6 Reasons Why You Should NOT Work In Information Security



3 – There is a limit for growth to your career

You are smart. You know how to facilitate business whilst keeping it secure. You have good relationship with all layers above and below you. You even have a blog about security, with thousands of followers. What are your chances of becoming the CEO of the company you work for? Perhaps as likely as having your security blog becoming as popular as facebook. Anyways, there are still some ways to go up the ladder as an Information Security Professional.
Now, let’s ask our CEO what sort of background he has: – Well, I started as a temp, and soon afterthat got a job as a saleman and… No. You kidding right? You spent your whole life having lunch for free, and now you tell me you are the captain of the boat? It can’t be real…


2 – No room for mistakes

Let’s imagine the following scenario: you manage to maintain your environment incident free for the couple of months until… until Jack brings that same infected laptop (again?) to your network (-so what? My client was showing me about some funny videos on the internet on a dodgy website!). The network falls into its knees, and now you have to say goodbye to your weekend… (I won’t even comment about the Sony incident… damn programmer! Ha!).

Guess what, Jack is still going on a sail boat trip tomorrow morning.

You won’t.

 1 – People expect you to crack their exes Gmail passwords, wireless networks, and combination locks.

Tell me, honestly. How many times have your friends approached you asking you to crack their ex-girlfriend/boyfriend e-mail password? How many times did they come to you asking for you to download that nice game without paying a penny? -but you  are a hacker, isn’t it easy for you?

Tht’s when you try to explain that it can be done, but it’s not ethical, and…

Enough! Now, let me get back to the hot dog trailer I just bought and try to learn why the heck sales people have such a good life!


If you still feel like becoming a security prefessional, do not forget to have your resume reviewed FOR FREE and read the startup guide to become a security consultant, and how to start your information security career. 

Oh, and if you are looking for new challenges, don’t forget to check out our session about Information Security Interview questions!


What annoys you in this career? Be welcome to share some facts and funny stories about your job with the readers by using the comments below!


Pages: 1 2

Filed Under: ArticlesFeaturedFront Page


RSSComments (24)

Leave a Reply | Trackback URL

  1. Alice says:

    As a former DBA, this had me in stitches.

  2. Muneer Raza says:

    Wonderful sense of humor.

  3. Pekae says:

    Only just caught up with this – great, humorous article Adriano. Having been in IT 35 years and InfoSec for 15 of them, it really rings true (with a grain of tongue-in-cheek).

    All I can say to Cellus is, if he rarely works more than 40hrs a week, then he’s not living in the real world (or making an effort!), which sums up his whole reply.

  4. Nazim says:

    Haha!! I loved point numero uno mate!!!! Cheers!! 🙂

  5. Jason says:

    Great article Adriano!!! You summed up the life of an IT professional perfectly!!!

  6. Chris G says:

    I remember sitting in my daughter’s Kindergarten class once while listening to another girl’s parents describe their chosen careers. Dad was an airline pilot for Air Canada and Mom worked for Apple in their marketing department. The kids around the class were mesmerized listening about their jobs. The coolness factor was off the scale for these parent’s daughter.

    Then then turned it over to me – the IT Security guy. Zero interest. Nil. Nada. Nothing. For a 5 year old, there’s no way to make IT security even slightly interesting.

    That’s when I knew what I did was boring and I should probably quit and become an airline pilot. 🙂

    BTW – why don’t you DELETE comments from folks like Cellus above? This site isn’t run/monitored by the government. You can do whatever you want with it. Drowning out idiots is your prerogative.

    • Hi Chris,
      Thank you so much for your comment!
      I seriously though about deleting Cellus post, not because he doesn’t agree with me, but because he lacked respect. But I believe everyone should be heard, even the haters, it’s just about giving them ears or not.
      Since I’m a positive person, I ‘m going to leave it there for people to see! 🙂



  7. John says:

    Excellent article..!!!! It is the real life and to survive it is needed real passion for security.

  8. Ian says:

    Reasons you should not get into security as a vocation…well security has made a fashion out of poor management decisions for more than 10 years now. This leads to a lot of boredom, frustration, and losing the will to live for many in infosec. I sympathise and empathise. If you want to enter a profession where you won’t fit in unless you offer ZERO (0) value…get into security. If you never answer email or contribute anything useful in meetings, your ideal career is security. There is nothing personal in this…it’s just the way the world is. Like I said I sympathise. Security as a professional career choice is discussed in Chapter 6 of my book “Security De-engineering” released December 2011, Taylor Francis/CRC Press

  9. Are you serious??? says:

    YOU HAVE GOT TO BE KIDDING ME!!!!! This is so much bull$hit.

    #6. Work hours, what job do you know that pays as good as an IT professional that doesn’t work long hours. For the record, I have been in IT for 9 years and have done it all from Help Desk to Pen Testing and I rarely work over 40 hours a week!

    #5. You must not be any good at your job! I have tons of people that call my work center looking for ME and do not want to deal with anyone other than me because they know what they need will be taken care of! This and this alone makes me think you have no idea what you’re talking about!

    #4. Okay, IT is ever changing and yes you have to study, BUT why is this a bad thing? I can’t believe that you would actually concider selfimprovement a bad thing!

    #3. LIMITED GROWTH!?!?! Do you realize that in big companies that there is an IT guy on the board of directors? Again, you’re an idiot!

    #2. A SAD attempt at a bad situation! First, ANY IT professional knows NEVER let ANYONE hook up a personal laptop/device to your LAN. Second, there is room for mistakes, on a non production LAN where you should be learning in the first place!

    #1. I can do all of that, but my friends don’t have to know it. If you brag about you can do this and you can do that, don’t you expect this type of thing? If you’re a tax layer, don’t you think your friends will come to you and ask you advise about their taxes?

    In closing, I can’t believe I actually read such an off base article that sad to say some people will take as the truth. I can tell your level is the bottom of the barrel and this is another reason why not just any idiot should be able to post on the internet!


  10. Miguel says:

    Excellent and funny article!
    The word “motivation” was used so many times I did remember the equation E=mc2
    Translate it to “effort=motivation x compensation[square]”. If some companies ever understand that the world will be a better place for hard working people like us 😉

  11. Michael Mars says:

    What? Are you new to IT? I can’t recall any IT job that I have had that wasn’t like this.

  12. AtlKing says:


    Nice article to read; however, i think if someone has passion, motivation, ability to constantly learn new things, patience and persistence he/she will succeed in the security field; also i agree with Herman above that security profs should have fun while it last, i know that from my end there are some top notch cool projects i was involved in that changed my initial perception about how static security field can be; for example if you get involved with technologies such as VOIP or Video you’ll see security from very different fun angle.

  13. Tiger_Auditor says:

    Yes i agree with most of the points mentioned here. It is usual one who working in infosec. But one advantage is we can expect more salary. and should update our competency everyday. This will be very helpful for the Information security Auditor to update the latest technology.

  14. Unemployed says:

    Needless to say, any job or a position can be hectic at a time  As been mentioned earlier; “Motivation” is the key element to successfully perform, not only in this area of expertise but also in any profession. Before the motivation we first got to have passion specially in this field, we have to have the love of doing what we’ve been trained to do. I’ve more than a decade experience in IT & currently unemployed!
    InfoSec, is where we ought to be current with technology, regulations and standards. Constantly learning the cutting edge technology is gratifying. In this industry we’re able to help organizations to stay on top of their games. Finally, this profession will allow us to help a kid from being bullied in cyber space….(isn’t that pleasing??!!)
    And all of the above is the motivation behind the fact that I’m still in school, teaching and learning at the same time. Personally, the thrill working in InfoSec industry some-day is a great deal satisfaction for me!


  15. Tuwi D says:

    Facebook’s accounts too, exes fb accounts are by default requested. Without mentioning the part when they assume you have to know about telephones/satellite decoders/dvds/*anything with electricity on*

    i’m really getting tired of this.

  16. Herman says:

    You better start to have some fun in your job. Your attackers do :). My career started as a trainer in security products, then an information security consultant, then application security consultant and now I am my own boss and having fun. Do not limit yourself to one company…

  17. bit says:

    information needs security,whether we like it or not.
    and besides working in an information security has a highest paid 😉

  18. Prakash says:

    All this comes down to one thing as I keep telling everyone in Info Sec field, “MOTIVATION”.
    It is lacking at all levels as the above are true for even development and business groups. No reward for developing and implementing secure solutions. (don’t take it word by word). So, best way is to get compensated well as many companies do pay well for Info Sec Profs.

  19. Buonsanti says:

    Very nice. Just be careful not letting your C-level and sales executives read this. LOL.

  20. Ayunardi says:

    Quoting Camargoneves : “And there is one more, the only guys that will be more hated than you are the auditors. So you can at least have some folks to lunch with. ”

    Imagine there someone sit far away in the corner for lunch, it’s an Information Security Auditor. Ha… Ha… Ha…

  21. camargoneves says:

    Funny. And there is one more, the only guys that will be more hated than you are the auditors. So you can at least have some folks to lunch with. 🙂

  22. […] Today, several folks have tweeted & retweeted about an article written by "Adriano" at MyInfoSecJob.com. The original article may be read here: https://www.myinfosecjob.com/2011/08/6-reasons-why-you-should-not-work-with-information-security/ […]