Question

Locked

career move into it security

By auxperc68 ·
I'm currently a network administrator who has been stuck in a rut. After a year and a half of this I decided to go on the job hunt. To make a long story short I got an offer to be a security engineer. This is a totally differnt skill set for me. I've read this is a popular and much sought after skill set. My question is, is it a wise move to go from my current position to this new opportunity in security given that this is almost a lateral move pay wise and the fact that we may be/are heading for a recession. The only saving grace is that this job is in the healthcare industry.

Also, even though I have verbally accepted, I am waiting till I have the formal offer in writing before I tender my resignation. Is this a standard practice and/or a good common sense move? I don't want to be stuck without a job.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

18 months is NOT "stuck in a rut", believe me ...

by OldER Mycroft In reply to career move into it secur ...

When I won a dream post as sole Print Buyer for a UK Govt. Ministry (in 1981), with a purchasing budget in excess of ?6.5M per annum, I was on probation for TWO years. Only after six years in the job, did I feel the rut was beginning to deepen and took probitive action accordingly.

Without more detailed knowledge of your education, training and career to date, given that your TR profile is empty, it is difficult to be more diagnostic.

The old adage of the grass always being greener tends to hold more water in the work analogy than anywhere else, due to the inherent hope of the individual to better their place of work, their standing in the work community, their enriched salary and personal benefits from such a move. You could also be jumping from the frying pan straight out of a good job into the fires of a tenuous one.

Do nothing until you have a formal offer of employment together with a detailed job description. You should take a few days to read and re-read this at your leisure. I used to read job descriptions on my favourite seat - the lavatory. Much of your best thinking can be done there.

Given the possibility of an impending downturn in the global IT market, if a company is seeking to make cut-backs on employee costs, it is usually carried out on the basis of 'last in, first out'.The recession might bite before you have had the chance to establish your 'worth' to this new company.


<Typo>

Collapse -

Misrepresented myself

by auxperc68 In reply to 18 months is NOT [i]"stuc ...

I've actually been in the industry for 7 years before this position came up.

This position promised that I would learn and pick up new skill sets. So far that has not happened and on top of that the skillsets I do have are being outsourced to microsoft.

I don't know how healthcare is in the UK but in the US it is more recession proof than the transportation business that I'm in now.

Thanks for the opinion though.

Collapse -

But you won't be in the Healthcare industry ...

by OldER Mycroft In reply to Misrepresented myself

Just as, at present you ain't in the transportation business either.

You're not in either of them because you have zero knowledge of either of these industries.

Your knowledge is the IT industry - it's only a question of which business it's applied to.

No matter which 'industry' you think you'll be part of - if THAT employer has cashflow problems, they can cut the IT staff and still retain their intrinsic production staff levels, of which you are not a part.

Collapse -

Multiples of moves at the 18 month period can destroy ...

by OldER Mycroft In reply to Misrepresented myself

Your reputation.

Word will get round - Don't hire that guy, don't touch him because as soon as you start to see a return for your investment, he'll be off!

Length of service with an employer can be just as important as the level of your experience.

A history of repeated moves will eventually do you no good at all. Quite the reverse.


<Typo>

Collapse -

Do they know you're not the most experienced candidate?

by Nonapeptide In reply to career move into it secur ...

And if so, do they have a training budget that you can make substantial use of?

Exactly what kind of security are we talking about here? General all around security? Protocol analyzing, swicthes and routers, pen testing, VOIP sec, etc..

InfoSec is a side interest of mine and I may be able to toss some links your way depending on what you're interested in.

How well do you know linux? Can you read code competantly? Do you enjoy sleep? Human companionship?*


*Answer Key: 1. I dream in shell commands 2. C was my first language. English was my second. 3. Not really. 4. Huh?!

Collapse -

Please re read my post

by auxperc68 In reply to Do they know you're not t ...

Of course they know since they interviewed me. I will be dealing with things like sox and pci compliance. I will be configuring routers to a certain degree and documenting processes for access with AD as well as being responsible for patching antivirus etc.

I have 7 years experience in IT on top of the 18 months at my current position. I've run the gambit of skill sets AD exchange layer 3 switching etc.

Collapse -

Methinks I didn't express myself clearly

by Nonapeptide In reply to Please re read my post

Upon looking back at my original post, I realize that it sounded like I was implying that maybe you weren't honest in your representation of yourself to the potential employer. That's not what I meant. When you said "This is a totally differnt [sic] skill set for me." It seemed to me that you had virtually no specialized experience in security... and yet the job you were applying for was a security engineer. As such, It seemed to me that it would be odd that a person with admittedly no security experience would be considered for an architect's position. That's why I wondered if your employer might not have fully understood you.

Of course they know since they interviewed me.

My point is that just because they interviewed you, doesn't mean they know. The interviewer could have been clueless about what to ask you or how to assess you. That's why I was asking... to try and get some more information surrounding the situation.

I have 7 years experience in IT on top of the 18 months at my current position. I've run the gambit of skill sets AD exchange layer 3 switching etc.

That's a great foundation to go on! But being a good security architect is much more than just "knowing how to make things secure". You need to know the deep, dark guts of each system you secure. Inhaling the code of the TCP/IP stack and exhaling little 1's and 0's. Knowing the security model used in the OSs that your environment has. Understanding protocols such as Kerberos and IPSec. And of course, Anton Chuvakin's favorite thing, a love for reading log files! (See: http://chuvakin.blogspot.com/ ) But you must grok the innermost bits of a process to be able to discern the information held within a log file.

Thus my question about training. Milk 'em for as many classes and seminars and books and courses as you can. It'll help you and them in the short and long runs.

Back to IT Employment Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums