A Rainmaker is someone who makes something happen: at his company, in his career, in his community. The Rainmaker series showcases department of information systems alumni who are catalysts of growth and change.
Information security professionals need to be change agents, adept in both information and people skills. And, they need to distinguish themselves early, as undergraduates. Like athletes, that’s where the pros look for talent.
So believes Aaron Carpenter, president of the Phoenix Chapter of the Information Systems Security Association (ISSA). Carpenter, a 2004 graduate of the Master Accountancy and Information Systems (MAIS) program has made it a priority of Phoenix ISSA to foster young talent from schools like the W. P. Carey School of Business.
“I would really like to help build a pathway with kids just out of university to come into information security and up through the ranks,” said Carpenter.
Carpenter is vice president and information security officer at Marquette Financial Companies, a holding company of six financial services companies. Professor Paul Steinbart remembers Carpenter as both undergraduate and a graduate student. “He was always actively involved asking questions,” said Steinbart. “He truly was interested in the topics being covered, and wanted to know why or how to apply various concepts in practice: a great student to have in a class.”
At 36, Carpenter is one of the younger IS officers in the Phoenix area, and he says professionals of his generation have a responsibility to communicate the opportunities in the field to those coming behind him. “It’s up to us to help mentor them, to drive awareness of the opportunities in information security,” he said.
Carpenter sees change-making as part of the job. Most companies are not up to full speed in the area of security, he observed. “You have to act as a change agent to build out these processes that help secure the organization.”
Carpenter believes “people skills” are important in information security. In the past, the security professional ran the firewall, and when the firewall was breached, he was told to handle it. “[The discipline] has evolved to … require expertise and knowledge, as well as people skills. It’s a challenge: [you need] someone who has the people skills who can also speak to the technology.”
Carpenter began his career squarely in IT with an internship at the Department of Veteran Affairs before moving on to KPMG for a year and a half. Next he joined the Arizona Department of Health Services as the HIPAA security officer. It turned out to be a great fit, and he was promoted after six months.
Although he was the youngest employee with the least experience, he was challenged to build a security program with no budget – a task he completed in two and a half years. It was while serving as the ISO at ADHS that was recruited to be the program director of Phoenix ISSA, a kind of CEO function. He became Vice President in July 2011, then was elected President the following October.
ISSA is for Practitioners and Students
ISSA is a global organization that makes itself readily accessible to students. At $30 per year, a student membership is less than a third of the cost of a general membership, and students enjoy all the privileges of a general membership, save voting.
Local chapters offer scholarships, and Phoenix ISSA typically awards up to three per year to educational organizations with IS-related curricula. Past winners include students from the W. P. Carey School, but for the first time in 2013, Phoenix ISSA has earmarked a scholarship specifically for an ASU student.
Anyone interested in joining ISSA, students included, is entitled to attend one meeting free of charge.
“We hold quarterly meetings that I think are ‘the place to be,’ if you want to know what’s going on in security, and to meet the people who are actively practicing security,” he said. Typical quarterly meetings attract over 120 attendees. Among its members are the past president of the international ISSA, Rich Owen, and past president Debbie Christofferson, who served two terms before moving to the International Board of Directors.
Phoenix ISSA enables students to connect with IS practitioners and luminaries, which Carpenter sees as crucial to charting a career in IS.
“My career was built on connections,” he said. He recalled attending a seminar by IS clinical assistant professor Daniel Mazzola. “He was a great mentor,” Carpenter recalled. “He said ‘Build that network. You’re not going to see fruit from that network as a student, but five, ten years down the road you will.’ You’ve got to have that baseline knowledge – that’s assumed. But the rest is built on relationships.”
Stand Out Early
Carpenter entered Computer Information Security program at the W. P. Carey School of Business in August of 2001 – three weeks before the 9/11 attack.
“You had to have a 3.6 or 3.7 to get into the CIS program, which was the highest-paying major with 100 percent placement. Three weeks after I started the CIS program as a Junior the economy tanked and no one was getting jobs, not even internships.” Carpenter recognized quickly that he must distinguish himself. “It made me up my game and ask, how can I differentiate myself?”
Carpenter reasoned that he could not know enough about the subject of information management. “I went to Mesa Community College’s Network Academy for one class that ASU didn’t offer, which was to learn how to be a desktop support guy - to take apart a computer and do networking.” Internships were hard won, but he found one at a local company near campus, then at Intel.
In addition to leading Phoenix ISSA, Carpenter serves on the board of the Phoenix chapter of ISACA, formerly the Information Systems Audit and Control Association, where he focuses his efforts on supporting the education and academic relations committees.
Steinbart has kept in touch with Carpenter over the years, and calls Carpenter’s roles at both ISACA and ISSA “clear proof that Aaron believes in giving back to the community. He didn’t just collect a title for his CV, but actually got involved in doing things to improve the organization,” like rounding up first-rate speakers for ISACA and ISSA events. “I think he is the kind of alum we want all of our students to become. We are proud to be associated with him.”
Most recently, Goul invited carpenter to serve on the department’s executive advisory board.
“ISSA is an important connection for our information systems students, faculty and alumni. This association is at the forefront of promoting management practices that will ensure the confidentiality, integrity and availability of information resources. Many of our alumni are active members,” Goul said. “ISSA’s educational services complement what we provide our students in their coursework, and the organization enables students and faculty to interact with the movers and shakers of the security field who know exactly what we are all up against in combating modern cybercrime on a day to day basis.”
Carpenter encourages Arizona IS practitioners and students who are interested in joining Phoenix ISSA to visit http://phoenix.issa.org/.