One In Two Security Pros Unhappy In Their Jobs

Well? Are you?

You’d think most professionals in a hot industry like IT security would
feel content and challenged technically and creatively in their jobs —
but not so much. According to the results of a new survey that will go
public next week at Defcon in Las Vegas, half of security pros aren’t
satisfied with their current jobs, and 57 percent say their jobs are
neither challenging nor fully tapping their skills.

Like most reports on survey, this is journalism at it worse.
“Security Professionals” is a very broad term that encompasses everything (or is that ‘everyone’ – grammarians please advise) from sysadmins that apply security patches and manage user IDs to people like Bill Murray and Bruce Schneier.  (Ad of course myself.)

The survey, conducted by renowned career coaches Lee Kushner, CEO of
security recruiting and career coaching firm L.J. Kushner & Associates,
and Mike Murray, a security expert, was aimed at taking the pulse of the
security profession in hopes of making it more career-oriented than it
is today.

Well, there’s one bias.
But “more career oriented”? Like what? Programming? Working in a bank? Working for the city?

Perhaps some here could tell how what they do isn’t a career?

Kushner and Murray say they were surprised by security’s high number of
unhappy campers — 52 percent of the around 900 security pros who
participated in the survey are less than satisfied with their current

OK, two points that show how ridiculous this is.
Only 900 people participated. No doubt they were self selected.
We have no indication of their ‘roles in the profession’. With such a small sample size, I can’t see how this is meaningful. Where are the ‘error bars’? Where are the ‘level of confidence’ figures?

Secondly we have terminological inexactitude.
There’s a shift here from being dissatisfied with one’s career to being dissatisfied with one’s job. Those are two very different things. Since we don’t know their roles, since we don’t know their expectation, this is just fluff. It could equally well be a poorly worded questionnaire.

All in all, IT security pros appear to be “unchallenged” today, he says.
Some of that, however, may be in the way they approach their jobs,
Kushner and Murray say. Only 17 percent of the respondents have written
career plans, which the pair both preach as a key strategy in getting
ahead and finding job satisfaction. “That’s a glaring number…83
percent have not even gone through that type of exercise,” Kushner says.

This really makes me wonder about the survey. Most people I know of, even those without a job in hi-tech, without a degree, tell me that they find their job ‘unchallenging’ after a few years. Of course: it starts as a challenge and you face and overcome the challenge. Its called “growth”. This surprises no-one – except journalists and marketeers.

And in hi-tech, and in the boom and bust cycles we’ve seen over the last five decades, how  meaningful would a plan be? In my own case, none of the jobs I have had over the last 30+ years were things that a school or university “career counsellor” could have imagined would exist.

However in all this fluff is one sensible statement:

The theme of dissatisfaction may be, in part, because they don’t know
how to communicate or demonstrate their underutilized skills to “show
their value
,” he says.

However that promptly gets ruined by going off track with:

“It’s going to be more important for security professionals to dig into
their own pockets to build in their careers and invest in themselves
more so than counting on their employer [to do so],” he says. For
instance, that may mean fronting a trip to Black Hat or another
conference when the company won’t send them.

Of course a recruiter would say something like that. He views technical skills as being the most marketable. There are plenty of security professionals with skills that are not represented at BlackHat.

Perhaps since he took the survey at BlackHat we can blame that for the bias in his results.

What do you think?

Reblog this post [with Zemanta]

About the author

Security Evangelist

Leave a Reply