Lesley Carhart Jun 16, 2024

Two controversial pieces of cybersecurity career advice I give to a lot of people I talk to on mentorship calls:

1) Don't become a manager unless you genuinely want to be a servant leader and devote yourself to people and program management for the joy and fulfillment of it.

2) Don't become a red teamer unless you genuinely in your heart of hearts want to be a red teamer, you understand what the role entails (even the boring parts), and you are willing to very deeply commit extra time and effort. They're generally much more competitive roles.

Show threadhttp 
@hacks4pancakes I don't fully agree.
For 1), I think that would be ideal. But if you really want to progress in career, management is the only way. And there are many incompetent ones. If they can make it, you can too. But yes, better follow your heart and do what you like. I did the same and ignored career path.
For 2), I think no time outside work time can be expected. Probably depends a lot on your country and company culture. Also certs should be paid by employer, unless it's more for yourself and your career instead of a requirement for your current work.
Jun 16, 2024 at 10:14pmWeb