Advent IM is a security consultancy, providing consultancy services across all areas of security, ranging from physical security, through to governance, through to information security. Advent IM employs a number of ex-Forces personnel and regularly look towards military personnel to fill their job vacancies. To find out more about Advent IM and the cyber industry, SaluteMyJob chats to Chris Cope, an Information Security Consultant at Advent IM and former RAF officer.
SMJ: What is your role at Advent IM?
CHRIS: Information Security Consultant.
SMJ: What are your responsibilities in your current role?
CHRIS: My current role is basically working with a variety of clients, some in the public sector and some in the private sector, on all elements of security but primarily information and cyber security. In effect it is delivering what the client wants and I know that sounds vague but it depends on what they are after, some people want a very hand on approach, whether other people want more consultancy, with advice and guidance. In effect, generically I am assisting with the scope of a project, making sure the clients are happy at the end of it.
SMJ: Why is Advent IM a good place for veterans and reservists to work?
CHRIS: All of the consultants (seven) at Advent IM are ex-military. I would argue that the company actually actively targets people in the Forces. Because there is high percentage of people who are ex-Forces, it creates a certain culture, so when they are actively looking for people from the Forces - I think that helps. There is also an obvious understanding of the skills set ex-Forces can bring to the company.
SMJ: What key transferable skills you have, has helped you gain this role - and has helped you be successful?
CHRIS: Soft skills include strong communication and people skills and in terms of the qualification side of it, I am a CESG certified practitioner (Security and Information Risk Advisor, Auditor and Accreditor from the Institute of Info Security Professionals), which has helped a lot, and also CISSP (Certified Information Systems Security Professional) and CISM (Certified Information Security Manager).
SMJ: What skills do you think you need to succeed in your role?
CHRIS: Soft skills: You need to be able to communicate, work in as a team, you need to be quite driven, being a self-starter is really important. In terms of specific skills, I would argue, you need to come from a technical background or a security risk background.
SMJ: What do you do on a normal day?
CHRIS: I spend a lot of time on clients’ sites, I spend an awful lot of time dealing with people, trying to implement various controls around information security.
SMJ: What is the best thing about your job?
CHRIS: It’s a challenge, every job is slightly different. You have to solve a lot of problems - which can be quite fun.
SMJ: What was your role in the military?
CHRIS: I was a RAF Police Commissioned Officer for just under 14 years. The role was primarily policing, investigations and security – but mostly security.
SMJ: What could your military role be best compared to in Civvy Street?
CHRIS: Information Security Manager, Chief Information Security Officer. They are roles that I have done in the military that are directly comparable in civvy street.
SMJ: What did you do to prepare yourself through the transition phase? What courses/qualifications have you gained in the military and after - that has helped you gain employment?
CHRIS: I think I started my transition very early. About half way through my career I suddenly realised I had no qualifications from the military which would be accepted in the civilian world. So I started to look at courses I could take which would directly link across - so things like, CISSP, CISM and cyber security courses I was able to complete or start while in the military. Some funded by the military, others self-funded, but effectively I was able to find the time to do the courses while in Service. So when it came to resettlement time, I actually had all the qualifications I needed. Before I made the decision to leave, I thought I would put my CV out there and see what came back - so I went for some interviews and lined up with a company. So I took my uniform off on the Friday and put a suit on the Monday and started work.
SMJ: In your opinion, what training, experience and key skills from your Armed Forces career has made you more competitive that other candidates in the commercial sector?
CHRIS: A lot of the training I did was civilian based but the key difference was my experience. I was able to point to a variety of roles, as accreditor, information security manager, chief information security officer in a number of different operating areas. I think one of the benefits of moving around so often, was gaining a breadth of experience, I was able to use that as good stead against civilian counterparts who were maybe in a similar job for seven or eight years, but did not have that breadth of experience. I know it may be a bit of a cliché, to talk about ‘soft skills’ but the ability to work as part of a team, to communicate, even things like turning up to a meeting with a client with polished shoes - things which I always took for granted while in the Forces, but then you realise some people just don’t do that, or have those skills and it does make a big difference.
SMJ: What advice would you give to others (ex-military and reservists) who are looking to get into the cyber security industry and similar roles? Courses, qualifications to gain, work experience, insight days?
CHRIS: The key thing is really experience - try and gain experience on the job and if your current role does not lend itself see if you can do some work placements or something along those lines so you can get a taster for it - that is really important. Qualifications are good, get what you can along the way - but experience is key. And you have to be flexible in your approach as this is a rapidly changing environment.
SMJ: What roles specifically in cyber security do you think military personnel and reservists are best suited for?
CHRIS: It depends on their background, if they come from a technical background, roles they would be good at include Security Architects and Network Security Advisors. Also if someone is doing IT administration type work in the Forces, they will walk straight into the same role in civvy street - there is a big demand for it. For people that come from the security risk side: Information Security Management, Chief Information Security Managers. There is such a wide breadth of occupations, you will find a role somewhere.
SMJ: Have you got any top tips for those ex-military candidates and reservists with cyber security experience on how they can translate their skills into commercial employment?
CHRIS: Get on all the job boards, recruitment sites and see what is out there that may suit your skills. But the key thing is to civilianise your CV. For example, when I first applied for a role, I sent my CV out and I didn’t get the job and received some feedback. They said they did not understand my CV. Basically I was using military abbreviations - so people who have never served, had no idea what I was talking about. Sit down and think, what did I do in the military, what does that compare to in civvy street. Do not be afraid of promoting your military background, just make sure you don’t start talking in three or four letter abbreviations.
SMJ: And finally, where do you see yourself in five years?
CHRIS: In three months I will be starting a new job as an Information Security Manager. But looking further ahead, this field is growing and continuing to open up a lot of opportunities, so I would see myself in the same field, probably in a management type role.