How did you transition from your military career to your current role in InfoSec?
Mike Orosz, Manager, Threat and Investigative Services, Citrix (MO): I transitioned from uniform to working side-by-side in civilian clothes so my initial transition wasn’t all that difficult.
My transition to Citrix began during interview process, Citrix CSO – Stan Black – and I discussed converged security. During several 1–2 hour conversations we iterated over a concept of how I could specifically pivot my military security skills to benefit his security program.
Was it a natural fit, or did you have to make adjustments?
MO: My transition to Citrix life can best be encapsulated as a culture shift.
Working in the military environment was completely structured and roles were limited at times by rank and grade. This is not at all the case with Citrix. Every employee is valued for their unique skills and contributions; those who set out to make positive change are well-received and rewarded. Since joining Citrix, I’ve found myself working across all lines of business, interacting with the most junior to senior executives.
What advice would you give to service members who are interested in InfoSec?
MO: Follow this 3-part skill translation process:
- Take critical inventory of skills and training acquired in the military;
- Define and quantify how what you did to apply those skills for the creation of positive impact and;
- Apply those against a specific target employer’s critical need security requirement.
Basically my advice is to identify which company or region you’d like to be in and laser focus your unique skills against the urgent needs of your dream employer!
Are there any particular strengths that you feel veterans bring to the InfoSec market?
MO: Veterans bring the wealth of U.S. Military and DoD analytical techniques.
I always liken private sector InfoSec problems to an episode of the TV series, “South Park.” The premise of the “Simpsons Already Did It” episode was whatever you are trying to do has already been done by the cast of “The Simpsons.”
So, just as the “Simpsons Already Did It,” so has the military. As a matter of fact, the military has not only done InfoSec, it’s developed structured analytical techniques to take seemingly disparate information, analyzed it, determined root cause and probable tactical / strategic outcomes.
Veterans bring structured analytical techniques which can be swiftly implemented for quick wins and as InfoSec capability multipliers.
Anything else you would like to add?
MO: My last note to veterans is to recognize companies are embattled in a never-ending InfoSec war. Bring your military talents to the table and apply them like it’s a day-by-day fight for survival… success will follow.