Unlocking the Value of My Cybersecurity Expertise: A Guide for Recruiters, HR Professionals, and Curious Readers

By -

 

Hello, Recruiters, HR Professionals, and Curious Readers,

If you're a recruiter reaching out about a contract role that seems below my pay grade—perhaps a junior analyst gig or short-term gig paying far less than my expertise warrants—let's talk value. And if you're evaluating candidates by just skimming job titles, that's the lazy way to view talent. Titles can be misleading or vary by company; it's the depth of experience, measurable impacts, and certified skills that reveal true capability. 

I'm Erich H. Horst, a seasoned cybersecurity leader with over 20 years of hands-on experience building bulletproof security programs, especially in high-stakes sectors such as healthcare. I've slashed costs (e.g., 18% on cloud spending), reduced risks (e.g., 39% drop in phishing vulnerabilities), and driven compliance that saves companies millions in potential fines. My track record isn't just resume fluff—it's proven ROI that elevates organizations.

For those new to the field who might wonder, "What even is cybersecurity, and why does it matter?" Think of it as digital home security: protecting your online "house" from burglars (hackers) who steal data, money, or disrupt lives. In a world where breaches hit headlines daily, pros like me are the guardians keeping businesses safe. This post breaks down my background in simple terms for everyone while politely explaining to recruiters why I'm suited for senior, strategic roles rather than entry-level contracts. 

If you're offering something lesser, it might be a mismatch because you haven't looked beyond the titles—but I appreciate the outreach. Let's aim higher and explore the full value I bring!

My Educational Foundation: Building Blocks for Expertise

My educational journey began with an Associate's degree, under which I accumulated 15 years of practical experience in IT and operations. This hands-on foundation laid the groundwork for my technical skills, but I was driven to pursue higher education to elevate into leadership roles. I then earned a Bachelor's in Cybersecurity and Information Assurance (B.S., 2021) from Western Governors University, where I honed those skills on the WGU Texas Collegiate Cybersecurity Team. I followed it with a Master's in Business Management and Leadership (M.S., 2023), earning honors in the Sigma Alpha Pi Society.

For the General Reader: The associates' and early experience were like apprenticing in the field—gaining real-world know-how. The bachelor's built on that, teaching how to build and lock a secure digital house, covering basics like spotting threats and securing networks. The master's added leadership training, teaching how to manage teams and align security with business goals, much like running a company while keeping it safe from storms. Continuing my education was key to transitioning from operational roles to strategic leadership.

For Recruiters/HR: This progression—from associate's-level experience to advanced degrees—shows deliberate growth. I'm technically sharp and strategically minded, bridging IT and executive levels. Ideal for CISO or director roles where security drives business growth, not short-term fixes. Looking only at titles misses how this foundation supports high-level contributions.

My Professional Experience: Real-World Wins, Summarized

Over two decades, I've evolved from a technical operator to a strategic leader, delivering tangible results in healthcare and enterprise settings. Here's a high-level overview of my journey and impacts—far beyond what a title alone conveys:

  • vCISO at a Cybersecurity Consulting Firm (Remote, February 2023 – Present): As a virtual Chief Information Security Officer, I've designed security programs using frameworks like NIST, ISO 27001, and HITRUST. This sped up audits by 20%, cut risk scores by 30%, and helped clients secure $750K in investments. I advise executives on threats and translate complex data into actionable strategies.
  • Information Security and Risk Engineer at a Healthcare Organization (Remote, March 2021 – Present): Optimized cloud environments (AWS/GCP), saving 18% on costs while boosting visibility during mergers. Integrated tools to reduce false alarms by 20% and fix vulnerabilities 30% faster. As an expert in platforms such as CrowdStrike and Rapid7, I streamlined threat detection. I also mentored emerging talent, earning 2023 Mentor of the Year with 80% of mentees promoted.
  • Network Security Administrator at a Healthcare Technology Firm (December 2017 – March 2021): Managed round-the-clock operations, shortening incident fixes by 25%. Led certifications like HITRUST and SOC 2, ensuring compliance with HIPAA and NIST—no violations found. Built phishing training that dropped risks by 39%, oversaw 27,000+ devices, and trained teams in proactive defense.
  • Founder and Principal Security Architect at an IT/Security Consulting Firm (October 2007 – December 2017): Launched and grew a firm serving healthcare clients, achieving 99.9% uptime. Designed secure systems (firewalls, intrusion detection), cut incidents by 25%, and handled budgets for 5,700+ devices with cost-smart solutions.
  • Chief of Operations at a National Organization (2004 – 2019): In a non-cyber role, I led operations and planning, sharpening my communication and efficiency skills that now supercharge my security leadership.


Additionally, I'm a published thought leader with 2025 articles on M&A risks, ethical leadership, and security culture (e.g., "Botched Acquisitions: The Hidden Cybersecurity Risks" and "Employees Are Not the Weakest Link"). Check out more insights on my site.

For the General Reader: These roles mean I've fixed real problems—like stopping hackers mid-attack or training people to avoid email scams. It's like being a detective, engineer, and coach rolled into one, protecting companies (and indirectly, everyday folks like you) from digital disasters.

For Recruiters/HR: These achievements demonstrate strategic impact, including cost savings, risk reduction, and team building. I'm built for permanent, high-level positions (e.g., $200K+ salaries) where I deliver long-term value—not 6-month contracts at junior rates. My healthcare focus aligns with regulated industries, and my mentorship boosts retention. Judging by titles alone overlooks these quantifiable wins and the breadth of my contributions.

Breaking Down My Certifications: Badges of Proven Skill

Certifications are like professional seals of approval—earned through tough exams and authentic experience. They're not just acronyms; they validate what I can do, adding layers that titles can't capture.

  • CISSP (Certified Information Systems Security Professional): The "gold standard" from (ISC)², covering strategy, risk, and architecture. Requires 5+ years' experience—proves I design enterprise-wide security.
  • CISM (Certified Information Security Manager): From ISACA, focuses on leading security programs and aligning with business needs. Great for managerial roles.
  • SSCP (Systems Security Certified Practitioner): (ISC)² cert for operational security like incident response and encryption.
  • CompTIA Security+: Foundational knowledge in threats and networks—my starting point, built upon for advanced work.
  • Other CompTIA Certs (Project+, Linux+, Network+, A+): Cover project management, systems, networking, and troubleshooting—broad tech foundation.
  • NSLS Foundations of Leadership: Leadership skills to complement tech expertise.
  • AAISM (Advanced AI Security Management): Completed November 2025, for handling AI-related threats.

I'm affiliated with groups like InfraGard, (ISC)², ISACA, and ISSA, keeping me ahead of trends.

For the General Reader: These are like advanced degrees or licenses (think doctor's certification). They mean I've passed grueling tests on stopping hacks, managing risks, and leading teams—ensuring I can protect against evolving threats like AI-powered attacks.

For Recruiters/HR: These are must-haves for senior roles in compliance-heavy fields. They signal reliability and expertise worth premium compensation—not contract filler. In a false talent-short market, they make me a low-risk, high-reward hire. Skipping past them to focus only on titles is missing key indicators of my value.

The Value I Bring: Why It Matters (and Why Not Low-Grade Offers)

To everyone: My work prevents disasters—saving money, jobs, and privacy. In healthcare, I've ensured patient data stays secure amid rising threats.

To recruiters: If you're pitching contracts below my level (e.g., non-leadership, low-pay gigs), consider this: My skills deliver 18-39% improvements in efficiency and risk. I'm for strategic partnerships, not quick fixes. Evaluating candidates solely by titles is the lazy approach—it overlooks the full spectrum of skills, achievements, and potential impact. Let's discuss roles matching my caliber—CISO, director, or similar.

It's worth noting that my journey started from the ground up. I've held positions as a helpdesk technician, desktop support specialist, senior server administrator, network administrator, architect, engineer, business owner, and freelancer. In other words, I've done the work, paid my dues, and now it's time to lead these important professionals effectively in pursuit of securing businesses.

If this resonates, reach out for a chat. I'm open to opportunities that value what I bring! What are your thoughts on cybersecurity careers? Feel free to comment below or connect with me.

Best,

Erich H. Horst

Cybersecurity Leader | CISSP, CISM, SSCP

 LinkedIn | cisointelligence.com | X









Location: Houston, TX, USA

Comments

Post a Comment