+ Reply to Thread
Results 1 to 7 of 7
  1. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    5
    #1

    Default Cyber Security Jobs - What is it really like?

    Hello all. I have an offshoot question for the peeps currently in the Cyber Security field. I am getting ready to start my own journey into this industry and have an odd question. What is the work/life balance in Cyber positions? I know this is a very broad question and depends on a lot of factors, but in your experience working or job hunting, how would you say the work-time off work ratio is? I mainly ask because I see tons of Cyber jobs posted for graveyard positions (24/7 SOC positions). To me, this seems like it would make this profession difficult on those with family or other life commitments. Now, I have also seen many positions that require nothing of the sort. In your experience, would you guess that more job postings say "you work graveyard" or do more postings say "normal hours". Before anyone starts preaching about finding a different career path or whatever, please know that I ask simply because I do not know logistically what to expect out of these positions once I am qualified to even apply. A little background on me: I am getting ready to start the BSCIA program at WGU. I currently work in the IT field as a Systems Analyst and will have plenty of job experience coupled with a degree and certifications once I graduate. I guess I am just wondering what I COULD expect after graduation in terms of the types of jobs and what those are like. Any feedback is greatly appreciated! Cheers.
    Reply With Quote Quote  

  2. SS
  3. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,690
    Blog Entries
    50

    Certifications
    CISSP, SSCP, CEH (revoked), GSEC, EnCE, CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #2
    3rd-shift (graveyard) people need their days or afternoons free for several reasons (e.g., school, childcare, better fit with spouse's hours, etc.). Sometimes it's the conditions of the off-hours that is attractive (e.g., less traffic on the roads, less of a workload allowing for school/cert studies, etc.). A quite graveyard shift can be a real aide to people in school or working on a second career--especially if you can work from home.

    A big problem with 3rd-shift work is that you may miss opportunities for advancement within the organization. Being on 3rd means that you do not participate in projects, important meetings, training, and significant efforts that can get you and your work-product recognized by the company at large. You will need to make greater efforts to advance yourself within the organization than your 1st-shift teammates because you will be at home asleep when the chance to forge camaraderie and exchange important information is presented during the day. An exception to this may be if you are working remotely with a team in another timezone (e.g. US<->India) and your 3rd-shift is their 1st-shift.

    For anyone working 3rd-shift, my advice is try to participate in weekly, daytime team meetings and all training events. Make sure all of your teammates and managers know who you are any why you are valuable to the team. Be clear if your desire is to one day move to a different shift or stay on graveyard for the foreseeable future. Don't expect to be handed opportunities --you will need to go get them yourself.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    May 2013
    Posts
    1,445

    Certifications
    CISSP, CISA, GWAPT, GSEC
    #3
    There are tons of different roles and shifts for those roles. SOC roles are the only jobs generally that will be shift work...and not all SOCs run 24/7. Infrastructure roles like network security could have oncall requirements or maintenance window duties, incident response jobs can have oncall, pentesting might do off hours testing...compliance jobs are basically always normal hours and are the most flexible but probably the most boring. As you can see it varies by the role and the company.
    Reply With Quote Quote  

  5. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,963

    Certifications
    BS-CST MLS CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #4
    I loved night shift! Haven't done it since 2012, but being able to work four 10 hour shifts with a three day weekend every weekend was amazing. I'm single and no kids so I guess that makes it a bit easier. All that said, it provided a nice amount of down time and some challenging work. My night work wasn't security related, but I would get some complex projects that needed to take place during downtime at the various companies we supported. I will point out that I started on day shift and that definitely helped to engrain me in the culture and learn about the customer. As JD pointed out, you should definitely try to attend any meetings. For me, I made an agreement to come to the monthly meeting and it only required that I stay about two hours past my end of shift. Typically when my relief came in I'd go get some breakfast and then shoot the breeze till the meeting began.

    In regards to security, it's a interesting field and really not too different than normal IT. We have fires just like IT does, but I found that in security I was typically meeting with management a lot more than in IT (especially given the level of my position). It wasn't unusual for me to be addressing the Director of my agency, the head of another agency, someone from law enforcement and the head of an organization that we regulated. I was on call 24/7, but typically I was in the normal 9 to 5 Monday thru Friday schedule.

    Don't overthink what security is, somedays are long and others are short. Somedays you come in and don't stop, others you are just reviewing logs and going to some meetings. Just make sure you keep up with the newest trends as that is something I didn't find was needed as much in the straight IT roles I had. Not saying I didn't keep up with the trends in IT, but sometimes a company makes a choice and needing to know the latest and greatest isn't high on the list (at least initially).
    WIP:
    Python
    Kotlin
    Reply With Quote Quote  

  6. Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    5
    #5
    Would you say the split is pretty even in the current job market between jobs that require graveyard shifts and those that do not? I guess this would only apply to SOC positions.
    Reply With Quote Quote  

  7. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Ontario, NY
    Posts
    1,610

    Certifications
    A+, Network +, Sanity+ (Revoked), GSEC, GCIH, GREM
    #6
    Quote Originally Posted by digitalcreepshow View Post
    I mainly ask because I see tons of Cyber jobs posted for graveyard positions (24/7 SOC positions).
    These positions are the equivalent to Help desk / IT call center in the Cyber Security world. While they do pay considerably more, when your not interfacing with management on a daily bases, often when promotions come up your passed over because who the hell is this guy from Grave shift anyway?
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  8. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,690
    Blog Entries
    50

    Certifications
    CISSP, SSCP, CEH (revoked), GSEC, EnCE, CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #7
    Quote Originally Posted by TechGromit View Post
    ... often when promotions come up your passed over because who the hell is this guy from Grave shift anyway?
    That's why the 3rd-shift people have to work harder to get noticed. Rarely will opportunity for advancement be handed to them.

    And yes, Tier-1 is basically a security service desk job--especially when working for an MSSP.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks