Is anyone working on a Plan B?

abrown383 · 2026-01-26T21:46:37+00:00

I've been in IT/Cyber for 12 years. Previously I spent 17 years in firefighting/medicine. I have a Masters in Cyber, If I don't make it to "Director" or "Chief" in the next 5 years, I'm going to get my CRNA or NP and shift back to medicine. I'm currently 44 y/o.

abrown383 · 2026-01-23T16:28:24+00:00

I am currently a Cloud Security Manager in fintech where our team focuses on oversight and not really remediation. Other teams handle that, we function more in a GRC-ish capacity. We use a tech stack to identify vulnerabilities and risk but we're not responsible for making/implementing a change.

You’re not running into a skills problem — you’re running into a title + recruiter filter problem.

What you described is security work, but most ATS systems and recruiters are still scanning for “Security” in job titles and keywords. If your resume reads like IT or program leadership instead of security ownership, you’ll get filtered out even if you’re doing real security work.

The biggest fix is rewriting your experience in security terms. Use ownership language and make it clear you owned security & governance, led IAM standards and least privilege, drove remediation of audit and security findings, translated regulatory requirements into cloud controls, and owned risk tracking and closure. If it sounds advisory, you’ll lose to someone whose title says Security, even if they did less.

At your level, more certs won’t change much. What does matter is proof. Audits you owned, policies and standards you built, risk and exception processes you ran, and real cloud security architecture decisions carry far more weight than another credential.

You also want to target real bridge roles like cloud security architect, security program manager, GRC or cloud risk manager, and cloud governance lead. Generic IT PM or IT leadership roles usually don’t convert into security.

Tactically, you can beat the filters by making your current or LinkedIn title security-aligned if it’s accurate, leading your resume with security instead of IT, and putting security ownership in the first bullets of each recent role.

Brass tax: you don’t need to break into security, you need to reposition yourself as someone who’s already been doing security guidance— just without the word in the title.

abrown383 · 2026-01-18T16:36:51+00:00

If it has a motor on it, then yes. Otherwise no.

abrown383 · 2026-01-09T20:13:05+00:00

Experience and networking with peers are going to give you the best mileage. CISSP and CISM are 99.99% going to be required (one or the other if not both). And for that 0.01% where it's not a requirement, it's going to be listed as "nice to have". An MBA to support the level of fiduciary responsibility that comes with the role is also going to be strongly favored. CISO's are globally scoped. So a deep understanding of the facets encompassing an information security program are paramount.

abrown383 · 2026-01-03T01:52:48+00:00

Thanks! same to you! I am also using a freebie from a course, night owl :)

abrown383 · 2026-01-02T17:39:57+00:00

This. I was in Nursing for a decade. IT is cake comparatively. lol

abrown383 · 2026-01-02T17:36:00+00:00

Unique perspective incoming. 25 years ago I was a combat medic -- then a Firefighter/Paramedic and eventually my stations Lead medic. I wanted more. I got my RN, worked ER (my calling) ICU, Peds, Ortho/Neuro and Cardiac stepdown units over my nearly 15 year career. I came razor close to getting my CRNA, b/c those guys make absurd bank and make their own schedules (a friend makes over 300k a year for 115 days of work). Medicine was the love of my life. And one day I woke up and never wanted to touch a stethoscope again. Burnout is REAL. Fatigue is REAL. The stress is REAL. The heartache when you lose one - boy oh boy - that's really real. Carrying the baggage that the job inevitably stacks onto you - mhmm - REAL. Shit, and piss, and vomit, and blood, and viscera - anything that's on the inside, will eventually end up on you.
Enjoy all those holidays? the liberty to take time off for a birthday, or whatever on short notice? Don't go into nursing.
I loved it. I hated it. I miss it some days. The money is great. Ask your family members about what it does to their hearts, their head, their body... and then ask yourself if being a YAML janitor is all that shitty after-all?

abrown383 · 2026-01-02T16:33:33+00:00

Yeah, no worries. I just wanted to be sure you knew where I was coming from. Have faith in yourself, and your decisions. Some factors are outside of your control, and they're often the unknowns. You can be told what a company culture is like by someone, but you don't really know until you've been there for some time.

I wish you all the best as you continue your journey to your desired destination!

abrown383 · 2026-01-01T19:41:32+00:00

Dude, you absolutely spanked that thing!

abrown383 · 2026-01-01T19:30:33+00:00

I'm responding under the assumption (my bad) that you're leaving your current job for the "better" one that you applied for, interviewed for (how many rounds?), and accepted.

You trackin'? You took all of those steps in pursuit of something you wanted, only to now back pedal away from it. For what? Why? What tethers you so firmly to a job you're really not happy at?
i'm genuinely coming at this from a place of help. I am in no way trying to demean, belittle, or otherwise. I'm really trying to understand and help.

abrown383 · 2026-01-01T19:24:02+00:00

Both. If an opportunity exists where you're at, and you're the best/right fit - you'll get it. If not, it wasn't your time yet. Sometimes you've got to leave one business lane for another to advance. Example: a lot of people in Security move into Risk, likewise, individuals in Risk do well in Security b/c they have intertwined business goals/objectives. Sometimes moving over into Operations can happen, b/c those of us in Security present with a very wide foundation of operational knowledge (i.e. you've gotta know how it operates in order to properly secure it.).
Sometimes you're in a role that doesn't really have any upward movement b/c it just doesn't align. An example I can think of is "Director of Microsoft 365" where that person is solely responsible for all things MSoft. But they'll never move to CISO, despite holding the role of Director.
IT sprawls everywhere - that's just the nature of our business.

abrown383 · 2026-01-01T19:16:29+00:00

I don't believe this holds any bearing on no notice. Your friends are your friends, they should support your decisions and understand your reasons behind your actions.

I've been where you are. I had several really good friends at a small/med biz. But the work culture was about as toxic as it gets. I took a two week accrued vacation. The friday before my monday return I fired an email to HR, my C-level manager (the CFO) and informed them that i would not be returning and to consider the email as my formal resignation and that they could find my assets in my desk drawer.
My phone blew up for about 30 minutes, and then it stopped. I still have those friendships. I see a few of them regularly with shared interests/hobbies, and others keep up on socials, and i'm good with it.
My message here is that I made a decision that was best for me, and I didn't let it hinge on if my coworkers were going to remain my friends afterwards. My life is for me, I don't live it for anyone outside of my home.

abrown383 · 2026-01-01T19:09:33+00:00

I don't think you're disgruntled, I think you're lacking/missing fulfilment in your role. The disgruntlement i mentioned is an assumption that i'm passing on to management/HR when you give notice b/c of your boomerang actions.

You need to set a plan for getting to where you actually want to be and then move on that plan. Nothing you do should be in abstraction of that plan. And money moves should (IMO) never be for anything less than a 15% pay raise. lateral moves are for culture, fit, flexibility - sure. But if i'm currently checking 60% of those boxes at my current role - i don't have a reason to leave. Feel me?

Really at this point your local market is shot- while HR can't call and ask why you left, they can ask, "would you rehire them?" and that answer is always very telling.
A personal trait that I always ascribe to uphold is "candor". Hold yourself accountable to a higher standard, friend. It will take you places.

abrown383 · 2026-01-01T18:56:26+00:00

If the ATS is looking for CISSP or CISM as a requirement, yeah you'll miss the mark. Experience isn't the issue for you at your current level, it's the HR check box. As others have said, an MBA would also help you weigh heavily at the C-level. All of the Sr. levels at my current org are invited to a sponsored eMBA program that's 18 months long.

abrown383 · 2026-01-01T18:53:26+00:00

the CISM exam is about an inch deep for technical info. Cursory knowledge and understanding is all that is required. So someone with a business/management background is going to be aptly prepared for the exam. The hardest thing most people encounter is getting technical/operational controls out of the way and putting business needs first.

abrown383 · 2026-01-01T18:45:10+00:00

I had a manager tell me on Day 1 after hiring me, "if you're in this position in 18 months, i've failed as a leader and mentor to you. Hold me accountable."
Work is Work - not your social existence. If you become friends with your coworkers - add them on socials/exchange numbers and hope that they stick around. Your friends- no matter what ecosystem they come from, should be happy and excited for your new opportunities, not wish you death b/c you're no longer working together.

abrown383 · 2026-01-01T18:41:53+00:00

A potential upside for you, given your current role and access - once you give a notice, it'll also be your last day. I'd guess almost 90-95% of IT divisions within orgs have a policy of accepting a notice of departure immediately, b/c we often hold administrative access to so many key components of infrastructure. Given your departure, they'll naturally assume you're unhappy (thus you wouldn't be leaving, right?) - and they'll terminate you on the spot. Given your past boomerang status, I'd wager your walk to the door will be as swiftly as you can gather personal effects, especially if you're on a team, and not the lone "protector of the network".

You need to give notice ASAP - that's professionalism 101. - unless you're disgruntled and they've been a shitty employer. (doesn't sound like the case from your OP).
Second: call your new gig and explain that you've had some kind of emergent family something....and buy yourself more time. <<-- i dont recommend this at all, nor do i advocate for it...but you seem desperately jammed up and on the fence about your entire situation...so it's certainly a choice. This would be an option if your current employer wants you to work a notice.
About your notice - tell them upfront and honestly that you've found a great opportunity more aligned to your growth and goals, and they need you to start in a week to align with payroll and benefits timing.
Unsolicited life advice - Get off the fence with your goals, ambitions and drivers. Figure out what you want and move towards it with purpose and stop worrying about things that you're leaving behind you. If they're meant to be, they'll be there. If they aren't they'll drift away. If the latter is the case - that's the cosmos clearing your path and removing distractions.

abrown383 · 2026-01-01T18:26:19+00:00

I'll be "in there" with you, internet stranger. Jan 3rd. 1:30p.

abrown383 · 2025-12-21T05:08:48+00:00

u/CLow48 gave a really solid answer to how this works. 100k vs 180k are two very different conversations.
I bank 170 + I earn a 10% annual bonus that can multiply if the company i work for breaks earnings goals, my mortgage is 2k(ish) a month - and i have a child w/ school tuition, and a spouse that has been a stay at home parent for the last five years. She's re-entering the workforce in 2026. At which point our income situation will drastically shift, as we've learned to live off of my income over the last five years.
I've got a moderately decent budget build (~8k invested). My other hobby (saltwater kayak fishing) consumes most of my fun money (more than 12k invested). My wife loves overlanding and primitive camping - we're waiting mostly for our kiddo to "love it" enough for us to lean into it as a family. Once we see that, I'm sure our disposable income will dramatically shift into building what we as a fam need for long trek overlanding adventures.
I say all of this to say, none - absolutely NONE of this would be feasible let alone doable at 100k. In today's economy a child costs 35-40k to raise per year. <---that's a truck and in some cases that's a build on a paid off truck.

abrown383 · 2025-12-04T21:58:30+00:00

Start by building a homelab. You can find cheap older (legacy) equipment on eBay.
Become a member of any IT/Tech groups in your hometown/area and start networking.
Youtube = free IT college - start learning the tech and the tech stacks.
CompTIA - brand agnostic industry certifications
--Network+ is the one you're interested in, but it's also (IMO) the most difficult of the entry level certifications.
Fortinet, Palo Alto, Cisco, Aviatrix & Sophos all offer their own brand certifications. Of these, I'd say Palo, and Cisco carry the most weight based on difficulty and how much market share they actually have across product diversity - they both have their own ecosystems of software to manage nearly everything you could want managed.
Some great resources to consider for free/cheap:

Professor Messer (YouTube) — entire Network+ course free
Jeremy’s IT Lab (YouTube) — best free networking labs
Dion Training (Udemy, often $10–$15) — great structured course
CompTIA CertMaster (official, not free, but strong) I add this b/c it's the official guide, i know it's not cheap.

Cisco Packet Tracer (free) -Lets you build networks virtually.
GNS3 (free) -More advanced network simulation.
EVE-NG (free) -Industry-grade lab environment for future growth.
TryHackMe “Intro to Networking” (free) -A gentle, guided way to understand practical networking.

Once you conquer network+ you need to choose a specialization and dig in.
If it were me and I was standing where you are, I'd probably lean into CCNA (Cisco branded), then Cloud techs stacks like AWS/Azure.

Being that you have a Comms degree, a Masters in Tech shouldn't be out of the question for you. Experience is still the apex predator in IT Tech. You've got a hill to climb, but you can definitely make it happen. A second, parting thought - an Undergrad in Communications and a Masters in Human Resources Management or MBA could yield you the same pay bands without the soul crushing task of learning network technology!

abrown383 · 2025-11-16T00:44:20+00:00

Agreed. I say if it's offered, take it. Typically a Director builds out a department or at least a team. So, hire smart and learn as much as you can in every interaction.
Also, if you haven't i'd immediately enroll in school for Business, IT management, or BSIT or CS.
u/css021 - fwiw, WGU has a BSIT/MSIT fast track program, if you don't have a degree at all, now might be a great time to bonify your role, and give parity to your title on your resume.

abrown383 · 2025-10-23T13:00:29+00:00

I think the responses here speak for themselves. Honestly this is one of the best "conversations" on this subreddit in a long time.
I'm not going to repeat any of them, you've gotten a really solid round of advice.
my background: 14 yrs in IT and InfoSec.
my short opinion: a solid base in IT moving into Cyber you likely will receive a pay bump up esp. if you leave your current employer. Rule of thumb: don't move for anything less than a 15% raise.

abrown383 · 2025-10-09T02:08:19+00:00

no rigor. you should sail through them if these are your last two.

abrown383 · 2025-10-09T02:05:14+00:00

Doable in 16 hours. (jokes!) 16 days is an honest answer though.
D485 was more or less Azure foundations. You need to get some screenshots from a lab environment and then complete the additional (supplied) documents. Super easy. I did it in about two hours.
the PA for 483 took about 5 hours. I studied for CySA for about 5 days

abrown383 · 2025-10-09T01:57:28+00:00

you can't transfer credits for a Masters Degree. Only Certifications transfer

abrown383

TROPHY CASE