Apex |Blog-QandA with Chuck Rohm – Manager IT Security Compliance and Production Systems Page Content Visit the main blog page. Follow us on our social media channels, where we share lots of great content and events! Q&A with Chuck Rohm – Manager, IT Security, Compliance and Production Systems November 2017 The heart of Apex is our people. This week, and every week, we’re thankful for our internal employees, contracted employees, and clients. In the spirit of the season, we’ll be featuring an individual or group that embodies our Apex values. Today, we are highlighting our Manager of IT Security, Compliance and Production Support, Chuck Rohm. With Information Security being such a hot topic issue in today’s world, Chuck is a huge asset to our team. We caught up with him to learn more about his role, career path, traits he appreciates in his employees, and advice he has for individuals looking to break into the Information Security field. What are your key responsibilities? Chuck: My focus areas include overseeing Information Security (tools, field awareness, social engineering, etc.), developing processes around compliance and audits, production support of about six to seven different systems, and management of a team of 11 full-time employees and several contractors. How did you enter the IT field, and specifically Information Security? Chuck: I started my career as a Health Physics Technician in a lab. In the 80’s, our lab got computers. When we started implementing computers, and we all had to learn how to use them, I had a natural affinity for them and just loved working with them! They noticed my interest and sent me to take some IT courses, and I learned how to work with and manage our database. I then became a Database Administrator (DBA) focusing on Oracle. I then joined a security team at a plant. In 2001, I then became a DBA at a company. Soon after joining, 9/11 happened. At the time, the company didn’t have a dedicated security team, and I was one of the only individuals on staff who had security experience, so they put me in the role of IT Security Director. What do you think contributed to you getting these opportunities? Chuck: First, I demonstrated that I was interested in learning new things and new ways of doing things. I made my interest/s known. Second, I went to where I needed to go in order to further my career, both in terms of asking/seeking additional tasks and travel/relocation. I traveled to 14 different plants during my first security stint. I then relocated several times for jobs I wanted, moving on four occasions. Being flexible, and showing I was flexible, helped open many career doors for me. As a Manager, what do you appreciate in your employees? What makes people stand out in a positive way? Chuck: There are a couple major traits I really admire and appreciate. First, two-way, open communication around expectations, difficulties, and needs both personally and professionally. Second, commitment to the organization and dedication to the job, even if it’s not ideal (i.e. working a Saturday night when needed). Third, overall availability and responsiveness! My team members will give me their cell phone numbers when they go on vacation and set the precedent for me to call them if I need them. Fourth, proactive problem solving. They’ll keep me in the loop on any issues/problems or improvement areas they see, and will communicate their plan of action to me and take the initiative to do troubleshooting/enhancements on their own. Let’s switch to the other side. What traits do employees demonstrate that are really off-putting to you as a manager? What makes people stand out in a negative way? Chuck: Luckily I haven’t had to deal with these issues, but the two traits that really bother me are: insensitivity to others and when people aren’t committed to their job, which then causes more work for other people. What education/courses did you take to help develop your Information Security and management acumen? Chuck: I learned a lot from Steven Covey’s courses, and I really believe in his “emotional bank account” theory, which states that if a manager is observant of their peoples’ needs, then they’ll be observant of mine and the company needs. I do believe in certifications! I’ve attained an Oracle certification, and I’m currently studying for my CISSP. Do you have any other advice for individuals interested in breaking into an Information Security career? Chuck: First, constant learning is essential, as information security is changing daily. There are always new threats emerging, and others become more sophisticated. Second, keep up with current events involving security. It’s helpful to keep a pulse on what’s happening in the world, especially hacking attempts. Awareness is crucial, and can help provide “lessons learned.” While unfortunate to see a company fall victim to a breach, it’s good to treat that as a case study to determine what could have potentially contributed to that, and then audit ourselves to ensure we won’t be compromised in a similar manner. Ready for your next career opportunity? Check out our current openings here.