“Sometimes happy accidents happen, but they can only happen if you’re prepared for them.”
Eric Galis, vice president of security and compliance at Cengage, likes to describe his journey to his career in information security as a series of happy accidents. A childhood love of building and tinkering with electronics led him to study computer science and web development at the University of Massachusetts, where his experience managing his college’s website sparked an interest in information security that would shape his future career. After graduation, a “happy accident” led him to join a cyber security consulting firm, a path that would eventually take him to leading the Compliance and Security team at Cengage. Now, Eric’s focus has shifted to a solving a new challenge: building an effective team that can solve not only today’s information security threats, but also those on the horizon.
Recently, Eric sat down with Caroline Wong of Humans of InfoSec to discuss his career path and offer some valuable advice for hiring managers and job seekers who may be trying to break into the information security field.
The current shortage of skilled workers in the information security industry has made it difficult for many hiring managers to find and attract great talent. Eric suggests that by looking outside of the immediate information security industry, hiring managers may find candidates with parallel or ancillary experiences who can prove to be effective team members:
“Some of the best folks that I’ve worked with in security started somewhere else, expressed an interest in security, and now they are doing great things, solving really interesting problems…in ways that maybe somebody who had spent their entire career in security…wouldn’t have thought of….”
“I think it’s important to have that good mix of people who come at security from a core security knowledge but then also bringing in new folks who can learn and bring some additional different thought patterns to the problem.”
While he acknowledges that luck can sometimes play a part in professional advancement, Eric says that the biggest key to his career progression was due in part to his willingness to explore interests and seek out projects outside of his immediate role. He offers the same advice to job seekers who may be looking for a way to move into the InfoSec field:
“Sometimes happy accidents happen, but they can only happen if you’re prepared for them. So while a lot of my journey has involved getting lucky, it’s about having the right experience and the right approach, trying to learn as much as you can, doing the best job you can in the particular role you’re in, and just being ready for opportunity when it comes. Whether that means spending a little bit of extra time in off hours learning about something you’re interested in so you can apply that in a new way, seeking out a project at your organization that might be slightly outside of your particular role…, or just making sure that you get lunch with somebody on a regular basis because they have an interesting career that you want to understand better.”
At Cengage, Embrace the Unknown and Do More Together are part of our Ethos. We collaborate and take calculated risks to challenge the status quo and transform the way the world learns. If you’re interested in a career in information security at Cengage, you can find all current job openings on our careers page.