Its Quiet At My New WorkPlace!! I work in Security - WTF?!?!
egrizzly
Member Posts: 533 ■■■■■□□□□□
It's Quiet At Work - What To Do??
So I started this new job at a Fortune 500 company. I'm one of the senior endpoint guys there however, after I login every morning, there doesn't seem to be stuff to do or even messages being communicated by my boss (or co-workers) through email or IM. My previous workplace was completely opposite as their was chaos everyday.
So has any of you all in cybersecurity experienced this type of environment? ...is it typical of Fortune 500 companies? As far as employee count goes we have approx. 6000 employees.
If this is the norm at some Fortune 500 workplaces what are my options on what to do?
1.) Should I find a second job to fill in some of the dead time?
2.) Should I chase down my manager or manager of other departments and ask for work?
3.) Any other "best" line of action to take?
A dozen thanks to all of you for suggestions, comments, or overall participation.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Tagged:
Comments
-
UnixGuy Mod Posts: 4,570 ModNot uncommon at all, use the time to learn about all sort of things, build relationships at work, automate/improve things, work on certs
-
chrisone Member Posts: 2,278 ■■■■■■■■■□If things are quiet, I would recommend to start pulling up stats and reports you can use to relay to management. Perhaps start putting together a list of top 10 tips and guides you can put in a company sharepoint or security news letter. A little infosec end user education. At the very least get some reports and stats going. Data will help you see any glaring holes in the protection stack.
The other tips that UnixGuy mentioned were great as well. Start building relationships, communication, looking to help other teams.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
xagreus Member Posts: 118 ■■■■□□□□□□If it's not overstepping, you could make recommendations for security improvements.
You're probably familiar with the Center for Internet Security. You could look into using their benchmarks if applicable to your responsibilities and/or see if other groups (such as network operations) are using them:
https://www.cisecurity.org/cis-benchmarks/
A+, Net+, Sec+, CySA+, CCNA, ITIL 2011 Foundation, AWS CCP, ISC2 CC, MS SC-900, MS AZ-900
2024 goals: AZ-900, Cloud+, Palo Alto PCNSA, CyberOps Associate, DevNet Associate, Project+ -
JDMurray Admin Posts: 13,090 AdminFind out how the performance of workers in your role is measured in your org. How do they know that you are doing a quality job and are pulling your weight? This will indicate if you are being properly utilized or not.
-
E Double U Member Posts: 2,233 ■■■■■■■■■■If you were hired to be a senior, you manager may be expecting you to create work. I recommend regular dialogue with mgmt to be sure you are doing what is expected of you. When that box is checked, I like to use my downtime to study for certifications.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
Tekn0logy Member Posts: 113 ■■■■□□□□□□egrizzly said:
It's Quiet At Work - What To Do??
2.) Should I chase down my manager or manager of other departments and ask for work?Not a good idea unless water cooler banter suggests everyone else has spare cycles.Possible that most end users are WFH and not using a VPN. Does your company use MDM?What visibility do you have into security events? Are all endpoints up to date with patches, AV?