top of page
  • Phil Venables

The Stress and Joy of Security Jobs

A few months ago there was this whole thing about the stress of security roles, CISOs self-medicating, and a whole range of burn-out talk. Ok, yes, security is a tough job. A very tough job. To do the job well requires broad and deep technical / risk skills, leadership augmented by a wide range of emotional intelligence and a whole lot of personal resilience. Despite efforts to be “never silently awesome” it can be most visible when things go wrong. Wrong can be both sides of the line: too much of the wrong security impacts customer experience and business agility or too little and you see incidents of varying impact. But, be honest, it’s not a *uniquely* stressful or difficult job, there are myriad of similarly tough or much tougher jobs from military, health care, emergency workers to sales people with a tough target or software developers with a deadline. [not an exhaustive list]

But hold on, it’s also one of the most fantastic jobs, perhaps call it a profession or a vocation, that has ever existed. Here’s why:

  1. You get to be involved in pretty much every part of everything your organization does - with natural focus on the customer.

  2. You get to take both broad/deep technology and business perspectives and rapidly learn the interplay between them - up and down the organization.

  3. You learn how to spot the failure modes of anything.

  4. You have extraordinary personal resilience - and (this sounds crazy) an innate long-term optimism that things will keep getting better, perhaps because of our implicit short-term pessimism.

  5. You are unusually good with incremental approaches, recognizing complexity and taking a systems-wide view of solutions.

  6. You need a multiplicity of skills not always found in other roles, which are individually portable and collectively indispensable.

  7. You get earlier career exposure to disproportionately senior people, inside and outside, and you become intimately entwined with the core processes and assets of your organization and its mission.

  8. You have fascinating and quickly evolving adversaries and you are forced - as a result - to be constantly learning and developing.

  9. You have a higher purpose. You are defending the flow of capital and ideas that are essential to human progress - adding value to society - protecting people’s information and livelihoods, and in some cases actual lives.

  10. You are part of an amazing community (not always perfect though!). Until you’ve stepped out of security into another risk, IT or business role you don’t realize how unique the camaraderie among security people is. I remember in various industry or geographic disasters over the years that when different companies' IT staff needed to work with each other it was often the security people (who were already connected with each other) that facilitated that connectivity.

Bottom line: security is an incredible job in fantastic times. Pause, look back at the progress made, enjoy the privilege of working on hard things. Then remember that, as the saying goes, “we are careering into the future at the speed light, relax and enjoy the ride.”

1,498 views0 comments

Recent Posts

See All

I first posted this as a Twitter thread in 2019. These forces still seem very much current - perhaps even more so. It is interesting to think that most of the issues and risks we face arise from a sma

There is a lot of conventional security that is based on established ceremonies and an unquestioning faith that if we keep doing these things then all shall be well. If the ceremonies don’t produce th

It’s that time of year when you’ve inevitably written notes to your organization and leadership about all your team’s achievements over the year (and possibly quietly shuffled all the things you didn’

bottom of page