How much turnover in Cyber Security are you seeing at your work place?
Ertaz
Member Posts: 934 ■■■■■□□□□□
We've had a few key guys leave out here in the nowhere-midwest for work from home gigs or bigger better jobs in the city. I wanted to poll the TE crowd to see how much turnover you're seeing.
Comments
-
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□Not much at my company... Although I work a decent size entertainment company that is located away from the large metro area. Drive to work is awesome and they have really good benefits if you have worked there for awhile. 2 of the security analysts on my team have been here for like 15 years each. (only 4 of us)
-
cyberguypr Mod Posts: 6,928 ModZero in my team. It was just me and another guy 4 years ago and now we are up to 8. We have a great compensation and benefits package on top of mentally stimulating work so I'm sure that helps. Out there in my circles I do see a lot of shuffling and moving around for multiple reasons: better compensation, telecommuting arragements, upward mobility, and others.
Who's moving in your case, Sr/enginner type guys? I understand the locaiton aspect. I for one refuse to work in the burbs/boonies and always seek employment in downtown Chicago. -
Ertaz Member Posts: 934 ■■■■■□□□□□cyberguypr wrote: »Zero in my team. It was just me and another guy 4 years ago and now we are up to 8. We have a great compensation and benefits package on top of mentally stimulating work so I'm sure that helps. Out there in my circles I do see a lot of shuffling and moving around for multiple reasons: better compensation, telecommuting arragements, upward mobility, and others.
Who's moving in your case, Sr/enginner type guys? I understand the locaiton aspect. I for one refuse to work in the burbs/boonies and always seek employment in downtown Chicago.
Sr. Engineers. 30-40% Salary bumps are nothing to sneeze at I suppose. -
TechGromit Member Posts: 2,156 ■■■■■■■■■□There's been a bit of movement in my company recently, three people took promotions, one outside cyber security into networking, and the other two into different position within Cyber. A forth person left the company to go work for a startup. Things were pretty stable for the last couple years, it was just recently we had a lot of shuffling around.Still searching for the corner in a round room.
-
gespenstern Member Posts: 1,243 ■■■■■■■■□□In my team over the course of the last 3 years 4 persons have left (out of roughly 15), one in India, three in the US. The salaries, benefits and job security are top notch where I work. There's only a few places that pay more and most of them are in NYC/nearby.
-
gespenstern Member Posts: 1,243 ■■■■■■■■□□cyberguypr wrote: »I for one refuse to work in the burbs/boonies and always seek employment in downtown Chicago.
But why? Can't see any pros here besides there are typically more jobs in downtown so it's easier to land quickly. -
jdancer Member Posts: 482 ■■■■□□□□□□gespenstern wrote: »But why? Can't see any pros here besides there are typically more jobs in downtown so it's easier to land quickly.
Guessing the OP has excellent commuting options to work. In most major cities, getting around by car blows chunks. -
cyberguypr Mod Posts: 6,928 ModExactly. I drive only for pleasure and the short commute to train. Also, the city is very alive during the day, which I always found exciting although not enough to live in it.
-
Chitownjedi Member Posts: 578 ■■■■■□□□□□Average time here for security resource has been about 8 Months, averaged out over 10 people in the 2 years I've been on-site --- opportunities are abundant for them to move up and out
-
DZA_ Member Posts: 467 ■■■■■■■□□□@OP - In my last work place, we had tons of turnover. There were a few of us that got our CISSPs during our careers at this one employer (managed service provider) and we all ended up deciding to leave to other companies in the industry since they couldn't pay us the current market rate. 1 member within our group left within a 2 year time span and the other remaining 2, including myself left within 4 months of each other. At this point, they might have in a ban in place for funding their folks from getting CISSPs.
-
Ertaz Member Posts: 934 ■■■■■□□□□□@OP - In my last work place, we had tons of turnover. There were a few of us that got our CISSPs during our careers at this one employer (managed service provider) and we all ended up deciding to leave to other companies in the industry since they couldn't pay us the current market rate. 1 member within our group left within a 2 year time span and the other remaining 2, including myself left within 4 months of each other. At this point, they might have in a ban in place for funding their folks from getting CISSPs.
Funny you should mention that. The guy that’s leaving got his cissp/OSCP in the last year. I’m really glad for him. It seems he’s walking into his dream job. It’s funny how MSPs need the guys with certs, but can’t pay them to stay. It’s also the reason that my work will pay for any cert or training, but the CISSP. They say it’s a requirement, but you have to achieve it through self study. -
TheFORCE Member Posts: 2,297 ■■■■■■■■□□speaking from experience I've averaged 1.5 years in 3 different jobs in the past 3-4 years. My current team though is suffering as we dont have the resources.
-
LonerVamp Member Posts: 518 ■■■■■■■■□□I think MSPs really sell their services by tacking on all the certs their employees have. But the work itself is often soul-sucking, so over time, they go off to other gigs doing admin/engi work or something.
Infosec is wonderful, and while we're still coming to terms with what "entry level" is, those jobs that typically fall into that tier are often not terribly exciting or what people think of when they think security. Namely reading logs, classifying alerts, initial troubleshooting of false positives, reviewing vuln assessment reports...
We also have a problem where a lot of bullsh*tters can get by for a while, which promotes the delivery of subpar services and expertise.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
UnixGuy Mod Posts: 4,570 ModI can see why that is!
few months in every job I land, and I get recruiters reaching out to me with better salaries and better titles...sometimes over 20K+ increase in pay...that happened literally yesterday, and my current work place pays above average...
I want to stay here longer because my last job was 12months (not that there is anything wrong with that) but I want a much longer stint here and I would like an internal promotion so I need to say no to recruiters.
The market is good and there is enough demand to keep luring people to move on... (I can't speak for the US though, but it seems similar.) -
DZA_ Member Posts: 467 ■■■■■■■□□□Funny you should mention that. The guy that’s leaving got his cissp/OSCP in the last year. I’m really glad for him. It seems he’s walking into his dream job. It’s funny how MSPs need the guys with certs, but can’t pay them to stay. It’s also the reason that my work will pay for any cert or training, but the CISSP. They say it’s a requirement, but you have to achieve it through self study.
Originally when I was studying for my exam, my previous employer didn't want to give me time off or compensate me for writing the exam (when I would pass). Their rationale was that it didn't reflect/contribute to the roles and responsibilities that I was doing at the time.
I ended up taking a day off, passing the exam and resigning the next day to go work for a bigger enterprise which coincidentally was in parallel the same time when I was going for my exam. You would say I've burnt a bridge but at the end of the day, it comes down to how much you value yourself at the company and if they're not paying what you're worth, it's time to move on!
@UnixGuy - What country are you in? -
TechGuru80 Member Posts: 1,539 ■■■■■■□□□□Definitely a true story....I had a similar situation where I passed the CISSP and couldn’t get promoted after already having a couple years in...I said ok and started looking right away. Companies are insane to not provide training budgets to jobs that literally change all the time and protect their investments...even as little as $3,000 goes a long way if the employee can do for example a SANS work study or OSCP...for both skillsets and keeping employees motivated.
Younger generations especially want to keep learning, and most will start leaving if you don’t invest in them. -
iBrokeIT Member Posts: 1,318 ■■■■■■■■■□You would say I've burnt a bridge but at the end of the day, it comes down to how much you value yourself at the company and if they're not paying what you're worth, it's time to move on!
Sometimes it's unavoidable that you end up being the villain in someone else's story despite your best intentions. Always important to remember it just business and that relationship has to continue to make sense for both parties. You made the right choice.2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response -
jelevated Member Posts: 139Our infosec guys leave regularly and we are having a very hard time hiring competent individuals for mid/senior level roles. Likewise I am being hit up by recruiters and have been flown out for a few interviews. Post CISSP life is grand.
-
H-bomb Member Posts: 129 ■■■□□□□□□□We had a good turnover in the past year at my last company (I just got a new job at a different company). I would say probably 10-12 Security guys left within 12 months. These were Jr to mid level people. Nobody had a CISSP, but we were making less than the industry standard.
-
DatabaseHead Member Posts: 2,754 ■■■■■■■■■■TechGuru80 wrote: »Definitely a true story....I had a similar situation where I passed the CISSP and couldn’t get promoted after already having a couple years in...I said ok and started looking right away. Companies are insane to not provide training budgets to jobs that literally change all the time and protect their investments...even as little as $3,000 goes a long way if the employee can do for example a SANS work study or OSCP...for both skillsets and keeping employees motivated.
Younger generations especially want to keep learning, and most will start leaving if you don’t invest in them.
IMO Management see it as a catch 22. If you train them and spend big bucks on them this will empower them and give them an avenue to leave. Whereas if you silo them into one / two roles and keep them niche they will have a harder time finding a new position..... Couple this will paying them well and rewarding them in other facets, such as bonuses and paid time off you get to keep your great employees and you mitigate them from leaving..... -
TechGromit Member Posts: 2,156 ■■■■■■■■■□few months in every job I land, and I get recruiters reaching out to me with better salaries and better titles...sometimes over 20K+ increase in pay...that happened literally yesterday, and my current work place pays above average...
Contract work or Full Time Employee? Can can see contract work easily paying more, but the benefits and job security are lacking.Still searching for the corner in a round room. -
UnixGuy Mod Posts: 4,570 ModTechGromit wrote: »Contract work or Full Time Employee? Can can see contract work easily paying more, but the benefits and job security are lacking.
I've always done full-time, and the positions I get contacted for are full time as well -
Ertaz Member Posts: 934 ■■■■■□□□□□I've always done full-time, and the positions I get contacted for are full time as well
I get contacted for full time work, but it's always relo dependent. Apparently they don't think I can do the job from my basement...
Pfft... their loss. -
ThePawofRizzo Member Posts: 389 ■■■■□□□□□□While I don't work in our corporate IT Security dept., it is only three guys, and the junior was just hired.
From a couple recruiters in this area that I've visited with (coming to see my manager to look for placements, not because I was looking for work) have said IT Security is pretty strong in this area, so I suspect someone with some experience would have some options. -
BillHoo Member Posts: 207 ■■■□□□□□□□In the DC Metro area there is high demand for Cyber Security guys.
Current White House has increased support for Cyber. Previous IT jobs, I'ves stayed 5 to 10 years. Lately, there are just too many good offers to NOT leave a job. Nothing wrong with the work environment or people... It's all about the money and what drives it is the high cost of certifications.