<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Career on Rishipal Yadav · not your CISO</title><link>https://rishipalyadav.github.io/categories/career/</link><description>Recent content in Career on Rishipal Yadav · not your CISO</description><generator>Hugo -- gohugo.io</generator><language>en</language><copyright>© 2026 Rishipal Yadav</copyright><lastBuildDate>Fri, 20 Jan 2023 00:00:00 +0000</lastBuildDate><atom:link href="https://rishipalyadav.github.io/categories/career/index.xml" rel="self" type="application/rss+xml"/><item><title>Bridging the Skill Gap in Cybersecurity — Hire Generalists, Create Specialists!</title><link>https://rishipalyadav.github.io/posts/bridging-skill-gap-hire-generalists/</link><pubDate>Fri, 20 Jan 2023 00:00:00 +0000</pubDate><guid>https://rishipalyadav.github.io/posts/bridging-skill-gap-hire-generalists/</guid><description>&lt;blockquote&gt;&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://notyourciso.medium.com" target="_blank" rel="noreferrer"&gt;not your CISO&lt;/a&gt; on Medium. &lt;a href="https://notyourciso.medium.com/bridging-the-skill-gap-in-cybersecurity-hire-generalists-create-specialists-1a730e84b521" target="_blank" rel="noreferrer"&gt;Read the full post →&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;
&lt;/blockquote&gt;&lt;p&gt;I have seen a lot of posts about the skill gap, unrealistic hiring expectations, and the number of open security roles. Most of them circle the same frustration: organisations want five years of experience in a technology that has existed for two, and then complain they can&amp;rsquo;t hire.&lt;/p&gt;
&lt;p&gt;But I think the framing is wrong. The skill gap isn&amp;rsquo;t primarily a supply problem — it&amp;rsquo;s a hiring and development problem. Organisations have been optimising for the role they need filled today, not the practitioner they need in three years.&lt;/p&gt;</description></item><item><title>Cybersecurity Roadmap 2023: How Do I Start in Cybersecurity?</title><link>https://rishipalyadav.github.io/posts/cybersecurity-roadmap-2023/</link><pubDate>Fri, 13 Jan 2023 00:00:00 +0000</pubDate><guid>https://rishipalyadav.github.io/posts/cybersecurity-roadmap-2023/</guid><description>&lt;blockquote&gt;&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://notyourciso.medium.com" target="_blank" rel="noreferrer"&gt;not your CISO&lt;/a&gt; on Medium. &lt;a href="https://notyourciso.medium.com/cybersecurity-roadmap-2023-how-do-i-start-in-cybersecurity-6117386e1e88" target="_blank" rel="noreferrer"&gt;Read the full post →&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;
&lt;/blockquote&gt;&lt;p&gt;How do I start in cybersecurity? What basic skills do I need to get into cybersecurity?&lt;/p&gt;
&lt;p&gt;These are the questions I get most often — from students, from software engineers eyeing a pivot, from IT professionals who want to move into security. There is no single right answer, but there are a lot of wrong approaches, and this guide is my attempt to cut through the noise.&lt;/p&gt;</description></item><item><title>So You Do Not Want to Become a CISO Anymore?</title><link>https://rishipalyadav.github.io/posts/so-you-dont-want-to-become-a-ciso/</link><pubDate>Sun, 09 Oct 2022 00:00:00 +0000</pubDate><guid>https://rishipalyadav.github.io/posts/so-you-dont-want-to-become-a-ciso/</guid><description>&lt;blockquote&gt;&lt;p&gt;&lt;em&gt;This article was originally published on &lt;a href="https://notyourciso.medium.com" target="_blank" rel="noreferrer"&gt;not your CISO&lt;/a&gt; on Medium. &lt;a href="https://notyourciso.medium.com/so-you-do-not-want-to-become-a-ciso-anymore-4436a0c724a9" target="_blank" rel="noreferrer"&gt;Read the full post →&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;
&lt;/blockquote&gt;&lt;p&gt;There has been quite a chatter in the security community for the last couple of weeks. It is always some discussion — be it a new breach, a new framework, or a regulatory shift — but this one felt different.&lt;/p&gt;
&lt;p&gt;The conversation: is the CISO role broken? Between the SolarWinds aftermath, the SEC charging CISOs personally, the expectation of omniscience with the authority of a middle manager, and the burnout rates — a lot of security professionals who once had the CISO job as their north star are quietly reconsidering.&lt;/p&gt;</description></item><item><title>My Cybersecurity Journey</title><link>https://rishipalyadav.github.io/posts/my-cybersecurity-journey/</link><pubDate>Wed, 25 May 2022 00:00:00 +0000</pubDate><guid>https://rishipalyadav.github.io/posts/my-cybersecurity-journey/</guid><description>&lt;blockquote&gt;&lt;p&gt;&lt;em&gt;This article was originally published in the &lt;a href="https://www.isc2.org/Insights/2022/05/Journey-Into-Cybersecurity-Conversations-with-Cyber-Newcomers-Part-1" target="_blank" rel="noreferrer"&gt;(ISC)² blog&lt;/a&gt; and cross-posted on &lt;a href="https://notyourciso.medium.com" target="_blank" rel="noreferrer"&gt;not your CISO&lt;/a&gt; on Medium. &lt;a href="https://notyourciso.medium.com/my-cybersecurity-journey-f3260df7541" target="_blank" rel="noreferrer"&gt;Read the full post →&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;
&lt;/blockquote&gt;&lt;p&gt;I found my first position at a college placement fair. I began working as a software engineer building a digital security platform at HSBC — designing the backend for secure authentication and authorisation for mobile banking apps. It was more of a software development job, but I had to learn a lot about security concepts to actually do it well.&lt;/p&gt;</description></item></channel></rss>