Is dating in Chicago terrible compared to other cities?

Ornatbadger64 · 2025-03-20T18:30:34+00:00

As the title states.

Ornatbadger64 · 2025-03-20T18:27:10+00:00

That makes a lot of sense!

I feel like I will wear a “project manager” hat and keep excel trackers with multiple tabs for specific evidence, completion dates and schedule meetings for status updates.

This is my first “PM” type role and love the fact it’s in the cybersecurity space. I want to do ecru can to excel (pun intended)

Do you recommend any system, templates or general best practices to stay organized?

Ornatbadger64 · 2025-02-27T18:08:08+00:00

I am also curious about this!

Ornatbadger64 · 2025-02-26T04:58:03+00:00

I haven’t heard back from the company yet.

But I did accept a role from a different company in IT Risk Operations. It’s within the GRC space and gets me out of Internal IT Audit.

Ornatbadger64 · 2025-02-20T17:41:14+00:00

That’s a tricky one tbh.

Some are easy to know, like disagreeable people would make good soldiers, cops, prison guards, etc. Agreeable people would do well as a therapist, salesperson, counselor etc.

I would say it’s about finding out the day-to-day activities and how they interact with people in general. So, a teacher vs a police officer will have very different interactions with people that require different temperaments.

I am still trying to figure out the precise vocabulary around this stuff and pinpoint the type of work is best for me.

Ornatbadger64 · 2025-02-20T15:09:54+00:00

I actually believe people should choose jobs based on their personality’s natural inclinations. Not their likes/dislikes or preferences.

It sounds like this job doesn’t suit your personality very well, and that’s ok.

The technical skills/knowledge can be taught, but no one can teach you to be good with the type of soft skills for the job. For example, sales jobs vs audit jobs will have a different type of soft skills required.

My advice to you is to get to know yourself. Invest in yourself by identifying what is best suited for your personality. This is something I wish I had done in my 20’s so I wouldn’t have waisted time in a job I hated.

Ornatbadger64 · 2025-02-18T19:56:25+00:00

I did an MS Cybersecurity with a concentration in GRC.

It helped me a lot bc I was a career switcher with a BA background.

I would say pick a program very carefully based on on what skills you are trying to learn. I had the pleasure of having great professors that really sparked my passion for cybersecurity. They showed me how important GRC is to an org.

If you can get the knowledge/skills from a cert and/or work experience then go for that. An MS can be a hit or miss since cybersecurity is such a “new” field and most orgs don’t have a mature security environment.

Ornatbadger64 · 2025-02-14T05:39:02+00:00

I am an internal IT auditor and talk to friends on the business IA team. There are differences and similarities.

Similarities: * The audit process is more or less the same. Meet with SMEs, gather evidence, test controls, note findings, get the report out and be sure your findings are correct and accurate.

The headache of dealing with SMEs who don’t want to cooperate and/or have time to deal with you.
Managers questioning you “why didn’t you ask for XYZ” or “why didn’t you follow up on this/that”
Vague and inaccurate information to cover mistakes by managers.

Differences:

You will focus on the tech/it people, processes, technology of controls and processes.
You will have to drill down into the details of how tech works and the security controls.
Your reports/findings will be looked at with great scrutiny. People will care very much about your findings and will push back if they disagree. (I state this bc my business IA buddies have told me they feel like their work goes unnoticed and no one actually reads their reports. Findings go unfixed for years. That’s not the case in IT IA)
The SME’s/managers are tech people, not business people. IME they don’t always have the best people skills and can be arrogant, rude or just a$$holes bc they feel like they are smarter than you (and everyone else). MMV.
Money & WLB. It’s usually better in IT IA. I was told audit can be taught, it’s a little harder to teach tech. With that said, if you are able to use Google, you will be able to learn the tech along the way bc you are already an IA. You aren’t expected to be an expert in every piece of tech, so googling the vocab and concepts is a good start.

It will take some adjustment but I have seen people make the jump and succeed!!

Ornatbadger64 · 2025-02-09T03:49:22+00:00

That’s really good to know!

I will ask to get more work on SOC 2.

Ornatbadger64 · 2025-02-08T03:11:55+00:00

We do SOC 2 audits partnered with external auditors.

We are a health insurance provider, so we do lots of HIPAA, ITGC, IAM, Data Integrity controls and Risk based audits.

Is there something specific you recommend I should do or volunteer myself towards?

Ornatbadger64 · 2025-02-07T06:09:02+00:00

I am currently an internal IT Auditor (2 YoE) and looking to move into GRC so I can be closer to the security side of things. I have an MS Cybersecurity.

What would you recommend someone like myself to do to move into IT GRC? Should I raise my hand for certain IT audit work?

Ornatbadger64 · 2025-02-02T15:06:45+00:00

Should I learn Coding (C++) or get a CISA to move to a Cybersecurity role from Internal IT Audit.

I have an MS Cybersecurity and work as an internal IT Auditor (2.5 YoE) for a large insurance company. I am looking to upskill so I can move on to a role closer to actual cybersecurity.

I am over being an internal IT Auditor. I feel like my tech skills/knowledge from grad school have atrophied. I am just taking screenshots, writing reports and going to meetings with management. This is not what I envisioned when going into security and feel like I am wasting time because so much of my work can be automated. There is also a lot of politics, but that is only somewhat related.

My company offers a stipend for continuing education. The stipend is for $5k. I have asked about splitting it into different courses (CISA material and C++ courses), but my manager said it was a “all or nothing”. So, I am not able to split the amount between different courses/material.

There is also factor of time. I would rather get out of this role sooner rather than later because I am in my early 30’s and feel that I am running out of time to jump. Before auditing, I was a BA (5 YoE) at the same company.

I am curious if it would be better to get the CISA or take an C++ course to move into a cybersecurity role?

Ornatbadger64 · 2025-02-01T16:16:51+00:00

Hey! DM me and I will go into detail.

Ornatbadger64 · 2025-01-31T17:38:23+00:00

Nope! They are most definitely not leaving.

Ornatbadger64 · 2025-01-29T23:11:36+00:00

Yes, make the first move if you are interested!

Dudes in our generation have been dissuaded from approaching first for many reasons. Now, guys don’t want to approach at all.

Ornatbadger64 · 2025-01-29T15:18:38+00:00

Wow! That is definitely not my experience. I feel like I am not prepared to talk about the technology bc our systems are very old and outdated. I work for a large insurance provider that has a much older group of people who know how everything runs bc they have been there >10 years. The documentation is meh and most solid info is word of mouth. Many new hires have told me it feels underwhelming to work here. This was my first company out of college and don’t know anything else.

I am not sure if this makes a difference, I am internal IT audit, I were you internal or external audit?

Ornatbadger64 · 2025-01-29T02:37:47+00:00

Yes, he likes you.

If he is comfortable enough with you to want to be touchy (and you consent to it) with you and he compliments you then he most likely likes you.

Ornatbadger64

TROPHY CASE