IT/Software career thread: Invert binary trees for dollars.

Kithani said:

Honestly anything more than a 20m commute one way starts to be “ehh let’s look into different neighborhoods” for me

Click to expand...

I have to commute 2x a week for the first time since 2020. Its like 45 mins each way, I don't mind the drive lately. Thankfully its all on the expressway and I don't have to actually get bogged down in traffic that much. It is nice to get out of the house, the 50k raise I got aside.

Noodleface said:

Unfortunately company pays me pretty well and priced me out of similar jobs unless I work for FAANG

Click to expand...

I guess I am sortof in this situation now. The best I could probably do is go for a staff or principal at a specific subset of companies for >250k comp as an IC. Or finally bite the bullet and pursue management or product management.

TJT said:

Click to expand...

This guy is hitting the new reality of a world where AI is enabling outsourcers and foreign entities to automate applying for jobs ("Scrape LinkedIn and apply for EVERY job with a tuned resume to match the criteria" is not unheard of as an AI prompt from what I hear. heh). Only way to deal with this volume of input? Leverage AI to filter. Who loses out in this process? Humans.

Past that, Cybersecurity is facing a really odd inflexion point right now...

There is a confluence of factors making it really difficult on SecOps engineering talent (i.e. SOC Analyst/Remediation types) :

1. Automation - There's a huge push for improvements in efficiency/speed through automation, across the industry. Most modern SOCs are moving towards having Tier 1 gone due to it all being automated, I know ones where Tier 2 is automating as well. In smart companies they use this as a way to elevate the Tier 1 to be Tier 2, Tier 2 to be Tier 3, etc. And you end up with a good solid staff. In many companies though they use this to justified headcount cuts as cybersecurity is almost always seen as a cost center.
2. Outsourcing - AI doesn't always mean artificial intelligence, sometimes it means "Another Indian". Before companies were automating away tier 1, they were shipping it overseas. Many of the ones that couldn't do that due to regulations were still outsourcing but to US organizations like MSSPs. And guess who many of those MSSP organizations are staffed by... (see the ongoing "Indian Race Preference Based Hiring" crisis). Because of changes in how IT works less and less is needed in terms of "hands on devices" types, and if a job can be done remotely.. it can be done from India in most cases.
3. Changes in threats - Does Ransomware still happen? Yeah. But it's prevalence in the corporate landscape has radically shrunk. 5 years ago "Stopping ransomware" was a top priority of almost every security org I talked to, now a days? It's at best an outlier. Why? The protection capabilities of EPP and EDR software have to a greater degree "solved" prevention of that on a corporate level. If a significant company gets popped with ransomware it's because they've been truly lazy and not updated their EPP technology for over half a decade. The threats now are about data exposure, leaks, and preventing those. Which requires less in terms of remediation guys like the OP here seemed to me. These days Ransomware is not about regaining access to the computer, it's about Hostage-ware where you're negotiating to not have the stolen data leaked.
4. Changes in technology - Ransomware was horrible when people often still had tons of valuable and important documents on their devices. More and more organizations now save everything into cloud spaces. This is, in some ways, reducing vulnerability footprint. Automated Shadow Copies/Backups make the chances of actual data loss lower as well. Now, some companies are even moving further away by leveraging "corporate browsers" and doing all work in those. Right now my company leverages one, I can do my entire job inside the corporate browser (it's a chromium derivative, not too shabby). In that scenarios the actual device is the modern equivalent of a dumb terminal.

Then add into this the emergence of AI which is doing a second round of what Automation did. This time the smart companies are realizing "This is like putting Iron Man armor around our security guys and incredibly improves what they can do", the more short sighted ones are thinking "Who needs humans in the suit?" It's like an even more boring boring version of Iron Man 2. I'm intimately familiar with this as I help consult with organizations to design and deploy SOC automation and AI tools... In some ways, I guess I'm the devil here.

Khane said:

Cybersecurity professionals having that hard a time is more telling than us "regular" devs. There are a lot more rules and regulations that prevent foreigners from having access to lots of different types of data and systems.

Everything is fucked. Can't wait for the next jobs report to make it seem like the job market is A+++

Click to expand...

That is changing too though. FEDRAMP projects requiring access to the Federal infrastructure are on a completely separate architecture. AWS/GCP/Azure have specific FEDRAMP offerings and many other companies do as well. Up until last year I had thought US citizens only could work on it. That is not true any longer. Unless its the equivalent of Top Secret (called FEDRAMP HIGH) then foreigners and even India side teams are able to work on it. FEDRAMP Moderate is the name they use for it usually.

Finance and other industries are likely doing the same. H1B were able to access PII in Healthcare when I was in that industry.