-structure/221216223324-69dba02eb858a5d53d34951de474b3f1/v1/61389bcdd235b43da214819a8b2791f8.jpeg?width=720&quality=85%2C50)
6 minute read
changing career through recruitment
KARINE TOBIN
FROM MARKETING TO CYBER SECURITY, CHANGING
CAREER THROUGH RECRUITMENT
by Karine Tobin, Consultant at The Network
Karine Tobin arrived in Sydney 12 years ago as a fresh-faced backpacker after a career in sales and marketing spanning 15 years throughout Europe.
She had worked her way up to being a national brand manager for three well-known kitchen appliance brands when she was diagnosed with melanoma - while pregnant with her second child.
“Seven years ago, I was diagnosed with stage four melanoma after the birth of my daughter. It changed my life forever,” says Tobin. After the shock of the news, she went through treatment while taking care of two young children with only her husband for support. Life had taken an unexpected turn, her priorities had changed and her future looked grim. Tobin re-assessed what she wanted to do with the rest of her life.
During that time she wrote We Only Live Once: Memoir of a survivor, started her own coaching business helping entrepreneurs set up and grow their businesses and became a volunteer helping other cancer patients find their ‘new normal’. She wanted to make a difference in people’s lives and support them in a way only someone who had been through their experience could.
When her health improved, and with a future ahead of her, Tobin was keen to start something new. She was craving learning, ideally something technical and mentally stimulating to challenge herself. “The world we live in is embedded in the digital world,” she explains. “I’ve always been curious about technologies and how hackers do what they do, so I decided to learn how they do it. Maybe that way I could help protect our digital world and make it a safer place.” She spent two years in full-time study with Learning People Global and discovered a new passion: cybersecurity.
“I’ve studied between school drop-offs and pick-ups,
passing exam after exam: through lockdowns, while homeschooling my two young children,” Tobin says. “From CompTIA A+ and the fundamentals of IT to networking essentials and security again with CompTIA Network+ and finishing with ethical hacking, PenTest+ and CEH from EC-Council. The more I learned, the more I wanted to know.”
Tobin continued to build her knowledge of and skills in cybersecurity and is currently studying for the CISM Certification.
BUSINESS SKILLS UNDERVALUED
However, despite all her qualifications, when the time came to look for a job, she did not realise how difficult getting her first opportunity would be. “It was quite daunting. I had very poor experiences with recruiters and the roles I got offered either did not have the flexibility I needed or didn’t eventuate,” Tobin says, referring to the offer she received to work on the French submarine project, which the government scrapped in favour of the AUKUS partnership. “Also, I did not feel that my previous 15 years of experience— bringing strategic thinking, problem-solving skills, business acumen and many more soft skills—were valued enough.” While actively searching for a role in cybersecurity she was approached by two recruitment agencies looking to use her technical skills to better serve their clients and candidates in the security market. Given her personal experience with recruitment agencies, and her willingness to try anything that could get her into the cyber world, Tobin became a recruiter specialising in cybersecurity with the technology recruitment firm The Network.
“At least, in recruitment, I could still make a difference,” she says. “With my understanding of the corporate world, business strategies and cybersecurity I could help companies find the skillsets they required. And with both soft and technical skills, I could understand what people had to offer potential employers. Matching them together requires patience, problem-solving, and a lot of consulting / coaching skills as well. In this position, I can utilise all my skills and experience from branding, marketing and coaching to my newfound passion of cybersecurity.
“It’s not just finding adequate technical skills for a job description; it’s finding the right soft skills, technical skills and cultural fit for an organisation and, on the candidate side, ensuring I am setting them up
to succeed with an employer who is committed to nurturing and enhancing their skills.”
THE RECRUITER’S ROLE
Tobin says actively listening to candidates is critical. “It’s not about the roles I am working on, it’s about understanding what they’d like to achieve next and their potential. Understanding how the new hire will fit within the business strategy, the company culture, and the skills required to achieve the outcomes is essential. I always take the time to discuss in depth these aspects with my clients before working on any roles.”
And, she adds, her job is not ‘fit and forget’: place someone in a role and move on to the next assignment. “My role is also about developing relationships, engaging with potential clients and seeking opportunities to develop business. I’d rather develop long-term relationships with the people I talk to; they can be candidates one day, clients the next, or vice versa, it doesn’t matter. What matters is them as a person and their values.”
SHORTAGE OF MID-LEVEL CANDIDATES IN PENETRATION TESTING
Today, Tobin says the cybersecurity role the most difficult to fill is penetration testing. “Though there are many more open roles than available candidates in all areas of cybersecurity, this is certainly the tightest market. Clients want experienced penetration testers with at least an OSCP [Offensive Security Certified Professional] certification.”
Apart from the well-publicised shortage of cyber skills, Tobin says the biggest challenge of her role is finding the right fit for both employer and employee. “It requires head-hunting specific skillsets and then making sure the company culture, compensation and career progression align with their requirements.”
She is also frustrated at the lack of entry-level roles, for which there is no shortage of candidates. “I’m looking at so many junior candidates desperate to break into cybersecurity and only a small number of ‘real’ entry-level roles: under a year of experience, or no experience at all.
“It is hard seeing only a few organisations willing to invest time and training in career changers and graduates. If there is a ‘cyber gap’ surely hiring and training graduates and career changers should make a big difference.”
She says organisations having the systems in place to accept people into entry-level roles and upskill them is the only way the skills shortage will be addressed.
MORE ENTRY LEVEL ROLES NEEDED
“Organisations need to have more entry-level roles available and curated training and shadowing programs where a senior will mentor a couple of juniors to develop and hone not just their technical skills but business, social and client interaction skills. You have to develop them in every facet. The industry must invest in the future generation, bringing people from other backgrounds and training them instead of trying to recycle seniors over and over again.”
Tobin’s insights into what cybersecurity skills are most in demand also show her developments are heading in the near future. She expects to see laws regarding personal data in Australia being reinforced—a development almost certain in the wake of the Optus and Medibank data breaches— an increase zero trust approach to cybersecurity; increased use of artificial intelligence, machine learning, data enrichment and automation; strengthening of DevSecOps and cloud security.
On the threat side Tobin expects to see “generalisation of social engineering, the availability and affordability of cybersecurity threats as a service and increased activities from Advanced Persistence Threats.”
www.linkedin.com/in/karinetobin