Just Discovered My Boss Has NO SECURITY OR IT EXPERIENCE !!!

egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+Member Posts: 515 ■■■■■□□□□□
edited August 13 in IT Jobs / Degrees

So I was hired in as a Lead EDR Engineer for a company with 3000+ users.  Pay and everything is good.  However 4 weeks into the job my boss tells me before this job he was a patrol cop for 25 years.  He's had no IT (or tech ) job prior to his current assignment as my boss!!!!

What in the world am I supposed to do about this?  I have 6 years experience in Cybersecurity and 20+ years in IT?  Should I just accept him (kinda like family) while collaborating with other managers outside our team who are actually experienced in the position they've hired for?

What should I do?
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Comments

  • E Double UE Double U Member Posts: 2,140 ■■■■■■■■■■
    Is there something that you are supposed to do? If you discovered your manager lied on his resume and during the interview to get the job then I guess there is some action that you can take. But if this was known to the people that gave him the job over other candidates then apparently they saw that he possessed the leadership skills needed by the organization. 

    Is he good at his job - yes/no?
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, etc.

    2022 goal(s): CRISC, land a new job

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 515 ■■■■■□□□□□
    Is there something that you are supposed to do? If you discovered your manager lied on his resume and during the interview to get the job then I guess there is some action that you can take. But if this was known to the people that gave him the job over other candidates then apparently they saw that he possessed the leadership skills needed by the organization. 

    Is he good at his job - yes/no?

    He has no clue about the fundamental elements of cybersecurity that managers should know.  Use the words framework, NIST, roadmap, EDR, Zero Trust, etc to him and it will seem like greek.  Matter of fact this is what he told me about our Architect who often talked using the same words "to be honest with you sometimes I don't even understand what he's talking about"
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,773 Admin
    Is he a good friend, or related to, someone high-up in the business org?
  • E Double UE Double U Member Posts: 2,140 ■■■■■■■■■■
    egrizzly said:
    Is there something that you are supposed to do? If you discovered your manager lied on his resume and during the interview to get the job then I guess there is some action that you can take. But if this was known to the people that gave him the job over other candidates then apparently they saw that he possessed the leadership skills needed by the organization. 

    Is he good at his job - yes/no?

    He has no clue about the fundamental elements of cybersecurity that managers should know.  Use the words framework, NIST, roadmap, EDR, Zero Trust, etc to him and it will seem like greek.  Matter of fact this is what he told me about our Architect who often talked using the same words "to be honest with you sometimes I don't even understand what he's talking about"
    Well, at least he admits it lol
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, etc.

    2022 goal(s): CRISC, land a new job

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,469 Mod
    This is not an uncommon situation. It's very disheartening to say the least. I had my fair share of those, they spend their time going to conference, going to vendor lunches, and mainly just going on lunches.


    This is not ok, we spend a life time getting good at what we do, whilst others just given leadership roles.

    I made peace with it, and started to find it funny, laugh at it often, and just mind my own business. Good for him, use the job to your advantage, learn and move on or up in the right time for you. Don't try to fix the organisation or make it fair, because it wont be
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

  • volfkhatvolfkhat Member Posts: 1,004 ■■■■■■■■□□
    ...If you discovered your manager lied on his resume and during the interview to get the job then I guess there is some action that you can take. But if this was known to the people that gave him the job over other candidates then apparently they saw that he possessed the leadership skills needed by the organization. 

     :D:D  
    Now that's some great SATIRE right there!


    But seriously...
    there's NOTHING for you to do except... "Your Job".
    <3<3
  • anthonxanthonx CISA, CRISC, CISM Member Posts: 109 ■■■□□□□□□□
    You can still do your job without involving your boss, right? I guess in a RACI model, you make the decisions (Responsible) and he just stay informed.   :D
    AnthonX
  • SteveLavoieSteveLavoie Member Posts: 1,099 ■■■■■■■■■□
    Gain his trust, make yourself his trusted advisor. Make sure he is working on removing your team roadblock.. He may better than you think. 
  • iBrokeITiBrokeIT GDSA, GRID, GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIA, GCIH, GSEC, Pen+, CySA+, Sec+, N+, A+, eJPT Member Posts: 1,316 ■■■■■■■■■□
    Please explain why this is an issue for you if you were hired to be the "Lead" in your area of responsibility.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON GCWN Linux+

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
  • TechGromitTechGromit GSEC, GCIH, GREM, Ontario, NY Member Posts: 2,138 ■■■■■■■■■□
    iBrokeIT said:
    Please explain why this is an issue for you if you were hired to be the "Lead" in your area of responsibility.
    I agree, there are lots of managers that do not have the technical ability that there staff has, that doesn't mean they are not good managers. So in your view, if someone doesn't have a background in IT they shouldn't manage IT professionals?

     

    Still searching for the corner in a round room.
  • volfkhatvolfkhat Member Posts: 1,004 ■■■■■■■■□□
    TechGromit said:
    I agree, there are lots of managers that do not have the technical ability that there staff has, that doesn't mean they are not good managers. So in your view, if someone doesn't have a background in IT they shouldn't manage IT professionals?


    *ahem*
    egrizzly said:

    He has no clue about the fundamental elements of cybersecurity that managers should know.  Use the words framework, NIST, roadmap, EDR, Zero Trust, etc to him and it will seem like greek.  Matter of fact this is what he told me about our Architect who often talked using the same words "to be honest with you sometimes I don't even understand what he's talking about"

    So..... yeah, obviously the Manager should have a background in IT.
    Is that really too much to ask??
     :D:D  
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,469 Mod
    iBrokeIT said:
    Please explain why this is an issue for you if you were hired to be the "Lead" in your area of responsibility.
    I agree, there are lots of managers that do not have the technical ability that there staff has, that doesn't mean they are not good managers. So in your view, if someone doesn't have a background in IT they shouldn't manage IT professionals?

     


    There is a difference between not having as much tech experience as their staff and having ZERO experience in the field.

    People make it seem like there are no people with IT experience who can do the job, it has to be some dude from a different industry who can't tell the difference between a firewall and a washing machine

    plenty of IT veterans would happily do the job given the chance
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

  • DatabaseHeadDatabaseHead Teradata Assc 16, Querying Microsoft SQL Server 2012/2014, CSM Member Posts: 2,745 ■■■■■■■■■■
    Give them a chance they may surprise you.  My best bosses in IT didn't know jack about IT, what they did do which is far more important:

    provide cover fire for us when other teams went after us
    pushed back on projects when we were getting over loaded
    highly political and facts based, always was able to secure budget when needed
    got us promoted and recognized for our achievements

    I found when they were talking to the leadership team it was better that they speak so the others knew what they heck they were talking about.

    I am experiencing this now, I work in data integration very niche in IT.  

  • Tekn0logyTekn0logy CISSP, C|EH, RHCSA, Security+, Network+ Member Posts: 113 ■■■■□□□□□□
    egrizzly said:

    So I was hired in as a Lead EDR Engineer for a company with 3000+ users.  Pay and everything is good.  However 4 weeks into the job my boss tells me before this job he was a patrol cop for 25 years.  He's had no IT (or tech ) job prior to his current assignment as my boss!!!!

    What in the world am I supposed to do about this?  I have 6 years experience in Cybersecurity and 20+ years in IT?  Should I just accept him (kinda like family) while collaborating with other managers outside our team who are actually experienced in the position they've hired for?

    What should I do?
    Unlikely that they pulled a smoke screen on HR and the hiring manager, however more likely that they have friends way above your pay grade.
    Maybe you could research to see if their resume matches their LinkedIn profile?

    Do you have a sponsor, someone that has a personal interest to ensure that you have forward traction throughout your career at this company?
    If this new boss is your sponsor, you should at least make certain that you get recognition and visibility otherwise this person without IT skills may take credit for your good deeds.
    Give them a chance they may surprise you.  My best bosses in IT didn't know jack about IT, what they did do which is far more important:

    • provide cover fire for us when other teams went after us
    • pushed back on projects when we were getting over loaded
    • highly political and facts based, always was able to secure budget when needed
    • got us promoted and recognized for our achievements
    If your boss is not hitting on all of these bullets, AND you cant say that they are the best manager that you ever worked for, tread lightly.
    Don't spell things out, teach or give them the tools to do YOUR job, because he might have a friend that needs a job!

  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 515 ■■■■■□□□□□
    Tekn0logy said:
    egrizzly said:

    So I was hired in as a Lead EDR Engineer for a company with 3000+ users.  Pay and everything is good.  However 4 weeks into the job my boss tells me before this job he was a patrol cop for 25 years.  He's had no IT (or tech ) job prior to his current assignment as my boss!!!!

    What in the world am I supposed to do about this?  I have 6 years experience in Cybersecurity and 20+ years in IT?  Should I just accept him (kinda like family) while collaborating with other managers outside our team who are actually experienced in the position they've hired for?

    What should I do?
    Unlikely that they pulled a smoke screen on HR and the hiring manager, however more likely that they have friends way above your pay grade.
    Maybe you could research to see if their resume matches their LinkedIn profile?

    Do you have a sponsor, someone that has a personal interest to ensure that you have forward traction throughout your career at this company?
    If this new boss is your sponsor, you should at least make certain that you get recognition and visibility otherwise this person without IT skills may take credit for your good deeds.
    Give them a chance they may surprise you.  My best bosses in IT didn't know jack about IT, what they did do which is far more important:

    • provide cover fire for us when other teams went after us
    • pushed back on projects when we were getting over loaded
    • highly political and facts based, always was able to secure budget when needed
    • got us promoted and recognized for our achievements
    If your boss is not hitting on all of these bullets, AND you cant say that they are the best manager that you ever worked for, tread lightly.
    Don't spell things out, teach or give them the tools to do YOUR job, because he might have a friend that needs a job!


    Wow....I didn't know the politics in IT ran this deep.  Thanks for the heads-up dude. @Tekn
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,773 Admin
    egrizzly said:
    Wow....I didn't know the politics in IT ran this deep.  Thanks for the heads-up dude. @Tekn
    Politics runs deep in any org where humans are involved.

  • E Double UE Double U Member Posts: 2,140 ■■■■■■■■■■
    egrizzly said:
    Tekn0logy said:
    egrizzly said:

    So I was hired in as a Lead EDR Engineer for a company with 3000+ users.  Pay and everything is good.  However 4 weeks into the job my boss tells me before this job he was a patrol cop for 25 years.  He's had no IT (or tech ) job prior to his current assignment as my boss!!!!

    What in the world am I supposed to do about this?  I have 6 years experience in Cybersecurity and 20+ years in IT?  Should I just accept him (kinda like family) while collaborating with other managers outside our team who are actually experienced in the position they've hired for?

    What should I do?
    Unlikely that they pulled a smoke screen on HR and the hiring manager, however more likely that they have friends way above your pay grade.
    Maybe you could research to see if their resume matches their LinkedIn profile?

    Do you have a sponsor, someone that has a personal interest to ensure that you have forward traction throughout your career at this company?
    If this new boss is your sponsor, you should at least make certain that you get recognition and visibility otherwise this person without IT skills may take credit for your good deeds.
    Give them a chance they may surprise you.  My best bosses in IT didn't know jack about IT, what they did do which is far more important:

    • provide cover fire for us when other teams went after us
    • pushed back on projects when we were getting over loaded
    • highly political and facts based, always was able to secure budget when needed
    • got us promoted and recognized for our achievements
    If your boss is not hitting on all of these bullets, AND you cant say that they are the best manager that you ever worked for, tread lightly.
    Don't spell things out, teach or give them the tools to do YOUR job, because he might have a friend that needs a job!


    Wow....I didn't know the politics in IT ran this deep.  Thanks for the heads-up dude. @Tekn
    Don't jump to conclusions. ALL organizations have a level of politics. Company culture dictates this, not a specific field. 
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, etc.

    2022 goal(s): CRISC, land a new job

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • Reese38Reese38 Member Posts: 3 ■□□□□□□□□□
     this new boss is your sponsor, you should at least make certain that you get recognition and visibility otherwise this person without IT skills may take credit for your good deeds.
Sign In or Register to comment.