Mike Subelsky has a great blog post where he writes about why you might not want a government cybersecurity job. I agree with all his points and even have some to add.
Cutting edge technology
Mike discusses that in a classified setting you are restricted in the technology and platforms you use. He mentions browsers and operating system that you won’t be able to utilize. In addition to not having cutting edge apps like chrome, you won’t have access to source code to compile your own programs for testing or improving your productivity. Imagine that you’re dealing with mountains of data, you’re free to use Microsoft Excel, but if you want a database, you might be able to get access to an Oracle DB if you know the right people. You won’t be using mongoDB and your chances of using a language like ruby are slim. There are exceptions, but the majority of analysts are limited in the tools they can use. Good luck if you’re used to having a shell account for doing bulk analysis. Can you imagine having to use Excel to look at a million netflow records?
If you do get lucky and have access to a variety of tools, you will never have the latest version. It won’t be Perl 5.10, or PostgreSQL 8.4 or MySQL 5.5, it will be versions several years old. The government has been slowly adopting some open source tech, but it’s never up to date. That means that the feature you need that was just added in the last point release isn’t going to be available to you.
One of the great things about being out of the government, is that any and every tool is available to solve a problem. I can use some alpha code or purchase a server to install any OS I want, it makes going to work so much more enjoyable if you can experiment with new tech.
The government follows OSHA regulations for your work environment. If you are in a large cube farm with 30 other people, you won’t be turning off the overhead fluorescent lights and working with a desk lamp. You may be able to swing dual monitors, but they probably won’t be connected to the same computer. For the most part, wireless anything will be off-limits, so no wireless keyboard and mouse. Speaking of mice, forget having one of those high-end gaming mice that allows for customization of weight and sensitivity.
If you’re going to work for the government, be prepared for your boss to have no idea what you do or how you do it. This leads to interesting scenarios where you are asked to do things you aren’t trained for, but because computers are involved, you’re the expert.
The state of sharing is changing in the gov, but for the most part, you won’t have people actively giving you information to make your job easier. Because government agencies promote employees based on longevity and awards, other employees aren’t interested in you getting promoted based on work they did. It’s more about advancing their own careers than it is about advancing the mission.
If you’re used to Instant Messaging as a way to quickly chat with other folks about ideas or just for scheduling lunch, think again. Any corporate communication medium is going to be severely limited. In an environment where everything is PKI enabled, even having a Jabber server is rare. There are “replacements” for a quick IM, but they aren’t robust and usually based on IRC or some other overly complicated collaboration system. You might even find yourself with a mic and headphones, because that’s the closest you can get to quick and easy comms.
I wouldn’t say everything about my experience was negative, but it’s sure is hard to enjoy your job when it feels like your employer is actively preventing you from solving hard problems.
Pingback: Tweets that mention The government leads in cyber-boring |PacketNexus.com -- Topsy.com
Pingback: 5 reasons to take that government cyber security job |PacketNexus.com
Pingback: Cyber Security and the Web Developer | It's a NuGeneration