Skull and Cross Bones

I just read Liz Ryan’s article “The Worst Thing A Job-Seeker Can Do” on Linkedin. The title would lead you to believe that the Job Seeker might be going about things the wrong way. Looks can be deceiving.

Read the article. It is spot on. Then go back to your cubical and engage in self loathing / depression that cubical life leads to.

Wow.

That was negative.

Yes it was.

But it was also true (And you know it).

I could sit here, a keyboard commando typing away, complaining about all that is completely fubar’ed in the many loathsome soul crushing corporate environments. But then what is the point. We all know that in many many corporate IT environments, the management is like a bad episode of Dilbert. There are the occasional director/manager/VP/etc that shine like stars in the empty light polluted sky. But IT management is typically not IT personnel, have little people skills and come from the University of CYA style of management.
It begs the question, why don’t senior IT personnel go into management within these plague ridden diaspora hostels? It is my opinion that when you take time to consider what you will be required to do, when you are told to set aside your values / ethics / good judgement / common sense, it is just easier to stay doing what you know you are good at. Keep your head down and hope the wastrels don’t notice.

I have a friend from a previous employment stint that does exactly that. He keeps his head down, performs excellent work while onsite, when he is sick at home, when he is on vacation and even during the loss of a family member. He is even tempered, slow to pass judgement and liked by all that he works with. He would make a great manager.

When a management position became open, he wasn’t even considered.

Life is too short to work for these “ne’er-do-wells”.

Liz has it right. Don’t be a sheeple (although she said Sheepie). Be a person. Find a place to work where you like what you do and who you do it with. Where your contributions are seen and praised. Where it is not just a job to endure, but a place you are excited to get up in the morning and work at.

Making a great salary is good. It does make the misery of a particular work place slide down your throat a little easier. But after a number of years, even money doesn’t make it better. So take Liz Ryan’s advice and go where you really want to be before everything begins to sound like burnout.

Freedom.

</sarcasm>

(also posted on Linkedin)

Diaspora Part 1

  

We walk alone in our want…

As security practitioners, we often find ourselves alone in seeking to protect the organization that hired us for that purpose. At cross purposes with our masters, we are often told to make do with less, accomplish more and not talk about the problems we see, lest we get taken to task for our failings. It doesn’t look promising from my view.

I have observed many organizations with a weak security posture. This isn’t because they are bad people, it is just not considered to be important enough within the organization to spend capital dollars on.

Much corporate infrastructure grows in an organic way, rather than as a master plan. Technologies are purchased, configured and installed, but then forgotten until there is a problem.

Compliance checkboxes have been completed. Audit and compliance folks are happy. Never mind the fact that the organization has HIPAA / PCI / NPPI / etc data exfiltrating. Not that they would be able to detect the data loss even if they noticed, due to not having the infrastructure in place to detect the loss and the failure of the IT management to have authorized the DLP (data loss protection) solution to stop data exfiltration.

All is good.

Remember when the Jcaho Accreditation team comes in for an audit, don’t call any P1 outages. Hide that computer that normally sitting in the OR and please do not let them talk to anyone in the InfoSec group…