The single most impressive document for and about the UK private security industry sadly came out on the eve of the first covid lockdown in spring 2020 – but would it have been taken up as much as it ought, even without the pandemic? Mark Rowe asks, who now suggests that for all the excellence of the Government Security Profession’s career framework, something else is required.
The career framework document runs to 350 pages, and is such a colossal piece of work, published alongside it is a 17-page document as a ‘user guide’. Each covers careers pathways, role mapping, careers profiles, learning and development, personal development, and roles and skills. So full is the 350-page document, it’s worth touching on each thing, to show how each matters and how they affect each other towards the goal of security management becoming a profession.
Careers pathways – if security management is to gain in respect, and departmental budget and staff salaries, to become more on a par with the likes of medicine, engineering, accountancy and so on, ‘pathways’ need mapping, so that someone can see how it’s done, to commit with confidence to security as a career rather than something fallen into (as so often heard among security people). Hence role mapping – so that job applicants don’t waste their time and recruiters’ and interviewers’ time by going for jobs they’re suited for and like the sound of.
Careers profiles – dotted through the 350 pages are short pen-portraits of Gov-security people whether in cyber, personnel or physical security. This may serve to inspire women and minorities who see what’s possible, to bring about a more diverse security workforce; in narrow civil service terms, the portraits and mapping generally show how someone can swerve into and out of security as any other function, gathering skills and experience.
It begs wider questions – how to map Gov-security against someone who’s served for x years in the police or military, and looking to move on; if someone wants to commit to private security as a career, and at least while fairly free of family or other commitments, is ready to dot from job to job to learn, what’s the pros and cons of going into an airport or retail loss prevention, NHS hospital or university campus? Should so many moves even be regarded as a good thing, and even if so, will recruiters smile on it?
And all those assume security management of the physical world, whereas corporate and other chief security officer (CSO) roles may require that cyber and physical security specialisms report into you. If you have ambitions to be a CSO, what balance (if any) ought you to seek between cyber and physical security roles? The UK cyber world is making its own strides towards professionalism and arguably is making a better job of it, partly with UK Government backing because of the official ambition of making the UK the safest place to live and work online. Hence a UK Cyber Security Council, and in 2018 a Chartered Institute of Information Security; and imminent is the launch of a Chartership route for Risk Management and Security Architecture specialisms. How will such a cyber chartered status compare with the CSyP (Chartered Security Professional), run by the Worshipful Company of Security Professionals?
It seems that a relative handful of industry well-wishers, often volunteers, are forever trying to keep up with the fast-evolving changes to the working world, and to training and college and university courses (as are police and the military having their own work to do, to try to give qualifications to investigation, close protection or other skills that will have meaning to civilian employers – bearing in mind that, to quote from the career framework, ’70 per cent of development is learning through experience, 20pc is learning through others and 10pc is learning through structured education’). That document, to repeat, remains a considerable achievement and useful for any security person to use, for example to judge the merits of having one of the four skills levels (awareness, working, practitioner and expert) in any discipline. (As one comparison, see the Nationwide Building Society’s career planning and development tool, on the Nationwide website.)
One security person suggested to me there’s an ‘inverse pyramid’; that we first expect a security specialist, and then as they get more senior, they have to learn more and more, about everything. This person pointed out the important difference between a practitioner (a security guard, SIA badged or not; or an installer of intruder alarms) and a security professional (someone who carries out continuous professional development, for example). A professional – a lawyer, doctor – has a foundation, typically a degree. The security management profession has options – usually at master’s level – but private security lacks the assumption that you either enter after 21 holding a first degree in security, or rather don’t start practising as a security manager until you’ve got such a foundation degree. That degree would have some physical security, some cyber, and maybe some business continuity.
A security manager would then mirror a doctor who takes GCSEs and A levels at school, takes a medical degree at university, and then registers with the General Medical Council and specialises further (as one of the various types of surgeon, for example). In fact learning ought never to stop. Having the foundation works both ways – the holder of that degree has the basics, and those hiring him can be assured of those basics. Over the 30 years or so that the security manager will have to go, AI or other tech will change his work in ways that don’t exist yet and create new threats.
So much for the how to get on; what of the question: why?
