Hi all
After some advise and hoping someone has been in a similar position .
Tldr, I have to pick between moving to a small company and setting something up from scratch or staying in my large corporate job.
Currently riso at a very large global organisation focused on the UK, we have 30000 staff in the region I support. I have a technical background and been in IT for 14 years but have been focused on security for a while now. We have an internal SOC in a different country so I tend to only get involved in country stuff, have no access to the more technical toolset. Mostly risk management, Inc management, app vetting and onboarding Inc pen testing , legal contracts, awareness training, customer and supplier management, iso, cyber essentials etc…
I have been approached by a much smaller company with around 15 staff to lead their cyber security and set it up. They have been around for 6 years and have some new contracts which are worth around 4 million. These are govt contracts and have strict security requirements so need some help. They have a dev team who actually seem really on it, but haven't had the big corporate infosec restrictions I am being brought in to help with, very much focus on keeping aws secure and ignoring the rest from what I can see. They are on their way to iso with help from a third party.
Package I have been offered is higher than current but doesn't take into affect all the benefits of a large corp such as good pension, private medical etc..once you take those off the packages are fairly similar.
I am really torn between what to do and would love some advice .
On one side moving, the idea of starting up from scratch sounds really interesting, doing it the way I want to do it , having my own budget, and getting hands on experience and probably back more into the technical side which I do miss. If the company expands as they are hoping, could lead to much greater career progression. Downside is much higher risk, very reliant on contracts and much higher redundancy risk. Longer travel to the office . Will be difficult to change a small agile team ( but I do have experience of this)
The other side staying put, I do not hate my job at all, it is very secure with very little risk of redundancy. I get a lot of freedom and good holiday , pensions and benefits. There is a large bonus which isn't guaranteed but we've had it for several years now.I do get frustrated with the corporate world and my reliance on other teams in other countries. Also I do not have my own budget and any help I get tends to be from grads with very little security experience . I am also under paid compared to other functions in the same company which has caused me a lot of frustration. Career progression inside of security is non existent without moving country.
If it makes any difference I have 2 children under 6 and am happily married. I am the main breadwinner by a long way.
submitted by /u/Feeling-Square9360
[comments]
Source link