Are Security Careers Real?

IRJ

@scottalanmiller said in Are Security Careers Real?:

@JaredBusch said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@VoIP_n00b said in Are Security Careers Real?:

I friend of mine just made the transition to security. He said his pay doubled.

What did he transition from?

And WTF is security?

Right? Everyone says it, but what exactly is that job?

Its a cross between IT and compliance. There are different security roles, but they all fall in between those two sides. Some closer to IT, some in the middle, and some that are almost strictly compliance.

scottalanmiller

@IRJ said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@JaredBusch said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@VoIP_n00b said in Are Security Careers Real?:

I friend of mine just made the transition to security. He said his pay doubled.

What did he transition from?

And WTF is security?

Right? Everyone says it, but what exactly is that job?

Its a cross between IT and compliance. There are different security roles, but they all fall in between those two sides. Some closer to IT, some in the middle, and some that are almost strictly compliance.

The biggest problem is that often they are just called "security" and can mean almost anything.

Likewise, the IT jobs are often just labeled "administration" or something and equally mean almost anything.

IRJ

@scottalanmiller said in Are Security Careers Real?:

@IRJ said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@JaredBusch said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@VoIP_n00b said in Are Security Careers Real?:

I friend of mine just made the transition to security. He said his pay doubled.

What did he transition from?

And WTF is security?

Right? Everyone says it, but what exactly is that job?

Its a cross between IT and compliance. There are different security roles, but they all fall in between those two sides. Some closer to IT, some in the middle, and some that are almost strictly compliance.

The biggest problem is that often they are just called "security" and can mean almost anything.

Likewise, the IT jobs are often just labeled "administration" or something and equally mean almost anything.

Yeah so like with anything else specialization makes more... Cloud Security for example pays about 30% higher than standard Security roles.

Architecture roles tend to pay a bit more since you are building security architecture and consulting security practices to other teams.

VoIP_n00b

When I cook spaghetti, I like to boil it a few minutes past al dente so the noodles are super slippery.

thecreaitvone91

@scottalanmiller said in Are Security Careers Real?:

@IRJ said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@JaredBusch said in Are Security Careers Real?:

@scottalanmiller said in Are Security Careers Real?:

@VoIP_n00b said in Are Security Careers Real?:

I friend of mine just made the transition to security. He said his pay doubled.

What did he transition from?

And WTF is security?

Right? Everyone says it, but what exactly is that job?

Its a cross between IT and compliance. There are different security roles, but they all fall in between those two sides. Some closer to IT, some in the middle, and some that are almost strictly compliance.

The biggest problem is that often they are just called "security" and can mean almost anything.

Likewise, the IT jobs are often just labeled "administration" or something and equally mean almost anything.

Here (a Fortune 100) the IT Security Department is a joke, It's all CYA stuff to limit liability to the company, nothing of real substance is done there, the normal IT department does more security than they do, a Chief Security Officer was hired a few years back, and I might add under the CFO, not the CIO. And they brought a few entry-level helpdesk guys from IT over with him to help the security team. No real experts. The CSO just copy/Pastes NIST documents. The guys on the team just pull emails out and stop a spread after a phishing attack or disables accounts that were compromised etc. Not real security work, it's just to limit legal liability is all.