Skip to main content

Pay vs Passion: The Price of Risk

A little under a year ago I was sitting at GrrCON trying to decipher why I wasn’t enjoying myself. I didn’t want to go to the villages; I didn’t want to mingle, and I definitely didn’t want to listen to talks. It’s an understatement to say that I was weighed down by some anxiety, apprehension, and fear. The weekend eventually culminated in me having a panic attack in the parking lot. While crawling into the shower — hungover of course — the next morning I came to the realization that I was unhappy with where I was headed. I couldn’t enjoy the conference, because I was thinking about everything that laid in front of me after the conference.

 Flashback six months earlier and I was contemplating what I would do once I graduated from University. I was about to graduate with a BS in Network Engineering. A job offer was on the table at a respected managed service provider in Chicago. The pay was great, the benefits were outstanding, and it would be a move to the big city! A newfound interest in Infosec was leaving me grappling with whether or not I wanted to go the grad school though. I had just joined our universities cyber forensics club and was quickly falling deeper and deeper down the rabbit hole. Did I want to risk it to delve into this newly developed interest or did I want to go down the less haphazardous path and accept the job offer that was already on the table? This was something that I struggled over for most of that semester.

As you can probably guess I made the decision to work for the MSP in Chicago. It seemed like the absolute logical and rational decision at the time. Oh, how I was mistaken. It turned out that, Infosec, what I thought to be a momentary passion wasn’t something that was going away. I was working by day repairing Outlook profiles to come home at night and listen to conference talks and work on certifications. With each passing day, I realized I was more and more dissatisfied with installing monitors and was craving to do something that felt worthwhile. As a side note here I have to mention that the prejudice that all “hackers” are criminals definitely still exists outside of the Infosec circle. Me being me and the deviant I am all I heard was “Hey don’t do those things and don’t be that person.” so of course I leaned into it even more.

It’s difficult to decide between the safe road or going down the riskier path. I had made the decision to go down the safe path - to take the well paying job, in the big city, with the benefits. I decided to not pursue what I thought at the time was a temporary infatuation. Looking back in hindsight, I wish I would have taken the time to explore my new-found interest. To go to more conferences, spend more time in Discord servers, and talk to peers about their experiences and insights. I can’t imagine trying to make a decision like this after having been in a career for 30+ years or after having a family. It’s worth it to delve into new interests though. That might be Infosec, it might be music or even woodworking. It may turn out to in be a passing phase, but it might also be a new passion. If you have the chance to chase after “it” then go forth.

During the second day of GrrCON, I came to the realization that I wasn’t happy. All these feelings and hang-ups were because I knew this conference was nothing more than a vacation for me. I would eventually have to go back to stacking keyboards and moving desks. I decided on that day to go back to university and pursue my MS with a focus in Information Security. I decided to make the leap and explore information security and see if it was, in fact, more than just a passing fad for me. I can only recommend that if you have the chance that you do the same.

Welcome to Allow Some Deny All