Security Basics mailing list archives
RE: General question
From: "Craig Wright" <cwright () bdosyd com au>
Date: Sat, 24 Feb 2007 06:34:34 +1100
We live in a market economy. Pure economic reality. If you are not happy with your job and want more money, than the issue is a simple one. See what the market rate is. (In simple terms get a new job). In some places you get paid more. The demand is higher. Security is not paid for the level of knowledge in contradiction to what some people believe. In fact, the levels of knowledge are not at the high end of many professional roles. It is purely based on Market supply and demand. If there are numerous people in the area who can fill a role, the wage drops. If the resource is scare - the price goes up - the result of this being that more people enter the field. As for what this tells? Communication is a large part of a security role at any level that pays in the high end. How you write a report and the language you use is important. Your attitude is important. Feeling that you are hard done by only makes others shy from you and lowers you chances at success. The rot caused by jealousy is the same. Who cares what others get? You make your way on your skills in the long run and by living on vitriol and anger you lose this chance to bitterness in the end. You have been in network admin and moved into security. You have to learn many things to be taken as seriously as you desire and until then, it may be that you will not get the respect you believe is due. First, you have to understand the business and its risks. Not just as a security/techie, rather at a fundamental level. Learn to speak the language of those who run the business. Learn finance and risk (and this is not what the majority of the list seems to believe it is). Learn the skills needed and than people will start to gain more of a belief in your skills. Remember - you have to speak their language, they will not learn yours. The language of management and business is not that of the techie. This is based on over 20 years in the industry. Manager of the security function in the past of a Stock Exchange. Founder of 2 security companies and still manager of risk and security with a hand on approach. Regards, Craig S Wright ________________________________ From: listbounce () securityfocus com on behalf of Francois Yang Sent: Fri 23/02/2007 3:30 AM To: security-basics () securityfocus com Subject: General question what if your boss told you that the network engineers who maintain the network and servers got paid more (10k more) than you the security analyst because they DO MORE THINGS? what would be your reaction? In my situation I was like WTF (to myself of course) and basically said that it was a totally different area and job description. That also bought to my attention that maybe he didn't really read my resume, cuz I was doing network administration for the past 6 yrs before I got this job. Now what does that tell you about the boss and my job? -- If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology. Bruce Schneier --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ --------------------------------------------------------------------------- Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. DISCLAIMER The information contained in this email and any attachments is confidential. If you are not the intended recipient, you must not use or disclose the information. If you have received this email in error, please inform us promptly by reply email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. Any views expressed in this message are those of the individual sender. You may not rely on this message as advice unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by a Partner of BDO. BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, interception, corruption or unauthorised access. --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
Current thread:
- General question Francois Yang (Feb 23)
- Re: General question Isaac Perez (Feb 23)
- RE: General question Craig Wright (Feb 23)
- RE: General question Craig Wright (Feb 23)
- RE: General question Devin Rambo (Feb 26)
- Re: General question Adam Kane (Feb 23)
- Re: General question Jason P. Rusch (Feb 23)
- RE: General question Robinson, Sonja (Feb 26)
- Re: General question Francois Yang (Feb 26)
- RE: General question Robinson, Sonja (Feb 26)
- Re: General question Joseph McCray (Feb 23)
- Re: General question Nathaniel Hall (Feb 23)
- Re: General question steve dake (Feb 26)
- RE: General question David Gillett (Feb 26)
- <Possible follow-ups>
- Re: General question krymson (Feb 23)
(Thread continues...)
- Re: General question Isaac Perez (Feb 23)