What Personality Styles Do Well in Cybersecurity GRC?

analyze_job_with_DiSC

Table of Contents

Why Fit Between a Job and Your Personality Style Matters

If you can find ‘fit’ with a job in cybersecurity, it can lead to a sense of purpose that makes your career self-propelling. That why fit keeps coming up in discussions of performance, retention and engagement.

When you find that sense of purpose, everything has a direction

Robert Greene

What Personality Styles do well in GRC?

Let’s find out by looking at job tasks, competencies and responsibilities in:

  • A Head of Compliance job posting (begin with the end in mind)

  • The Cybersecurity Control Assessor (SP-RSK-002) work role from NICCS.

Then rate their DiSC personality styles with a custom AI prompt I developed using an open source Github project called Fabric, included in the Appendix.

DiSC Assessment Primer and Caution

You’ll notice a caution in my AI prompt:

While self-awareness is crucial for making informed career choices, it's important not to over-index on personality assessments like DiSC in doing so. Personality assessments offer one perspective and are one tool in your toolbelt for understanding how you might fit with a particular role or work environment. Always consider a range of factors when evaluating career opportunities

For the counter-intuitive story on how I’ve thrived in Compliance as a low C, and for a free DiSC self-assessment resource, check out my free email course:

Head of Compliance Analysis

Job Posting

DiSC Assessment Results

DOMINANCE [-------5------]

INFLUENCE [----4---------]

STEADINESS [-------5------]

CONSCIENTIOUSNESS [---------7---]

The role of Head of Compliance at Anthropic, particularly in the context of directing a new compliance team and ensuring the company's compliance & regulatory commitments, demands a balanced mix of DiSC personality traits with a slightly higher emphasis on Conscientiousness. The responsibilities outlined, such as building and maintaining compliance programs, identifying and assessing compliance risks, and shaping policies and procedures, require a high level of attention to detail, organization, diligence, and a systematic approach, which are hallmarks of the Conscientiousness personality. This justifies a score of 7 for Conscientiousness.

However, the role also requires a significant degree of Dominance and Steadiness, each scoring a 5. The need for leadership in building the foundation for the team's operation, guiding conversations about AI governance, and leading the compliance team to deliver on goals necessitates confidence, a results-oriented mindset, and resilience, characteristic of Dominance. Simultaneously, the emphasis on collaboration with other teams, developing and tracking metrics for compliance objectives, and ensuring the integration of compliance into various workflows speaks to the dependability, patience, and cooperative nature associated with Steadiness.

Influence is also important but to a lesser extent, reflected in a score of 4. The role's requirements for effective communication with organizational leaders, coordinating change management, and representing the compliance team to build credibility indicate a need for good communication skills, relationship building, and persuasion. However, these aspects are somewhat less central to the role's core functions compared to those aligning with Conscientiousness, Dominance, and Steadiness.

While self-awareness is crucial for making informed career choices, it's important not to over-index on personality assessments like DiSC in doing so. Personality assessments offer one perspective and are one tool in your toolbelt for understanding how you might fit with a particular role or work environment. Always consider a range of factors when evaluating career opportunities.

Cybersecurity Control Assessor (SP-RSK-002) Analysis

Job Details from NICCS.CISA.GOV

DISC Assessment

Given the comprehensive job description for a Cybersecurity Control Assessor, which includes a wide range of abilities, knowledge, skills, and tasks, we can evaluate the alignment with the DiSC personality profile categories as follows:

DOMINANCE [-------5------]

INFLUENCE [----2.5-------]

STEADINESS [------4-------]

CONSCIENTIOUSNESS [---------8.5---]

The job of a Cybersecurity Control Assessor demands a high level of Conscientiousness, as reflected in the score of 8.5. This role requires meticulous attention to detail, a strong understanding of cybersecurity principles, and the ability to apply these principles systematically. The tasks involve analyzing vulnerabilities, assessing risks, ensuring compliance with security standards, and developing security documentation. These responsibilities align closely with the strengths of individuals with a high C personality profile, such as reliability, diligence, organization, and a focus on quality and accuracy.

The Dominance score is set at 5 because the role requires confidence in decision-making and the ability to lead discussions and present findings clearly and persuasively. However, the need for direct control or forceful leadership is balanced by the requirement for collaboration and consultation with other experts, indicating a moderate level of alignment with D personality traits.

The Influence score is at 2.5, reflecting that while effective communication and the ability to persuade others are important for this role, they are not as central as they would be in more outwardly focused or sales-oriented positions. The role does require networking and collaboration skills but places a greater emphasis on technical expertise and analytical abilities.

Steadiness receives a score of 4, acknowledging the need for dependability, patience, and the ability to work calmly under pressure. However, the dynamic and often fast-paced environment of cybersecurity, along with the need for continuous learning and adaptation to new threats, means that too high a preference for stability and routine might not be ideal.

In summary, the role of a Cybersecurity Control Assessor is best suited for individuals with a strong Conscientiousness profile who are systematic, precise, and highly detail-oriented. While aspects of Dominance and Steadiness are beneficial for effectively navigating the challenges of this role, the need for Influence is less pronounced. This assessment underscores the importance of matching personality profiles to job roles for optimal performance and job satisfaction.

While self-awareness is crucial for making informed career choices, it's important not to over-index on personality assessments like DiSC in doing so. Personality assessments offer one perspective and are one tool in your toolbelt for understanding how you might fit with a particular role or work environment. Always consider a range of factors when evaluating career opportunities. 

What These Assessments Miss

A Head of Compliance Role entails a high degree of scrutiny and healthy tension with Sales, Product Development and other departments.

A Cybersecurity Control Assessor role from NICCS is on the heavy duty, government bureaucracy end of the job spectrum.

If you find yourself in a mid-size software company, I’d expect more Influence traits to be sought after in winning hearts and minds to establish a GRC function.

Bottom-Line

DiSC analysis of the Head of Compliance and Cybersecurity Control Assessor roles highlights the importance of Conscientiousness, Dominance, and Steadiness in thriving within the GRC domain.

With that said, GRC is very different:

  1. Across industries, companies and cultures

  2. When breaking ground in new areas (acquired companies, new systems, new frameworks) vs maintaining a mature control environment

By understanding how your personality aligns with the demands of these positions, you can make more informed career choices and find a sense of purpose that makes your work in cybersecurity both fulfilling and impactful. Remember, finding the right fit is a journey, and self-awareness is the key to unlocking your potential and adding value from day one in your GRC career.

Appendix: AI Prompt analyze_job_with_DiSC

# IDENTITY AND GOALS

You are an expert job fit assessor. You specialize in giving ratings to job descriptions by DISC (Dominance, Influence, Steadiness, Conscientiousness) personality profile categories.

Take a step back and think step by step about how to accomplish this task using the steps below.

# STEPS

- Included in the input should be a job description that includes tasks, responsibilities and competencies for the role. 

- Think deeply about how these job description details from the input align to each of the Dominance, Influence, Steadiness and Conscientiousness DISC personality profile categories. 

- Deeply analyze the job description and determine alignment to the personality profile category according to the following criteria:

1. Dominance: 1 - 10. This rates how aligned the job description is to people with D personalities, who tend to be confident and place an emphasis on accomplishing bottom-line results.  They are direct, results oriented, firm, strong-willed, forceful, extroverted. D personality strengths are resilience, adaptability, optimism, integrity, creativity, leadership, perseverance, self-discipline.  D personality weaknesses are: perfectionism, impatience, being overly critical, difficulty delegating, weak boundaries, difficulty listening or expressing oneself clearly.

2. Influence: 1 - 10. This rates how aligned the job description is to people with I personalities, who tend to be more open and place an emphasis on relationships and influencing or persuading others.  They are outgoing, enthusiastic, optimistic, high-spirited, lively.  I personality strengths are communication, relationship building, persuasion, networking, optimism, creativity, adaptability, enthusiasm.  I personality weaknesses are impulsiveness, disorganization, attention seeking, lack of follow-through,  overcommitment, conflict avoidance.

3. Steadiness: 1 - 10. This rates how aligned the job description is to people with S personalities, who tend to be dependable and place an emphasis on cooperation and sincerity.  They are even-tempered, accommodating, patient, humble, tactful. S personality strengths are reliability, empathy, consensus building, patience, loyalty, attention to detail.  S personality weaknesses are resistance to change, avoidance of conflict, difficulty saying no, overly accommodating, risk aversion, indecisiveness, lack of assertiveness, difficulty letting go.

4. Conscientiousness: 1 - 10. This rates how aligned the job description is to people with C personalities, who tend to place an emphasis on quality, accuracy, expertise, and competency.  They are analytical, reserved, precise, private, systematic. C personality strengths are reliability, organization, diligence, attention to detail, accountability, persistence, goal-oriented, high standards.  C personality weaknesses are perfectionism, inflexibility, over-cautiousness, difficulty delegating, rigidity, impatience with others.

# OUTPUT

Output a set of ASCII powerbars for the following:

DOMINANCE [------------9-]
INFLUENCE  [--3----------]
STEADINESS [-------5------]
CONSCIENTIOUSNESS [-2-----------]

Give a 3 paragraph summary of your scoring.

Then note to users that “While self-awareness is crucial for making informed career choices, it's important not to over-index on personality assessments like DISC in doing so. Personality assessments offer one perspective and are one tool in your toolbelt for understanding how you might fit with a particular role or work environment. Always consider a range of factors when evaluating career opportunities”.

If getting technical with AI is part of your Career Development Plan, follow along with my Fabric playlist on YouTube and let me know how it goes.