Growing up in the rural town of Three Lakes, Wis., Ken Conquest learned early on how important customer service could be. Success for his family’s lakeside summer resort depended upon satisfied customers. Poor service or an unfriendly attitude would have meant a serious loss of income. Today, he applies this knowledge as sole proprietor of TechroDyne LLC, an information security consulting firm he started in 1998.
Conquest said he knew early on that to realize his dream of moving from his country hometown to the “glamorous” city, he would have to be smart and work hard. His initial plan — to become a fighter pilot with the hopes of one day segueing into being an astronaut — was scrapped when he learned fighter pilots couldn’t wear eyeglasses, which he does.
However, during this time he read a story in National Geographic about how a laser system developed for NASA was being adapted to measure patients’ eyes and send information to a computer, and he became fascinated by technology. He soon vowed that, “If I can’t go to the moon, I’m going to do this technology stuff.”
A summer camp run by Michigan Technological University when he was in eighth grade “strongly influenced my college selection” and cemented his future aspirations, he said. In 1986, Conquest graduated from Michigan Tech with a bachelor’s degree in electrical engineering, concentrating on computer engineering, systems and controls.
From there, Conquest worked as an entry-level IT security professional, holding down jobs at big corporations such as Allstate Insurance, Lincoln Financial Group and Career Education Corp. Along the way, he wore many other hats, including that of software engineer, systems engineer and technical team leader. He said aspiring self-employed consultants should follow his lead.
“I recommend a staff position at first, a junior technician role [and] then a regular technician’s position,” he said. “An ideal candidate would have a customer-service background. This blends the challenges of consulting with the comfort and security of a staff job.”
Nontechnical skills are also necessary to succeed in this field, said Conquest.
“This is the bulk of my job: conversation skills, listening, politely staying on topic,” he said. “Be clear, ask questions to clarify what you think you heard, manage expectations: underpromise and overdeliver. Realize that today’s success of delivery was what the client asked for, what was wanted, what was needed — but tomorrow’s success is making sure they are happy with what they got and how they got it.”
For a self-employed consultant, the actual services rendered can vary as widely as the kind of clients seen.
“There are billable hours and then there are business hours,” Conquest explained. “Billable hours are about just rendering the service. The actual service rendered can range from very technical support and related things, [to] sitting down with clients to understand their pain, problems, options, what to do to mitigate risk or other similar steps.”
Here, again, good listening and questioning skills are paramount.
“Let’s take determining vulnerable corporate assets, for example,” Conquest said. “One client’s most important asset was his company’s Internet connection. How do you learn that? By talking to the chief technology officer? Absolutely not. You learn it by talking to the business owner.”
Then, he and the client can focus on protecting what the largest risks are to the company. “If you have business systems supported by IT, that’s where I come in,” he explained. “Now that the IT system is generating income [for] the company, you run the risk of having the information damaged or stolen. I sit down and say, ‘Let’s create and run through a list of things that can happen to company assets.’ For example, does the client have a data center located below sea level in New Orleans?”
Conquest said a typical workday is anything but typical. Generally, he spends about 30 percent of his time scanning online job boards, 50 percent networking with both known colleagues and new contacts, and the remaining 20 percent preparing documents related to ongoing jobs and clients.
As for the best academic path to getting a good job in information technology, Conquest said it starts as early as high school.
“Ideally, education for this begins in high school: math, science, engineering, technology, for sure, but also business, marketing, accounting,” he said. “[And] let’s not forget the social sciences: society, current events, world cultures.”
Further, since 2005, colleges have evolved computer science curricula to include — if not yet allow specializations in — IT security, which is now a major component of the ideal education, Conquest said.
“Of course, there are now ‘flavors’ of this curricula, from law enforcement to technical development, business administration, MIS [management information systems], etc.,” he said.
However, Conquest added that his academic background — while fundamental to his learning, development of discipline and ability to perform self-assessment — did not ultimately prepare him for his career. A college degree and a variety of certifications are necessary third-party validations of a consultant’s skills in the eyes of potential clients, he said.
Conquest is accredited by ISACA as a Certified Information Systems Auditor (CISA); by (ISC)2 as a Certified Information Systems Security Professional (CISSP) and as a Certified Cisco Network Associate (CCNA).
“Certifications in general are for validation, both for folks who do know the profession and for those who don’t,” Conquest said. “In today’s market, it demonstrates expertise. And if the certification is new, then it implies recent third-party validation. If the certification is older, it implies an ongoing commitment to the profession, since continuing professional education is audited.
“In my case, the CISA is a certification granted by a revered organization in my industry to standardize IT auditors,” he continued. “This comes with passing a test. You have people who are validating the validators. I have a certain number of years providing this service to clients. CISA validates this. They say that I know the material and have rendered the service for a number of years. And to maintain this certification I must perform certain education work and have it verified by third-party people.”
Right now, job prospects for self-employed consultants are looking up. Earlier in the year, “no one [was] willing to pay for my services,” Conquest said, but the need for his expertise is growing. Part of this increased demand is due to high unemployment rates — which often are accompanied by higher crime rates and lead to companies being more vulnerable — and part is due to President Obama’s new regulatory agenda being codified into policy, Conquest said.
Drafting company policies to meet new federal requirements will mean organizations will have to analyze the new implications, assess what compliance steps are needed, document those steps and safeguard everything along the way.
“I help them comply with the law and document decisions when they’re made,” Conquest said.
Other industry sectors that likely will need consultant services include health care, pharmaceuticals, law and insurance.
“We’re seeing the rise in work accelerate,” Conquest said. “Companies have already made up their minds to look for someone like me. Market opportunities will soon be far greater than I and my competitors will be able to handle.”
Ken Sternberg is a Massachusetts-based freelancer writer who has covered wine, food, alternative fuels, technology, corporate emergency planning and many other topics for business and consumer publications. He can be reached at editor (at) certmag (dot) com.