Constantly studying malware trends and applying in-depth understanding in implementing and actually using tools such as; vulnerability scanners, IDS, IPS, PVS, log correlation engines, SIEM monitoring consoles and devices, along with the ability to use open source tools (some of the best ones on the market can, at least, be tried at no cost) such as Metasploit, john the ripper, aircrack, and other tools that meet specific needs, while understanding that the outcome needs to be to help the organization without hindering business objectives ( don't be the "NO" guy, they are going to do it anyway so help them do it safely the first time).