In infosec, things can be rather ambiguous. Let's take my job for instance. My title is Security Engineer. What I do is mostly write SIEM rules, tune customer firewalls and IPS, a bit of working with customers to improve their security posture through configuration of their existing equipment. We have another employee whose title is Security Engineer and his job is tuning various manufacturer EDR and working incident response. A third person whose title is Security Engineer, but she works with customers to determine what tech and SOP they need to reduce their risk.
So now we have three people whose title is the same, but the job is different. My job is to detect what happened. The second person is to prevent the happening. The third person determines where the deficient is. Yet we all have the same title, Security Engineer.
You need to determine what your strengths are, what you want to do, and make sure during the interview that there is a match.
Agreed. I was hired on as an "info sec engineer" despite primarily doing QA work for a internal inventory/audit related app but after recent changes in management and a significant org structure in 2020, I was basically demoted (without it being said) to QA Associate. What happened was they shifted a lot of us into a lower pay grade where the midrange salary point is actually lower. So while I didn't get a pay-cut, I'm now even higher in the upper range of the salary cap which means less chance of getting a significant raise. I've also been hearing rumors and speculation of the current performance reviews really sucking this year - a lot of ppl who usually "exceed expectations" are now just barely meeting them per the new performance review structure, so a lot of people aren't getting really good bonuses and even COL increases seem like they'll be limited.
The CEO even stated on all-hands calls that they're looking at ways to cut budget by reducing the workforce through attrition... talk about a big morale boost lol. I have my performance review tomorrow and I'm setting the bar low.
All that said, I really can't complain about my current work schedule. There's a lot of downtime and it's extremely flexible. For the most part, the element of "just get your tasks/work done" is pretty huge.
But all these little 'auxiliary' changes seem to ultimately be unraveling a new culture that could result in more of a watchdog-like environment with overlord managers peering down your throat (there are elements of this with my new manager, which is another story). I think what's going to happen with this attrition strategy is that the company is going to be stripped of all its talent and they're going to be driven into the ground (the current CEO is an axe man and I bet he will ditch once it gets to that point or perhaps soon before). One red flag was my peer telling me about the troubles they were having interviewing for a backfill position. They ended up hiring on a contractor who was working in a different group at the company because all the outside candidates were horrible. Seems most of the desirable talent is smart enough to avoid this company so it gets left with slim to no pickings. If this is any sign of what things will look like when the company has to hire on a new workforce after this attrition plan works out, the outlook is pretty grim.
Anyway... I digress. I think I'm so tired and burnt out from working for companies that don't treat their employees well (this company and my last in fact... I mean, they started out really well but just went downhill) that I've been demoralized to the point that recognizing my value and strengths is a challenge. For me it feels like status quo...
It is tempting just to to ride it out and milk it, then trying to doctor up a severance package... although, this might be at the risk of ending up being in a crap environment where morale is nearly non-existent in the last days (I've been thinking about the possibility of pressing the "F-U Money" button in that sense)