Blue Cat Defends!

I had a conversation with my boss yesterday and I was mentioning that after taking Project Management I'm glad to understand it better, but also glad to realize I will always want to be on the "doing" side of tech, not the "managing" side.

He told me that as VP of IT he desperately misses actually doing the tech work and does next to none these days.

I always saw my goals as leading toward being a CISO someday, but now I'm not sure I want that... CISOs of Mastodon, what are your thoughts? Do you get to do any technical work or is it mostly management? Do you like where you landed? Is being a CISO fun?

#informationsecurity #informationtechnology #cybersecurity #cybersecurityprofessional #CISO

Apr 25, 2023 at 2:04amWeb
Show threadBlue Cat Defends!Apr 25, 2023
As an aside... I recognize that any job is not ALWAYS fun. But for the most part, my job as a cybersecurity analyst was a lot of fun and I enjoyed going to work most days. I felt the same as a Sysadmin for the most part. So, when I say "is it fun" I'm talking like... 70/30 is it "mostly" fun.
Show threadJoe Hall Apr 25, 2023
@bluecat I've never taken a management role for this same reason.
Show threadBlue Cat Defends!Apr 25, 2023
@joe Making decent pay is important too, obviously - but my overall happiness is rarely related to how much money I'm making, and tons of non-management IT jobs make decent pay. I'd settle for less pay if I really loved the job any day, but I also know I have some privilege to say that since jobs in tech often pay pretty well on the whole (at least the jobs I'm suited for). So we have the luxury of not taking management roles and still doing quite well, I think.
Show threadJoe Hall Apr 25, 2023
@bluecat yeah exactly. It also depends on where you are at and the labor demand there. I have had jobs as a "doer" at some companies and made as much $, if not more, than management at the same co or others.
Show threadJay Thoden van Velzen β˜οΈβ€‹πŸ›‘οΈβ€‹Apr 25, 2023

@bluecat one of the hardest things i try to mentor on is that the more senior you get, the less tech you do

It already starts with being 'senior', and be expected to coach devs/devops engineers, rather than do the work yourself all the time

once you become manager or further up, at least in large corporations, the tech is just what you talk about, and it's mostly meetings, planning, convincing, facilitating, strategizing. begging ....πŸ˜…β€‹

Show threadseb - buttons are toys!Apr 25, 2023
@bluecat I like some of the CISO responsibilities, like thinking and talking about risk from a business perspective.
As a CISO you work a lot on relationships with other leaders and their teams. So if you like that, you will have fun.
Also translating technical mambo jambo into normal English has been part of my job for many years now (that starts even before you become the head of cyber).
And when I have an urge to do something technical, I login to the Crowdstrike console and try to understand all the things in there 
Show threadBlue Cat Defends!Apr 25, 2023
@seb every quarter I would have to present our risk remediations/mitigations/acceptance to our c-suite and I enjoyed taking highly technical concepts and phrasing them in a way that non-technical staff could understand. Threat and risk management is my favorite.
Show threadcinja ♾️Apr 25, 2023

@bluecat @seb as someone who fills multiple C suite tech rolls, in a really small company (ie, titles don't mean much), where I have to come up with AND implement policy...

Ansible > Excel ...