People on Reddit are engaging in the cybersecurity GRC (Governance, Risk & Compliance) careers conversation. My rant part 1 about why GRC is underrated in 48 hours got 92 thousand views, 231 shares, 195 upvotes and 143 comments. If you’ve already joined into that discussion thank you – this is super cool to be bringing newcomers into the conversation. And if you haven’t yet, jump on in.

See if GRC is a good fit for you, either for the long haul or as a temporary rotation to enrich your skills that you bring somewhere else. I’ve found it to be a great place for meaningful work and meaningful relationships – which is what it’s all about, and I think more people can do the same - if as a community, can give candidates a realistic job preview of what GRC is and what it isn’t.

Views expressed are my own. Questions and feedback are welcome.

REFERENCES

Reddit r/cybersecurity discussion: Why careers in cybersecurity GRC are underrated: [ Ссылка ]

NIST Cybersecurity Framework (CSF) v1.1: [ Ссылка ]

Forbes, Team Building: Minders, Finders, Grinders by Keenan Beasley
[ Ссылка ]

Cybersecurity Cannon Book Reviews, Ohio State University [ Ссылка ]

Darknet Diaries [ Ссылка ]

Risky.Biz [ Ссылка ]

Your Cyber Path Mind Map: [ Ссылка ]

IRRESISTIBLE: How to Land Your Dream Cybersecurity Position, Kip Boyle, Jason Dion: [ Ссылка ]

Harvard Business Review, A Simple Way to Map Out Your Career Ambitions by Marc Effron [ Ссылка ]

Cloud Security Office Hours
[ Ссылка ]

свернуть