Wednesday, August 29, 2007

crossroads

This morning in my work mailbox I found an invitation to be included in one of those scammy who's who directories, which I checked out later and learned I want no part in it, but before checking it out my introspection began.

I have always been resistant to being a "computer person". I never wanted this to be my career. I just did it because I was good at it. I did it because, despite my dislike for all things service, it's what my personality type tells me I should be doing.

And then something happened. I'm not sure what. Something changed in me that made me love what I do. Perhaps it's because my employer became more supportive of my professional development and I was able to actually learn more and practice the security side of computing. This is truly my passion. I love all things to do with security. I could wax poetically for hours on the subject. I could eat up every certification there is to do with this field, read every trade material there is on the subject, handle incidents with no objection indefinitely. I would love to become someone's CSO, CISO, security consultant, or similar. I would love to be in charge of security infrastructure, planning, implementation, response, resolution... all of it.

But, what if? I have a fear of responsibility, a fear of committing to the big things. I have a fear of saying yes to something and then disappointing everyone involved. I fear that I don't know enough to do the job well. I fear that everyone will realize I'm a fake. Underneath this confident exterior I'm just winging it like the rest of the world. And somehow that's okay for everyone else to do, but not for me.

I am very strong willed, know what I want, and go full force toward it, but underneath there is a constant dialog of, "[my nickname here], are you really sure you know what you're doing?" No, voice, I don't. But I'm doing it anyway.

The one day several months back when my boss told me, "you know, you could be the CSO" scared the absolute shit out of me. But, is there really anything wrong with being scared?

21 comments:

Chicken said...

Too bad you don't live in Portland.My department is interviewing for a Data Security manager.

LeSombre said...

Hey!

You could move to Canada. It's not that different from France. ;-)

Plus, we really need a security guru on our team...

I totally understand the "renewed" appreciation for one's work. Same thing happened to me yesterday, when I was given proper resources for what I need to do, and feel motivated more than when I first started here. I think that's what makes great managers: Power to make your troops enjoy the work.

Gotta go, computer's calling again. ;-)

Chicken said...

No it isn't the job that I'm applying for. I'm applying for the technology buyer position.

The Data Security Manager position is closed to applicants because they are interviewing. If they don't find someone they will post the position again and I'll let you know.

Poppy Cede said...

Chicken, woot! Who knew I could get a job just by posting on my blog! Hehehe. Good luck with your new job. (Confidence!)

Mikey, I have considered many times moving to Canada. It is a place I enjoy very much.

Avitable said...

Wow, this is deep for you to post on your blog. I think you'd kick ass with any level of responsibility.

Poppy Cede said...

Avi, I'm a very complex and complicated person. :) Take it or leave it. I might kick ass with any level of responsibility, but when I drop responsibility I drop it HARD. I fling it up in the air, run away, and let it SMACK down on the pavement. So, ... I need to be careful about what I take on. :)

Bearette24 said...

I read that what you're talking about (which I have also felt) is very common among women..."impostor syndrome", where we feel like we're just pretending to know what we're doing. It has no bearing on reality; very competent people feel this way.

I think we also fear success more than men.

Poppy Cede said...

Bearette, it's true. I fear success more than failure.

Joefish said...

This is a really gutsy thing to post. Everyone feels that fear and insecurity. Few people are brave enough to admit it.

There's nothing wrong with being scared. :)

BelchSpeak said...

Poppy,
As one infosec dude to an infosec chick- You know when its okay to stop beating yourself up over doubts and fears?

When your wild-ass guesses and your professional decisions, shot from the hip, keep on being right on the money.

Tug said...

I think what's worse is if you're NOT at least a little scared. Being a little afraid keeps you on your toes, so you're more aware & not complacent.

Poppy Cede said...

Joefu, I don't feel brave in admittance, but thank you for saying it's okay to be scared. :}

Pat, then I must be doing something right because I'm right 1000% of the time. They _should_ promote me.

Tug, "complacent". You, my dearest, are brilliant. A very good point.

Dan said...

Internet security is only going to grow as a profession. At Monster, we're dealing with a tough PR situation based on a Trojan that took on the persona of an employer to access more than 1 million personal records. While there was nothing stolen that you couldn't find in the phone book, it's still an issue for job seekers when they start receiving unwanted emails.

Poppy Cede said...

Dan, you work for Monster? How could I have not known that? I totally heard about the Monster thing. Sorry you're going through that. Such is life, I suppose. (And secretly, the idea that there was an incident entertains me. It's a sickness... :)

BelchSpeak said...

Dan,

I am an infosec blogger, and I even blogged about the phishing/siphoning of the data from your servers. I was kinda wondering if Monster was going to stick by this "nothing was stolen that you couldnt get out of a phonebook" line with the public?

Cause the last I checked, I can't download the phonebook onto my PC- I am typically restricted to a single record at a time.

Dan said...

Poppy - yes, I've been here eight years, primarily in a content leadership role.

belchspeak - we're taking the incident very seriously. We've got an anti-fraud team in place that tirelessly works to address these issues and stay ahead of it. Poppy's post made me think that as the internet continues to evolve and grow, and as more people come online, system-security type jobs will become even more plentiful.

BelchSpeak said...

Dan, you say you are taking this seriously NOW. But this isn't the first breach, is it? Monster DB's have been phished and pharmed for years with no effort on Monster's part to put an end to it.

Poppy Cede said...

Perhaps "publicly known effort". I highly doubt Monster just sat back and said, "well, whatever, let's just see if it happens again." :)

BelchSpeak said...

If Monster implemented previous technology to prevent or limit theft of data, one can only surmise that it failed, given the latest breach.

I think this is the first significant publicity one of the breaches has received which has invited such scrutiny on their security practices.

whall said...

Hey, you could move to Florida and be CSO Miami.

The theme song could be "Magic Bus" and you could define if it's 16 or 32-bit.

Poppy Cede said...

Pat, I wanna come work with you.

wH, does your wife know how hilarious you are and how lucky she is? That's some funny geeky shit.