A friend/coworker and I were on a team that was trying to win over a huge customer. Our team was presenting all the found problems to the client's senior management executives that day. Our leader was the main speaker; my friend and I were on hand in case some technical questions arose that the team leader couldn't answer.

Early on, the meeting turned hostile, and our team leader appeared unprepared for all the executive's questioning and pushback. My friend, on the other hand, was able to field the questions with aplomb. Soon, he was receiving all of the positive attention from the customer's senior management team as they peppered him with questions on various subjects and problems for the next few hours. By the end of the day, it was pretty clear who the team leader really was. Everyone was happy -- except for the original team leader.

[ Before you become an IT admin, you gotta get your foot in the door. Roger offers advice on how not blow your next IT security job interviewfree weekly Security newsletter to stay informed of the latest threats and fixes. ]

It got me thinking about how my coworker had been so successful in the meeting. How did he emerge as the natural leader? It came down to two key traits that he had that the others did not: He was strategic thinker and a problem solver. Developing and demonstrating these traits can be invaluable for advancing the career of an IT security admin -- or any IT career, for that matter.

1. Think strategically
One way to be seen as a superior computer security worker is to fix procedurally but think strategically. Whenever you find a security problem (such as an overly open firewall, a weak password, an old anti-virus database definition, and so on), fix the problem, but think about the policies and procedures that allowed the problem to surface. Take every finding from its point cause and apply those results to devise a strategic fix. By recognizing the root cause, you'll endear yourself to management and technical folks alike.

An easy example: You find service accounts with short passwords that are never changed. Obviously, the fix is to change the passwords to something longer and to enable password expirations. But the best security workers immediately recognize that weak passwords come about only because of a weak or inconsistently followed password policy. Fix the immediate problem, then work to help resolve the strategic issue. In this case, we are talking more about tactics, but the idea is to move past just fixing the immediate issue. We all know how to prevent malicious hacking and malware, but doing that across bunches of computers is the more difficult problem. That takes policy.