Did you choose a Specialized career path?

minitminit Member Posts: 77 ■■■□□□□□□□
Did you start out as a tech or JOAT and have since moved into a more specialized career? (networking/security/VMware/etc)

Did it turn out to be a good move?

How do you feel about your career/life since choosing your specialized path?

Please tell me your story. I'm a JOAT looking to choose a path.


  • beadsbeads Senior Member Member Posts: 1,506 ■■■■■■■■■□
    Started off as a developer then switched over to administration, engineering (R&S) for years before going into security. Though some people would refer to me as a JOAT I see myself primarily as a Security Architect or someone who designs, build and tests the overall controls of a network. That includes a lot of practice in a number of fields to be more than good enough to call myself a technical or security architect. Business analysis, vulnerability management, risk assessment, administration, engineering, audit as well as programming and scripting all practiced on a near daily basis. Add to that a good bit of DFIR to watch how my controls actually work, don't work or need adjustment and you pretty much have my day in and day out job.

    Is it worth it? Depends. It makes for incredible job security but is also a complete drag on my personal time on Friday night when I take a break from studying the latest and greatest IoC vulnerability potentially hitting my workplace. After 30 odd years of IT its no different from any other grind like say, sitting in traffic for long periods of time and feels just as worthless in time spent.

    Pick something you have some passion about or can at least tolerate for a career and its not too bad. Problem has been over and over again in IT is that too many people think its just an easy way to get a quick career then can't hack the long term learning commitments and become little more than opinion dealers. Folks, we have enough well meaning but technically clueless people in questionable Master's programs and no hands on value to any organization past their opinions.

    Specialize at your own risk.

    Its harder than it looks. icon_cool.gif

    - b/eads
  • Danielm7Danielm7 Member Posts: 2,294 ■■■■■■■■□□
    I was a JOAT / Sysadmin for a long time, I found that I ended up doing a lot of security tasks and enjoyed them and dug into it more and more. Now that's my specialty and I enjoy it, but, as beads said, be ready to really dig in.

    It was a great career move for me, both financially and employment outlook. I think this is more of a security gripe than anything, but if you're used to getting the warm fuzzies as the JOAT role making everything work for everyone then you get a lot less of that if that even matters to you. I'm only bringing this up because I have a newer guy under me and he was complaining the other day about how in his other support roles he used to get a lot of kudos for fixing things for people and now he feels like the enforcer of rules and bringing of bad news. In some companies, no matter how well you wrap it in best practice and education, some people just don't want to change and will think you're a PITA.
  • EANxEANx Member Posts: 1,078 ■■■■■■■■□□
    Starting as a JOAT is the way to go, IMO. I always feel sorry for these people that come into IT security with their shiny-new "Masters in Cybersecurity" and figure they'll be able to combine that with other IT things they will "pick up on the way". Do a few years as a JOAT and figure out what you like.

    I started as a JOAT sysadmin/desk-side support tech in a company where some of the users (engineers) were highly IT savvy. We had one guy who was writing his own operating system. After I showed them I was knowledgeable in my area and respectful of their skills, they showed me a lot that normal admins are never exposed to. At one point, I worked with them to design and build a specialized version of a flight simulator. A couple of jobs later, I was fascinated with MRP/ERP and took a job doing certain types of implementations for a specialized MRP company. That bombed and showed me the type of company I really did not want to work for. Shortly after leaving there, I hit a crossroads, I had two fantastic offers, one where I could learn SAP, the other to swing into networking which I had touched on and was intrigued by. I went with the networking and didn't regret it.

    When you start to specialize, always leave yourself open to the possibility you misjudged. Also be open to becoming a multi-specialist. Certain pieces of IT work well in combination.
  • DatabaseHeadDatabaseHead CSM, ITIL x3, Teradata Assc, MS SQL Server, Project +, Server +, A+, N+, MS Project, CAPM, RMP Member Posts: 2,559 ■■■■■■■■■□
    Specializing was the best move for my career. I received my biggest financial gains once I stayed with something and continued to focus on it. At one point I received a 20% salary increase followed by 27% the following year at the same company same role (It's hard to find specialized folks). Until then I would get small little bumps etc.... I also got a larger bonus due to my specialized skills.

    The downside is like others have mentioned you don't obtain a "well rounded" set of skills.

    Side note - This is just my opinion but most people just like to dabble or branch out to much. What I found is laser focus on one or two things for a sustained period is a much more productive way to spend your time.
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    Right now I'm a JOAT but I started out as a tech that sort of did JOAT stuff.
    Being the JOAT right now can be difficult to get my hands on with things since I'm mostly dealing with helpdesk stuff. The other minor things that I deal with is Windows Server and switching. I'm working on forcing Infosec into what I do at work. I want to get into Infosec right now but I'm not sure what path to take because I want to protect people and/or their information.
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • Mike7Mike7 Member Posts: 1,075 ■■■■□□□□□□
    Started as a Unix C++ developer in manufacturing field, got bored and migrated entire manufacturing line platform from Unix to Windows. It was a good learning experience; we migrated the OS, database server and rewrote application code in Visual C++ saving more than 70% IT setup costs. Moved to another company and spent a good couple of years with database administration and application development. This was followed by ASP.NET web programming for a couple of years with a service provider before I changed to more IT infra role doing Linux/Windows sysadmin, AWS cloud computing and network/firewall administration. IT security came calling not long after; it wasn't that difficult when you have the hands-on experience in most aspects of IT including sysadmin, application development, networking, project management and risk management. In some ways, good IT security is good IT ops; after stabilising come optimisation/automation follow by security. If you are a bad sys admin, you are unable to optimise the operations much less secure it.

    It is not so much JOAT but more of being multidisciplinary knowing which technology/tool is appropriate for what purpose. Develop breadth for flexibility in options and gain the ability to know how what you do fit into the overall picture and, depth so that you can do your current job effectively. A lot of it is just curiosity and passion; you just want to know how it works and how you can improve, break and secure it. Working is still a drag at times. Like some posters, I wonder at those people with Masters in cybersecurity but lack hands-on experience and are totally clueless about how things work.
  • kohr-ahkohr-ah Member Posts: 1,277
    I specialized into Routing and Switching which as others said gave me the greatest financial gains and I learned the farther you go into is the more the curve starts to expand back out to just your specialty. It is just the base at this point.

    Now I am being transitioned down the security path.
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    I started my career as a software engineer. My interest is largely about how to apply technology to solve business problems. I specialized in an industry instead - in particular my other interest is financial services. I think most people would probably consider me a technology joat but I do focus on security - in particular risk management so being a joat is more useful. My career is mostly in management. While it probably has less job security than a specialist technologist - my compensation is generally higher.

    I echo @beads sentiment - while I have another 2 years to go before I reach the 3 decade mark icon_smile.gif, I wholeheartedly agree with him.
Sign In or Register to comment.