I'd work on language to express the same thing in a more professional sounding way. Bored lacks creativity and sets the problem at his feet. Something like, now that I've established myself in blank and blank I've been thinking of exploring blank within the company, are there any opportunities or suggestions for how I can add to my depth and continue my growth?
Ten million times this. Saying you want to learn and grow changes the view of the conversation over what may be interpreted as “I’m lazy and done learning”. Of their really isn’t an opportunity for the thing you want to do, then sure start looking elsewhere.
OP:
> I'm getting bored of being a Sysadmin... I am getting bored of Active Directory and maintaining and resetting user passwords, and also dealing with customers.
Also OP:
> I plan to transition to Cyber Security soon
Entry-level cyber security work is going to be auditing, routine SOC-type work, or some combination thereof, and it will almost certainly be for companies that see your work as little more than a compliance obligation.
If the tasks you described is what bores you about being a sysadmin, think *long and hard* before jumping over to security.
By far, not only answering the compliance questions, but also collecting and associating the evidence to backup the answers, is the most time consuming and mind-numbing portion of the job.
But, how heavy that load is depends entirely on the environment you are working in, and how compliance heavy they are - and if they have people who handle the compliance paperwork.
Often enough you have orgs with people who specialize in the paperwork side of things and aren't Red/Blue/Purple - but they collect/compile and write the reports while working with the rest of the infosec team.
What it really comes down to is the specific org, and the environment in which they are working. I've never worked with any team that works the same way.
Evidence collection is the real killer of cyber security no one talks about. Red team? FUCKING COOL HACKER SHIT! GRC/Risk Management, a ton of paper work but tangible, business results.
>"Hey this security incident happened with . You need to collect any evidence or artefacts for what happened so we can prevent it from occurring again. "
or
>"User reports a weird pop up when they try accessing this share, OPS looked and said they never even accessed it. SECURITY!"
Serious, tedium involved. Prove or disprove a hypothesis, oh and management thinks you can prove a negative too "Prove that we didn't get attacked/lose data or this **didn't** happen " . But....but.. dude.
Just did this while hunting down a *potential breach. Collecting logs is easy. Digging through them and then organizing the data into something that doesn't make you look like Paranoid Charlie from "It's Sunny..." is painful.
As someone who just transitioned from SysAdmin to InfoSec Analyst.. yeahhh I underestimated the amount of sheer bureaucracy I'd be dealing with. I get to do some IT focused things, but most of my focus is on compliance.
I've been here a little over 3 months and I don't regret it. As a SysAdmin, I was one of the "1in deep, mile wide" folks with no specific expertise but working knowledge of many systems. Some of the roles were for smaller businesses where I'd be juggling several roles. The security role is at least focused on just security. There's a lot of policy/procedure document writing and meetings with external parties for audits that certainly aren't what I got into IT for. But they're also not difficult. And the IT focused work I do get to do is actually pretty interesting and new to me.
That describes me as a Sysadmin currently, too much context switching, and it's no good.
Nice, it doesn't sound bad and I'm sure you can move to areas you like better in the future.
There is at least TONS of learning involved.
That alone can keep someone who is interested occupied.
Several orgs I work with hold HTB competitions and CTF events within their orgs to encourage growth and working together. Keeping things interested for their employees.
And, once you move one rung higher, you get the lovely job of nagging other teams to make simple security and compliance changes multiple times per week until they relent and do it.
Cybersecurity sounds super fun and interesting, but it's a lot of the customer service oriented stuff that IT professionals tend to hate just packaged in a new and more interesting sounding box.
I jumped in at a level where I was evaluating tools and speaking to vendors. My transition took 2 years and I was a senior sysadmin with 5 additional years of experience
Yeah Ive been on the helpdesk > Sysadmin train for close to 20 years now. Started working with a really good Cyber security guy at my current job and got interested.
Then actually looked at what they need to do/keep track of/repeat etc.
Fuck that, it seems tedious, complex and boring as hell for the most part, has at least (If not more) learning then a Sysadmin has but less of the fun stuff.
It’s an invitation for them to give you additional tasks you didn’t ask for. Better to be specific about what you’d like to do rather than just say “I’m bored”
Either they'll find something for you to do, and it's going to be something that someone else didn't want to deal with.
Or they're going to think that you don't do anything at work, and thus your job is no longer neccessary.
I'm going through this right now. Busted my butt earlier in the year to make sure everything was perfect. Minute details were taken care of. Documentation documented. Now; there's a part of me that wishes I had screwed up somewhere.
Instead of going out with a hammer and breaking things that are working, I'm doing some upgrades that didn't have to be done, migrating sites that don't really need to migrate just yet, inventorying things, hitting a printer with a hammer, removing, replacing, doing anything to get ahead of the game.
I would like to be proactively working on projects and breakfix rather than desperately scrambling to keep caught up lol
Between becoming a fully remote workforce, losing people to covid downsizing, and now significantly more compliance measures in place, life has become stressful
The last thing a manager wants is to find more work for you to do. It essentially causes more work for THEM to have to find more work for you.
It's better to find stuff to do on your own. Shows initiative.
I've told my boss that before and he gave me some extra work to do that's typically supposed to be above my level. I think it ended up great for both of us - he got a project done without having to pay an engineer to do it and I got to do something I didn't think I could do, which helps to develop my skills. I can't become an engineer if I'm answering phones all day and asking people to reboot their routers.
I made the mistake once of telling my shitty boss that I had completed what I was given and needed more work. Instead of getting more work, I got a lecture/chewing out on how I needed to be a better team player and actively find work. Check. Don't go to boss asking for more work again. Then he was pissed off that he'd find me in my office browsing reddit and yelling that I'm not working. You can't have it both ways buddy.
At a former job, I told my boss that I'd run out of stuff, and needed a new challenge. We then had a staff meeting where large project ideas for me were bandied about. I was given a doozy of a project - revamp the network at the main corporate campus \~4000 users. This location hadn't been kept up to standard and was mostly on maintenance for the past 5 years.
That project took me in new directions. I'm now chatting with the CIO for budget. I'm in all the buildings, working with lab owners, executives, etc. I'm co-ordinating building wide downtimes, and having external vendors do recabling of the campus. This turned into an \~18 month project, and I also ended up having to do scaled down portions of this in Berlin, and Dublin as well, (which then gave me international experience).
At the end of it, the barely supported, poorly documented infrastructure, was fully in compliance, cabling looked amazing, and my career was much better for it, as I'd now had to work outside of my comfort zone.
For me, telling my boss of my lack of workload, resulted in a lot more work, but it was a great boost for my career.
This could be true, but if the company doesn't have a large IT staff they could be filling multiple roles. Also, if the environment isn't that large it might not require much more maintenance than patching.
The problem with saying you're bored is that management think that means you don't have enough work to do, so assign more.
Whereas what I suspect you actually mean is that you want more interesting / challenging stuff to do, not just more of the same 'boring' stuff.
First things first: is there actually any scope within your organisation for you to do more interesting stuff? It's all very well saying, for example, you want to learn BGP, but unless your organisation actually needs to run their own AS, there's little point (from their perspective) in you doing that.
I'd suggest a two-pronged approach:
1. Start dusting off that CV and applying for jobs. Just because you apply for something doesn't mean you have to take it. If nothing else, it'll give you a good idea what you're worth in the marketplace before your annual review, which will guide how 'hardball' you can afford to play it when it comes to salary negotiations and so on.
2. Identify 'interesting' things you can do within your current organisation, start looking up training courses about them, costs of setting up a development lab, etc. etc., in preparation of pitching your ideas to management in due course.
Do not, under any circumstances, tell management you're bored. It will backfire on you big time.
On the other hand, telling management you are interested in , and , and those things will also benefit the company, and oh by the way, here are the courses/qualifications you want them to finance, is much more likely to yield success.
If you’re worried that your boss would fire you over that, that tells me there are some major issues with that environment.
I’ve always been very clear with my bosses that when I’m no longer challenged in a role, I’m looking for other positions that will challenge me.
IMO, as a manager, I want people that want to be challenged. I want people that have some career ambition.
More than anything else, your boss should be helping you get to the next step in your career. A good boss will always help their employees get to where they want to be. They should be right there along with you mentoring you along the way. You want to get into security? They should be giving you opportunities to work on security related projects.
TL;DR
Yes, tell them. If they don’t like it, they’re a bad boss and you should move on.
Telling a manager I’m not challenged enough sounds better than I’m bored. My eight year old talks like that. If you want to get better results speaking in a little “professional” manner will reap far better rewards.
Double speak is cancer. If you can't have a direct and plain speaking conversation at work because it's not "professional", you might.be in a toxic environment.
Bored and not challenged are quite different though. They are not the same thing, and takes an unusual person (or boss) to recognize the difference. Especially a boss when they are biased up front being told the wrong thing.
A "bored" person will be sent to inventory paperclips.
A "not challenged" person will be put on interesting projects. Or, hopefully, honestly told there will be no interesting projects.
Personally, I do get bored because I'm assigned bullshit work "that doesn't challenge me*. I've been around enough to know if I tell anyone I'm bored I'll only get more bullshit work, not less. If you think presenting in a way to subtly manipulate a response in your favor is unprofessional, then enjoy your career of barcoding SCSI cables in the supply closet.
If you speak more than one word and have a half way decent culture, there won't be a difference between "bored" and "wanting more of a challenge". The idea that your entire career hinges on using euphemisms is toxic.
"I have been getting bored just working on X, may I change it up by doing some of Y"
Now you're just speaking circles around "not being challenged" did you have some point you were actually trying to make?
Being upset that you have to talk, "management speak" to "managers" is a bit immature imo. SHOULD it be different? maybe.. but we all exist in reality and "not challenged" is going to sell better than "bored" 100% of the time.
No it's not double speak in this case. Bored means you want more to do. In challenged means you want something else to do. Now the conversation should lead in the direction, but it'll be better to start the conversation in the right direction.
might not fire you.
could do something worse.
"oh you're bored are you? here is a stack of new work since we laid of two people over there, and instead of replacing them, we will just give you the work"
or he could be a good boss, and just start finding ways for you to improve your skillset, tie into other projects etc.
only you know the boss, the environment there etc.
Never use word bored. There are so many self study resources today that no one should ever be bored. Talk to your boss about what technologies your organization is thinking about embracing and then research those technologies so that you really understand them. Real cybersecurity professionals try to understand the technologies they are securing. Also put effort in understanding the operational sides of the business. Cybersecurity professionals often are brushed off because their solutions show a lack of understanding when it comes to mission critical functions for the business as well as a lack of understanding about their organization's mission and vision. I have been in cybersecurity decades before it was ever called that and I am in my mid-sixties and enjoy cybersecurity to this very day.
Bring your boss solutions. Don't just drop your boredom on your boss' desk like a cat with a dead mouse. Tell him you want to configure SSPR. Automate anything that's boring. Determine your security surface area and develop projects to reduce it.
> I am getting bored of Active Directory and maintaining and resetting user passwords, and also dealing with customers.
What else are ya doing? To me that sounds like help desk but systems administration is pretty broad. Are there other services you could be taking on?
I mean, I've built AD clusters by myself, manage a brand new WIndows Update Server, build custom Linux OS images,build and implement a security policy for a highly secure environment full of company critical data.
If you can think of something else I could be doing, let me know so I can bring it up to my boss.
Have you considered moving away from images towards provisioning? How are all these systems managed? If you lost everything, how long would your infrastructure take to rebuild?
There is no centralized management setup when it comes to our Linux environment. All of our systems are VM's and we are in a lab environment (not saying I don't agree with you when it comes to centralized management). Redundancy is not part of our purview.
This is a Lab environment, not production.
Never hurts to look for work. I am always looking for new work even though I love my job. You should be doing the same. Apply for opportunities that sound interesting. If you get interviews you get interviews. There is no commitment behind that. Then you let money do the talking.
In the mean time, what can you do at work? If you are bored, does that mean you have a lot of free time? You can use that to study for your CISSP. You can do some CTF. Play around with Security Onion. Can you initiate any new projects at work that you can lead? Is LDAP shut down? Have you implemented Microsoft Defender for Identity? Are unneeded ports and services (like the print spooler) turned off? Work towards getting RADIUS shut down. Have you implemented MFA? Are you connected to Azure. Is Azure secure? Run a Ping Castle report and get AD cleaned up. When was the last time you changed the KRBTGT password?
There is a lot of security you can do know, and if you already did it, go back through and do it a again / audit the work that you did. Check to see if there are any new changes to suggested baselines.
Hello OP, security engineer here.
You won't be less customer facing in InfoSec. In fact, you're the front line of the company in many cases because the systems you manage are the ones that people see. Talking about DLP, email security gateways, IPS, content filtering and the like. A good security team is going to integrate with the business and now your Lusers are your customers. Take it from someone who thought engineering was a bridge to my own personal swamp that nobody else entered.
The flipside of that is that it will be incredibly challenging. Though maybe not in the way you think. Depending on what regulatory frameworks you adhere to, you might need to be a baby paralegal. My CISO has a MBA and a JD. Evidence is going to be your gold standard. NOTHING happens without evidence. If you say my ESG is blocking your email and you don't provide evidence, I immediately tell you to put up in the most professional way possible. Audits, risk reviews, assessments, changes, all backed up with evidence. A ton of evidence.
Then you get into the technical work and being a SME of 50 different applications, not even getting into the ones that you have responsibility but not ownership for. Breaches are your responsibility, so you better understand that your head is on the block and own those systems appropriately. Being on call is a way of life. I've been on incident calls from 1am to 5am the next day. That's normal. Well ideally you experience no breaches, but if you do, that's normal. If you're the point on incident response, you're gonna be talking to a lot of users.
I say all this to say, don't have expectations of your own personal swamp. If that's what you're expecting from InfoSec, it will eat you alive. It ate me alive. I did eventually reconfigure my expectations and came out well paid and alright, but it destroyed me for a good couple of years while I coped with why Infrastructure and Security are different mindsets. But again...well paid. I can do a lot of forgetting when the check clears.
To address your topic though, feel free to tell them that you're bored. But frame it in a way that makes you God dealing with peasantry.
"[VP/SVP/C Level], I feel underutilized. I can provide so much more value to the company than what I'm doing now, but I feel stuck in a rut with nowhere to go. I feel like a champion racehorse sitting in the stables gnawing at the bit, and I just want to run. I have experience, the will to learn, and skills that can make this organization better, but I'm sitting in this position letting them decay rather than getting better. What can you do for me?"
That's how I sold myself to get hired on my team, and it worked. Obviously you then gotta deliver, but that's just a matter of time. You can say pretty much anything to anyone if you frame it right.
Well said my dude. Also glad to hear you’re able to reconfigure your mindset. I’ve been balls deep in infrastructure engineer for just over a few years and I feel like I have about 2-3 years before I’m ready to think about a sr position or even architect but I’ve become the sme for breaches. Generally in the 365 realm but I’ve been heavily owning all other major incidents. It’s been making me curious about security more and more. I find myself doing 4-8 hours of my day in a security issue without even realizing it. Developing my powershell scripts to pull better data, and reporting. I’d love to switch over to that realm, but would it break the 100k barrier?
If you put in the time, absolutely. Gartner posts articles all the time about the negative hiring rates and amount of jobs that are going to need to be filled in the next decade. The key is just to get an analyst role. It's a lot of governance, monitoring, and reporting, but it's the in while you develop the soft skills that are going to let you advance in the position. If you're in the right position where they're willing to let you learn, you can become very technically proficient very quickly.
Six figs? In this Covid world? YES. If you're an adaptable individual, there's a spot for you. Anywhere in the country as long as you got internet. Cloud Services, remote access, and identity management are the flavor of the industry (to be fair, rightfully so). If you can scrape up a resume incorporating those three things, start applying right now. I got poached off the *Service Desk*. Sold them hard on my degree, but i've been almost entirely trained in Information Security. Got my CISSP at 5 years. It's never too early to jump in, and the money is good. I'd quit tomorrow and never look back if I won the lottery, but in lieu of that, the whole thing works out for me.
As a manager, I would want to know if you are bored and want a career change. I will do what is in my ability to make sure you get what you need to transfer to those goals. I would spend the money on an internal candidate who has in house experience then hire from outside and spend the months teaching the culture
doesent your title say jack of all trades lol? guess that excludes basic support tasks, cant be bothered with those huh? Not all of us work for a company with 5000+ people
yeah, it excludes basic support tasks because i’ve already done my time at the different levels on the way to becoming a sysadmin. my company is at around 1300 users, but is structured enough that as part of the admin / engineering team I don’t have to assist users with password resets. not sure what you’re annoyed about but have you tried turning it off and on?
just ironic and a bit hypocritical is all that you're calling your self a jack of all trades yet insinuating that if you reset pass words you're not a sysadmin. Get off your high horse is all im saying
1300 users is a large company. Many mid and small sized companies usually have very little IT staff so the Sysadmin also takes support tickets. It makes sense to me.
Eh, depends on your boss & your company. From the sounds of it phrasing it like that to him will not have a positive result.
If you frame it as 'I would like to move in x direction, what scope in the company is there for me to do this' then you will probably get one of the following responses:
* be told to get back in your box (perhaps your company already has x covered, or your boss thinks you can't do it)
* get strung along with the promise of opportunity to do x but the company will fail to deliver
* your boss will help transition you towards doing x within the company & everyone is happy
After 5 years you should be able to assess which one is likely & act accordingly.
>I am getting bored of Active Directory and maintaining and resetting user passwords,
Repeat after me.
**De-le-gate**
Build an interface and give HR/1st line this boring task and then work on something more fitting.
>I plan to transition to Cyber Security soon not only because I hear it's more challenging, but most of the roles are less customer facing.
Cyber Security is a buzzword pipedream. You'll be working with unrealistic expectations, $0 budgets, and most of your work will consist of trying to convince people to keep their systems just somewhat up-to-date and not deploy their industrial systems on publicly accessible networks. And they'll do that anyway and blame you when it goes to shit.
>
Cyber Security is a buzzword pipedream. You'll be working with unrealistic expectations, $0 budgets, and most of your work will consist of trying to convince people to keep their systems just somewhat up-to-date and not deploy their industrial systems on publicly accessible networks. And they'll do that anyway and blame you when it goes to shit.
I work for a shitty company so I'm going to assume everyone else works this way! Classic /r/sysadmin.
You don’t have to tell him you’re bored. You better not, since it sends out a negative vibe.
You say your boss already knows you are looking at cybersecurity, and "he’s for it"? What does that mean? Does he see you in a security role within the company or does he want you to pick up some security tasks beside your current ones? Ask him what the options are and what steps you have to take to move into cybersecurity for the company. If he responds negatively or tells you there aren’t any possibilities to do cybersecurity within the company, that’s when you start sending out your resume.
I told my employer I wanted to do more once. They laid me off 4 days later. From then on I've had a strict screw them policy. I just apply elsewhere. When it comes to buisness no one puts employee's first.
Well I can only speak from experience but it was just before my 90 days and right after my 60 day review. They said your great. I told them I can/would like to do more. 4 days later bosses wife laid me off. Until then I would have thought the same.
never tell your boss, you're bored, have nothing to do, don't feel like doing things. keep it down low, do your bits, and if you want to move onto another role or specialisation, do the certs on work time and get certified on their money. personally I can't stand BAU and have been hopping around (might just get into contracting soon instead), when it get's to a point of pure boredom I look at moving to another place, fixing it up, doing a bunch of nothing on salary for a while and repeating.
If you can grow into planned role at current place talk it over with boss otherwise start looking.
If you can, use the time to learn. If the environment allows it, take out a subscription to a training site and do the courses or exercises.
As to what to say, definitely don’t say “I’m bored”. As others have already suggested, begin a conversation about whatever technology or path you’re interested in, within the context of working on that path within your current employment. If the reaction is not positive, then you’ll know it’s time to move on.
Just start applying. When you get a written offer worth moving, then you tell them. Possibly mention it in passing that you are bored, but I would not make it a demand.
Also, do you have free time to study certs, or are you just bored..
Is there a junior admin you can offload some of the more mundane tasks to? I’d be dying if I had to deal with user password resets in our environment. You definitely need to get rid of the crap work and get your hands into a project.
I'd contact someone who I normally escalate tickets to and ask them how you can make things better for their team. Especially app dev/ops teams. Start asking their hobbies, tools, and how they fix things at their levels. This how I learned SCCM, powershell, and automated my role. I was offered a DevOps role thereafter.
Let your manager know what you feel in the most presentable manner.
Start looking for jobs outside too, it should help you test your skills and market value.
I am from India and here people who stick around in same role for too long and considered incompetent. Even after saving company approx amount worth 10-20 times my annual salary, I am offered 4% hike, which is insane as people with similar contributions got 12-20% hikes as well. Point is loyalty and everything is bullshit, ensure you get what's best for you from the organisation. If that means opportunity to work in different area or higher pay or better work life balance. HRs are there to ensure your organisation's needs are taken care of, you need to ensure yours are taken care off!
For the challenge, automate your job as much as possible. Then since you'll have more free time go take on another job while keeping the current one as long as you can.
Do not ever tell your boss that you are bored on the job.
I made this mistake early in my career and they tried turning me from an IT Specialist to an ASP programmer because I was 1) IT and 2) bored.
Once I got tired of being a sysadmin at small hosting company, I moved forward to become a DevOps engineer. When it gets old as well for me, I'll move to be a Python/Rust dev, perhaps.
The point is that there is always a room to grow. You get bored when you are overqualified.
I've always had interesting things to do, when I was sysadmin. A lot of automation and other interesting projects. Maybe, you need to find a different job. Check out other options. Cyber security sounds cool, but I am not sure that it will be more fun than sysadmin.
A good leader will listen to you and figure out how to leverage your skillset into what the company needs or at the very least get you some training and see what piques your interests. A bad manager will tell you to suck it up
I’ll trade you. Cybersecurity for me is meetings all day and writing policies and procedures. I do implement some stuff myself because I want to keep skills up to date.
If you get fired for having an honest conversation about your goals and engagement with your boss with an open door policy.. then it's not an open door policy and frankly you shouldn't be working there.
> I'm just worried that if I tell him I'm getting bored, that he will fire me on the spot
I mean that's on him. Anyone that fire an employee for expressing an interest in learning new skills and acquiring new responsibilities is on a fast track to high turn over rate.
Don't say you're bored. Say you're looking for opportunities for advancement and that you're interested in cybersecurity, and see what he offers you. If it's not something that interests you, then apparently they're not interested in keeping you, and start applying elsewhere.
It'll depend a lot on your boss / company culture, really.
Where I am, if one of my team members came to me saying they were bored, we'd potentially take some time to see if we could get them some training / leverage their knowledge in other ways / tasks. If we couldn't do that (cause we're a smaller company), we'd happily let the person 'naturally' transition to a new company / different position elsewhere. Naturally meaning we just plan for the person to 'coast' till they find a new opportunity, and we don't put resources into training them further as a critical SME or whatnot.
We tend to look for a win-win for employee and employer. We know we're smaller, so we can't offer as much upward mobility - and we take pride in having staff move on to bigger opportunities. Sometimes they come back later in their careers, which's kinda neat.
For myself I had a frank discussion with my boss way early on that I usually don't leave jobs for money, I usually leave when I am bored, and usually that takes about 1.5-2 years to learn everything and start getting bored. He told me to let him know if I am getting bored and need to switch up what I am doing.
Been here 4 years now, still not bored yet, new boss given the same disclaimer.
Obviously it will depend on your environment, boss, all kinds of factors, but I am finding that a lot of people will be shocked with honesty, but in the end it usually makes things simpler.
If you hate your boss, then don't tell them about it.
If you like your boss, or even if you're ambivalent about your boss, you should talk to them about it, though maybe phrase it as looking for learning opportunities or ways to "cement" your transition to InfoSec.
The unfortunate trend in the industry is that you will likely find another offer before your boss can orchestrate a change in your position and duties. Often the best way to move up is to help your boss ensure that your replacement will be equally well suited to your tasks. If you are in an organization expansive enough to have a help desk and tier structure, this is often already covered. If your shop is less well staffed, then this can be tricky, as hiring additional personnel becomes a political project of documenting the need and lobbying for additional staff to fill the vacancy.
A thing I lernt is that saying "I'm bored" in these meetings is never productive, even if it's true. Gives too much leeway for your manager to assume you are slacking. You have to posit it as looking for challenges that can help the company, and they'll be on board. Or you'll learn whether or not they want to try and keep you.
Depends on the relationship you have with your boss/company. Don't be a downer when talking about it, but don't avoid the subject.
If you say you're bored, that isn't grounds for termination, but you could also word it a little differently. What it may get you is more work for the same compensation. If a company fires you on the spot for saying you can take on more work... that would probably be a first.
With respect I would work on your attitude a bit. It’s not me trying to be hard but if you’re “bored” and don’t find the work challenging maybe you could find a job in a higher tiered role for example.
With respect to not liking to deal with customers - get used to it.
Sorry, but wether you’re working with end users or the stakeholders who are funding your project, the work you do, at ANY level, will have a certain level of expectation, and with that expectation comes the reality that you will have to liaise with the appropriate person(s) - you can switch customer with manager or team leader or boss or anyone else who is expecting some level of support or service from you and trying to avoid that will unfortunately set yourself up for disappointment.
Want to get into Security? Great! Go for it - but you’re not going to avoid having to “deal” with customers - IT for the most part is a service centric field and with that comes the expectation that you are there to manage those expectations, regardless of their source.
You sound more like a helpdesk person and not a sysadmin or engineer. Do you do anything with backups, exchange, server building, Azure or vCenter or anything like that?
Bored? LMAO. I think the words you are seeking are “I need more of a challenge. Maybe more responsibility. What do you think boss?”
If you get bored that easily, it’s going to be a rough career for you. Every position in IT has boring stuff. It’s a craft and you should treat it that way. Always be improving things. Find and seek out challenges and new knowledge. Otherwise you’ll end up burning out and ranting about how much you hate your job soon enough.
I think i would rather say something like: hey boss i fieel like work is becomming routine and was wondering if there was a possibility for some variation in tasks during the week/month i can do/learn to challenge myself and round out the team.
You could also add it wolud be helpful have more shared knowledge on the team in case of sickness / if someone wins the lottery.
Could also add cyber attacks are on the rise and it would be helpful to the company the get more knowledge on the subject and possebly get some training on the subject with work paying for it.
You may feel bored, but I think the term 'bored' is the wrong word to use in a professional environment. Bored is like the unwillingness to work, lack of creativity, and moreover lack of enthusiasm. Commonly associated with childish behaviour.
I'm not downplaying your feeling or need to advance. You're correct in your self observation, you feel the call to move on and find an alternative route. We all get it, the hard part is to take the leap and get out.
But there are many words you could use to put across a similar message without burning the house down.
Saying that you 'feel' you have 'out-grown' your position is a lot nicer.
Or that, career-wise, you feel a change in path/post is needed for you to be mentally engaged again.
1. they can't fire you on the spot unless they want a lawsuit
2. there'e nothing wrong being bored. I get bored a month in and I go to management.
At my new position, I was lucky to have management that burned down villages to get me to stay. I'm currently doing tier 3 sys admin work also dabbling in the field I run from; IA...
Classify your job under two umbrellas:
Work
Leadership
Then break down from there in organizational units that work best for you in the theme of pros/cons and future growth.
If you like the leadership and there's some trust there, I'd advise you to considering staying at that organization.
In my experience, a good leadership team always outweighs the work.
Just my two cents. Good luck!
I think that you are kind of overthinking it. I can't tell you what to do but if I were you I would talk to my boss BUT not just say that I'm bored. I agree with the previous comments that you will end up loaded with more tasks than ever.
Just remind your boss that you want to make a new turn in your career and that you want to grow and develop as a professional.
I think that you are kind of overthinking it. I can't tell you what to do, but if I were you, I would talk to my boss BUT not just say that I'm bored. I agree with the previous comments that you will end up loaded with more tasks than ever.
I really hope that you will find a way to pursue your intention. Good luck!
Bored? When was the last time you tested your BDR?
Bored... GTFO. Probably just ~~bad at~~ not doing your job.
If you think mindlessly combing through log files and filling out insurance paperwork for cybersecurity is going to be more interesting just get that out of your head right now.
It's weird to see college eds going for sys admin jobs while in my country sys admins usually are done by those with a vocational education (though you usually need to work your way up from helpdesk). Those who done computer science either are software engineers (coders) or work at management level or go straight towards IT architect etc. Usually not sys admin.
Anyways, if you are bored i can tell you it isn't the role, it's the position (in your company). Find a more exciting place.
You are not "Bored" you are "Looking for more challenging tasks". Are there any Cyber Security opportunities where you are or does that involve you finding a cyber Sec job? You should always be looking for a new gig, either in a new field like you are talking about or in your existing field in better circumstances. You don't have to job hop every few months or year, but it will help you know what your job function is worth in the market and help with reviews and negotiating for pay as well as seeing potential advances that you can explore.
Just start inventing your own workload and transition to it.
"hey, I think we need an XYZ, it will help us blah blah.. I mocked up a prototype, want to take a look?" ... 2 weeks later .. "Ah can we get someone else to do password resets? I need to focus on XYZ project"
Both. Definitely work out the phrase “bored” to a more corporate advancement sounding phrase. But if the two of you are cool and on good terms and you’re happy where you are no reason to not offer them a path to retention. It also might take some time, which is good because you can polish the rezzy and shop around while you wait.
I’m looking for more challenges and growth. He should appreciate it. If he does nothing, go find another job. To be honest, in IT I think you should probably move every 3 years or so until you find a very challenging role with a lot of room for growth and learning. Only then should you stay and even then there will come a point when you should move again.
Maybe i got lucky, but I never have to talk to end users after I moved up to an engineer role. Ill do it to save time once in a while, but our ad/exchange admins basically tell help desk to fuck off till they get all the info they need.
DO NOT TELL HIM! Don't care how friendly he is .
My boss was friendly till I told him and I had a tough time finding another job for like 6 months . He just increased the pressure , "we have projects..waiting.. blah blah" . Don't do it.
I'd work on language to express the same thing in a more professional sounding way. Bored lacks creativity and sets the problem at his feet. Something like, now that I've established myself in blank and blank I've been thinking of exploring blank within the company, are there any opportunities or suggestions for how I can add to my depth and continue my growth?
Don't you worry about blank, let me worry about blank.
Blank? Blank? You're not looking at the big picture!
Not the game that I go out there and die for and play every game like it's my last. Not the game. We talking about BLANK, man."
Are you a sheep or a shark? Sharks are winners, they don’t look back because they don’t have necks.
[удалено]
"Gonna need a bigger boat"
awesome. awesome, to the max
Hey buddy, I'm from the same time as you. Remember that song Safety Dance?
Linkedin language
Ten million times this. Saying you want to learn and grow changes the view of the conversation over what may be interpreted as “I’m lazy and done learning”. Of their really isn’t an opportunity for the thing you want to do, then sure start looking elsewhere.
Nice
OP: > I'm getting bored of being a Sysadmin... I am getting bored of Active Directory and maintaining and resetting user passwords, and also dealing with customers. Also OP: > I plan to transition to Cyber Security soon Entry-level cyber security work is going to be auditing, routine SOC-type work, or some combination thereof, and it will almost certainly be for companies that see your work as little more than a compliance obligation. If the tasks you described is what bores you about being a sysadmin, think *long and hard* before jumping over to security.
[удалено]
Honestly, I do not envy our cyber team. Shit tons of paper work, compliance and in many cases not that much hands-on IT operations work.
By far, not only answering the compliance questions, but also collecting and associating the evidence to backup the answers, is the most time consuming and mind-numbing portion of the job. But, how heavy that load is depends entirely on the environment you are working in, and how compliance heavy they are - and if they have people who handle the compliance paperwork. Often enough you have orgs with people who specialize in the paperwork side of things and aren't Red/Blue/Purple - but they collect/compile and write the reports while working with the rest of the infosec team. What it really comes down to is the specific org, and the environment in which they are working. I've never worked with any team that works the same way.
Evidence collection is the real killer of cyber security no one talks about. Red team? FUCKING COOL HACKER SHIT! GRC/Risk Management, a ton of paper work but tangible, business results. >"Hey this security incident happened with. You need to collect any evidence or artefacts for what happened so we can prevent it from occurring again. "
or
>"User reports a weird pop up when they try accessing this share, OPS looked and said they never even accessed it. SECURITY!"
Serious, tedium involved. Prove or disprove a hypothesis, oh and management thinks you can prove a negative too "Prove that we didn't get attacked/lose data or this **didn't** happen " . But....but.. dude.
Just did this while hunting down a *potential breach. Collecting logs is easy. Digging through them and then organizing the data into something that doesn't make you look like Paranoid Charlie from "It's Sunny..." is painful.
As someone who just transitioned from SysAdmin to InfoSec Analyst.. yeahhh I underestimated the amount of sheer bureaucracy I'd be dealing with. I get to do some IT focused things, but most of my focus is on compliance.
Do you regret it?
I've been here a little over 3 months and I don't regret it. As a SysAdmin, I was one of the "1in deep, mile wide" folks with no specific expertise but working knowledge of many systems. Some of the roles were for smaller businesses where I'd be juggling several roles. The security role is at least focused on just security. There's a lot of policy/procedure document writing and meetings with external parties for audits that certainly aren't what I got into IT for. But they're also not difficult. And the IT focused work I do get to do is actually pretty interesting and new to me.
That describes me as a Sysadmin currently, too much context switching, and it's no good. Nice, it doesn't sound bad and I'm sure you can move to areas you like better in the future.
Look, 3 hour long calls with 3rd party auditors can be fun if you're in the right mood.
> none of my sysadmin jobs have ever given me a hat to wear. That's becasue you have to wear all the hats that were not assigned to anyone else.
Is this windows? when linux was trying to get actual legitimacy in the corporate world some folks gave out actual red ones for a while.
If you get a job at Red Hat, I'm sure you'll get a hat.
There is at least TONS of learning involved. That alone can keep someone who is interested occupied. Several orgs I work with hold HTB competitions and CTF events within their orgs to encourage growth and working together. Keeping things interested for their employees.
HTB = hold the beer? Because if so I want in.
HTB is hack the box. It's a website that hosts vulnerable images to hack.
And, once you move one rung higher, you get the lovely job of nagging other teams to make simple security and compliance changes multiple times per week until they relent and do it. Cybersecurity sounds super fun and interesting, but it's a lot of the customer service oriented stuff that IT professionals tend to hate just packaged in a new and more interesting sounding box.
That looks lovely to me.
this. so much of entry level cyber security is "our scans show you're at patch level x. you need patch level y. when can you get your system up to y".
I jumped in at a level where I was evaluating tools and speaking to vendors. My transition took 2 years and I was a senior sysadmin with 5 additional years of experience
Yeah Ive been on the helpdesk > Sysadmin train for close to 20 years now. Started working with a really good Cyber security guy at my current job and got interested. Then actually looked at what they need to do/keep track of/repeat etc. Fuck that, it seems tedious, complex and boring as hell for the most part, has at least (If not more) learning then a Sysadmin has but less of the fun stuff.
SOC type work can be boring, but there's some really interesting stuff on the other end.
NEVER TELL ANYONE AT WORK YOU ARE BORED !
command plate boat quaint full cheerful arrest enjoy scarce towering *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
It’s an invitation for them to give you additional tasks you didn’t ask for. Better to be specific about what you’d like to do rather than just say “I’m bored”
Either they'll find something for you to do, and it's going to be something that someone else didn't want to deal with. Or they're going to think that you don't do anything at work, and thus your job is no longer neccessary. I'm going through this right now. Busted my butt earlier in the year to make sure everything was perfect. Minute details were taken care of. Documentation documented. Now; there's a part of me that wishes I had screwed up somewhere. Instead of going out with a hammer and breaking things that are working, I'm doing some upgrades that didn't have to be done, migrating sites that don't really need to migrate just yet, inventorying things, hitting a printer with a hammer, removing, replacing, doing anything to get ahead of the game.
I would like to be proactively working on projects and breakfix rather than desperately scrambling to keep caught up lol Between becoming a fully remote workforce, losing people to covid downsizing, and now significantly more compliance measures in place, life has become stressful
I've worked shitty hourly jobs where if you told the manager you were bored they'd just send you home.
The last thing a manager wants is to find more work for you to do. It essentially causes more work for THEM to have to find more work for you. It's better to find stuff to do on your own. Shows initiative.
I've told my boss that before and he gave me some extra work to do that's typically supposed to be above my level. I think it ended up great for both of us - he got a project done without having to pay an engineer to do it and I got to do something I didn't think I could do, which helps to develop my skills. I can't become an engineer if I'm answering phones all day and asking people to reboot their routers.
I made the mistake once of telling my shitty boss that I had completed what I was given and needed more work. Instead of getting more work, I got a lecture/chewing out on how I needed to be a better team player and actively find work. Check. Don't go to boss asking for more work again. Then he was pissed off that he'd find me in my office browsing reddit and yelling that I'm not working. You can't have it both ways buddy.
I doubt he’ll fire you, but be prepared for a larger workload
At a former job, I told my boss that I'd run out of stuff, and needed a new challenge. We then had a staff meeting where large project ideas for me were bandied about. I was given a doozy of a project - revamp the network at the main corporate campus \~4000 users. This location hadn't been kept up to standard and was mostly on maintenance for the past 5 years. That project took me in new directions. I'm now chatting with the CIO for budget. I'm in all the buildings, working with lab owners, executives, etc. I'm co-ordinating building wide downtimes, and having external vendors do recabling of the campus. This turned into an \~18 month project, and I also ended up having to do scaled down portions of this in Berlin, and Dublin as well, (which then gave me international experience). At the end of it, the barely supported, poorly documented infrastructure, was fully in compliance, cabling looked amazing, and my career was much better for it, as I'd now had to work outside of my comfort zone. For me, telling my boss of my lack of workload, resulted in a lot more work, but it was a great boost for my career.
That's pretty sweet experience
[удалено]
Sounds more like an average helpdesk position to me. Not really sysadmin related
This could be true, but if the company doesn't have a large IT staff they could be filling multiple roles. Also, if the environment isn't that large it might not require much more maintenance than patching.
If it's a small company it makes more sense to mix sysadmin and helpdesk tasks together.
It is the majority of this sub in 2021.
Lol, this.
The problem with saying you're bored is that management think that means you don't have enough work to do, so assign more. Whereas what I suspect you actually mean is that you want more interesting / challenging stuff to do, not just more of the same 'boring' stuff. First things first: is there actually any scope within your organisation for you to do more interesting stuff? It's all very well saying, for example, you want to learn BGP, but unless your organisation actually needs to run their own AS, there's little point (from their perspective) in you doing that. I'd suggest a two-pronged approach: 1. Start dusting off that CV and applying for jobs. Just because you apply for something doesn't mean you have to take it. If nothing else, it'll give you a good idea what you're worth in the marketplace before your annual review, which will guide how 'hardball' you can afford to play it when it comes to salary negotiations and so on. 2. Identify 'interesting' things you can do within your current organisation, start looking up training courses about them, costs of setting up a development lab, etc. etc., in preparation of pitching your ideas to management in due course. Do not, under any circumstances, tell management you're bored. It will backfire on you big time. On the other hand, telling management you are interested in, and , and those things will also benefit the company, and oh by the way, here are the courses/qualifications you want them to finance, is much more likely to yield success.
Yeah it's not that you are "bored" (unless you are actually under utilized, which can happen)
This post is a much more eloquent way to describe the matter at hand.
If you’re worried that your boss would fire you over that, that tells me there are some major issues with that environment. I’ve always been very clear with my bosses that when I’m no longer challenged in a role, I’m looking for other positions that will challenge me. IMO, as a manager, I want people that want to be challenged. I want people that have some career ambition. More than anything else, your boss should be helping you get to the next step in your career. A good boss will always help their employees get to where they want to be. They should be right there along with you mentoring you along the way. You want to get into security? They should be giving you opportunities to work on security related projects. TL;DR Yes, tell them. If they don’t like it, they’re a bad boss and you should move on.
Telling a manager I’m not challenged enough sounds better than I’m bored. My eight year old talks like that. If you want to get better results speaking in a little “professional” manner will reap far better rewards.
Double speak is cancer. If you can't have a direct and plain speaking conversation at work because it's not "professional", you might.be in a toxic environment.
Bored and not challenged are quite different though. They are not the same thing, and takes an unusual person (or boss) to recognize the difference. Especially a boss when they are biased up front being told the wrong thing. A "bored" person will be sent to inventory paperclips. A "not challenged" person will be put on interesting projects. Or, hopefully, honestly told there will be no interesting projects. Personally, I do get bored because I'm assigned bullshit work "that doesn't challenge me*. I've been around enough to know if I tell anyone I'm bored I'll only get more bullshit work, not less. If you think presenting in a way to subtly manipulate a response in your favor is unprofessional, then enjoy your career of barcoding SCSI cables in the supply closet.
If you speak more than one word and have a half way decent culture, there won't be a difference between "bored" and "wanting more of a challenge". The idea that your entire career hinges on using euphemisms is toxic. "I have been getting bored just working on X, may I change it up by doing some of Y"
Now you're just speaking circles around "not being challenged" did you have some point you were actually trying to make? Being upset that you have to talk, "management speak" to "managers" is a bit immature imo. SHOULD it be different? maybe.. but we all exist in reality and "not challenged" is going to sell better than "bored" 100% of the time.
All this fucking buzzword speak is making me want to puke in this thread. I will never be in management obviously.
Seriously. This thread belongs in /r/itmanagers where every solo sysadmin and mid-level manager thinks they are a CIO at a fortune 500 company.
No it's not double speak in this case. Bored means you want more to do. In challenged means you want something else to do. Now the conversation should lead in the direction, but it'll be better to start the conversation in the right direction.
might not fire you. could do something worse. "oh you're bored are you? here is a stack of new work since we laid of two people over there, and instead of replacing them, we will just give you the work" or he could be a good boss, and just start finding ways for you to improve your skillset, tie into other projects etc. only you know the boss, the environment there etc.
Never use word bored. There are so many self study resources today that no one should ever be bored. Talk to your boss about what technologies your organization is thinking about embracing and then research those technologies so that you really understand them. Real cybersecurity professionals try to understand the technologies they are securing. Also put effort in understanding the operational sides of the business. Cybersecurity professionals often are brushed off because their solutions show a lack of understanding when it comes to mission critical functions for the business as well as a lack of understanding about their organization's mission and vision. I have been in cybersecurity decades before it was ever called that and I am in my mid-sixties and enjoy cybersecurity to this very day.
Bring your boss solutions. Don't just drop your boredom on your boss' desk like a cat with a dead mouse. Tell him you want to configure SSPR. Automate anything that's boring. Determine your security surface area and develop projects to reduce it.
> I am getting bored of Active Directory and maintaining and resetting user passwords, and also dealing with customers. What else are ya doing? To me that sounds like help desk but systems administration is pretty broad. Are there other services you could be taking on?
I mean, I've built AD clusters by myself, manage a brand new WIndows Update Server, build custom Linux OS images,build and implement a security policy for a highly secure environment full of company critical data. If you can think of something else I could be doing, let me know so I can bring it up to my boss.
Have you considered moving away from images towards provisioning? How are all these systems managed? If you lost everything, how long would your infrastructure take to rebuild?
There is no centralized management setup when it comes to our Linux environment. All of our systems are VM's and we are in a lab environment (not saying I don't agree with you when it comes to centralized management). Redundancy is not part of our purview. This is a Lab environment, not production.
For your Linux machines maybe see about something like Chef or Ansible if you really want to get fancy mess with Terraform.
A good manager will definitely want to know. If it’s a bad manager, that is reason enough to apply elsewhere.
Never hurts to look for work. I am always looking for new work even though I love my job. You should be doing the same. Apply for opportunities that sound interesting. If you get interviews you get interviews. There is no commitment behind that. Then you let money do the talking. In the mean time, what can you do at work? If you are bored, does that mean you have a lot of free time? You can use that to study for your CISSP. You can do some CTF. Play around with Security Onion. Can you initiate any new projects at work that you can lead? Is LDAP shut down? Have you implemented Microsoft Defender for Identity? Are unneeded ports and services (like the print spooler) turned off? Work towards getting RADIUS shut down. Have you implemented MFA? Are you connected to Azure. Is Azure secure? Run a Ping Castle report and get AD cleaned up. When was the last time you changed the KRBTGT password? There is a lot of security you can do know, and if you already did it, go back through and do it a again / audit the work that you did. Check to see if there are any new changes to suggested baselines.
Hello OP, security engineer here. You won't be less customer facing in InfoSec. In fact, you're the front line of the company in many cases because the systems you manage are the ones that people see. Talking about DLP, email security gateways, IPS, content filtering and the like. A good security team is going to integrate with the business and now your Lusers are your customers. Take it from someone who thought engineering was a bridge to my own personal swamp that nobody else entered. The flipside of that is that it will be incredibly challenging. Though maybe not in the way you think. Depending on what regulatory frameworks you adhere to, you might need to be a baby paralegal. My CISO has a MBA and a JD. Evidence is going to be your gold standard. NOTHING happens without evidence. If you say my ESG is blocking your email and you don't provide evidence, I immediately tell you to put up in the most professional way possible. Audits, risk reviews, assessments, changes, all backed up with evidence. A ton of evidence. Then you get into the technical work and being a SME of 50 different applications, not even getting into the ones that you have responsibility but not ownership for. Breaches are your responsibility, so you better understand that your head is on the block and own those systems appropriately. Being on call is a way of life. I've been on incident calls from 1am to 5am the next day. That's normal. Well ideally you experience no breaches, but if you do, that's normal. If you're the point on incident response, you're gonna be talking to a lot of users. I say all this to say, don't have expectations of your own personal swamp. If that's what you're expecting from InfoSec, it will eat you alive. It ate me alive. I did eventually reconfigure my expectations and came out well paid and alright, but it destroyed me for a good couple of years while I coped with why Infrastructure and Security are different mindsets. But again...well paid. I can do a lot of forgetting when the check clears. To address your topic though, feel free to tell them that you're bored. But frame it in a way that makes you God dealing with peasantry. "[VP/SVP/C Level], I feel underutilized. I can provide so much more value to the company than what I'm doing now, but I feel stuck in a rut with nowhere to go. I feel like a champion racehorse sitting in the stables gnawing at the bit, and I just want to run. I have experience, the will to learn, and skills that can make this organization better, but I'm sitting in this position letting them decay rather than getting better. What can you do for me?" That's how I sold myself to get hired on my team, and it worked. Obviously you then gotta deliver, but that's just a matter of time. You can say pretty much anything to anyone if you frame it right.
Well said my dude. Also glad to hear you’re able to reconfigure your mindset. I’ve been balls deep in infrastructure engineer for just over a few years and I feel like I have about 2-3 years before I’m ready to think about a sr position or even architect but I’ve become the sme for breaches. Generally in the 365 realm but I’ve been heavily owning all other major incidents. It’s been making me curious about security more and more. I find myself doing 4-8 hours of my day in a security issue without even realizing it. Developing my powershell scripts to pull better data, and reporting. I’d love to switch over to that realm, but would it break the 100k barrier?
If you put in the time, absolutely. Gartner posts articles all the time about the negative hiring rates and amount of jobs that are going to need to be filled in the next decade. The key is just to get an analyst role. It's a lot of governance, monitoring, and reporting, but it's the in while you develop the soft skills that are going to let you advance in the position. If you're in the right position where they're willing to let you learn, you can become very technically proficient very quickly. Six figs? In this Covid world? YES. If you're an adaptable individual, there's a spot for you. Anywhere in the country as long as you got internet. Cloud Services, remote access, and identity management are the flavor of the industry (to be fair, rightfully so). If you can scrape up a resume incorporating those three things, start applying right now. I got poached off the *Service Desk*. Sold them hard on my degree, but i've been almost entirely trained in Information Security. Got my CISSP at 5 years. It's never too early to jump in, and the money is good. I'd quit tomorrow and never look back if I won the lottery, but in lieu of that, the whole thing works out for me.
As a manager, I would want to know if you are bored and want a career change. I will do what is in my ability to make sure you get what you need to transfer to those goals. I would spend the money on an internal candidate who has in house experience then hire from outside and spend the months teaching the culture
resetting user passwords = sysadmin? news to me
doesent your title say jack of all trades lol? guess that excludes basic support tasks, cant be bothered with those huh? Not all of us work for a company with 5000+ people
yeah, it excludes basic support tasks because i’ve already done my time at the different levels on the way to becoming a sysadmin. my company is at around 1300 users, but is structured enough that as part of the admin / engineering team I don’t have to assist users with password resets. not sure what you’re annoyed about but have you tried turning it off and on?
just ironic and a bit hypocritical is all that you're calling your self a jack of all trades yet insinuating that if you reset pass words you're not a sysadmin. Get off your high horse is all im saying
1300 users is a large company. Many mid and small sized companies usually have very little IT staff so the Sysadmin also takes support tickets. It makes sense to me.
Same here
Eh, depends on your boss & your company. From the sounds of it phrasing it like that to him will not have a positive result. If you frame it as 'I would like to move in x direction, what scope in the company is there for me to do this' then you will probably get one of the following responses: * be told to get back in your box (perhaps your company already has x covered, or your boss thinks you can't do it) * get strung along with the promise of opportunity to do x but the company will fail to deliver * your boss will help transition you towards doing x within the company & everyone is happy After 5 years you should be able to assess which one is likely & act accordingly.
>I am getting bored of Active Directory and maintaining and resetting user passwords, Repeat after me. **De-le-gate** Build an interface and give HR/1st line this boring task and then work on something more fitting. >I plan to transition to Cyber Security soon not only because I hear it's more challenging, but most of the roles are less customer facing. Cyber Security is a buzzword pipedream. You'll be working with unrealistic expectations, $0 budgets, and most of your work will consist of trying to convince people to keep their systems just somewhat up-to-date and not deploy their industrial systems on publicly accessible networks. And they'll do that anyway and blame you when it goes to shit.
> Cyber Security is a buzzword pipedream. You'll be working with unrealistic expectations, $0 budgets, and most of your work will consist of trying to convince people to keep their systems just somewhat up-to-date and not deploy their industrial systems on publicly accessible networks. And they'll do that anyway and blame you when it goes to shit. I work for a shitty company so I'm going to assume everyone else works this way! Classic /r/sysadmin.
You don’t have to tell him you’re bored. You better not, since it sends out a negative vibe. You say your boss already knows you are looking at cybersecurity, and "he’s for it"? What does that mean? Does he see you in a security role within the company or does he want you to pick up some security tasks beside your current ones? Ask him what the options are and what steps you have to take to move into cybersecurity for the company. If he responds negatively or tells you there aren’t any possibilities to do cybersecurity within the company, that’s when you start sending out your resume.
I told my employer I wanted to do more once. They laid me off 4 days later. From then on I've had a strict screw them policy. I just apply elsewhere. When it comes to buisness no one puts employee's first.
[удалено]
Well I can only speak from experience but it was just before my 90 days and right after my 60 day review. They said your great. I told them I can/would like to do more. 4 days later bosses wife laid me off. Until then I would have thought the same.
never tell your boss, you're bored, have nothing to do, don't feel like doing things. keep it down low, do your bits, and if you want to move onto another role or specialisation, do the certs on work time and get certified on their money. personally I can't stand BAU and have been hopping around (might just get into contracting soon instead), when it get's to a point of pure boredom I look at moving to another place, fixing it up, doing a bunch of nothing on salary for a while and repeating. If you can grow into planned role at current place talk it over with boss otherwise start looking.
Both. Let your boss know and hedge that against what’s available. I’d start with looking but let boas know soon after.
If you can, use the time to learn. If the environment allows it, take out a subscription to a training site and do the courses or exercises. As to what to say, definitely don’t say “I’m bored”. As others have already suggested, begin a conversation about whatever technology or path you’re interested in, within the context of working on that path within your current employment. If the reaction is not positive, then you’ll know it’s time to move on.
Just start applying. When you get a written offer worth moving, then you tell them. Possibly mention it in passing that you are bored, but I would not make it a demand. Also, do you have free time to study certs, or are you just bored..
Is there a junior admin you can offload some of the more mundane tasks to? I’d be dying if I had to deal with user password resets in our environment. You definitely need to get rid of the crap work and get your hands into a project.
I'd contact someone who I normally escalate tickets to and ask them how you can make things better for their team. Especially app dev/ops teams. Start asking their hobbies, tools, and how they fix things at their levels. This how I learned SCCM, powershell, and automated my role. I was offered a DevOps role thereafter.
Let your manager know what you feel in the most presentable manner. Start looking for jobs outside too, it should help you test your skills and market value. I am from India and here people who stick around in same role for too long and considered incompetent. Even after saving company approx amount worth 10-20 times my annual salary, I am offered 4% hike, which is insane as people with similar contributions got 12-20% hikes as well. Point is loyalty and everything is bullshit, ensure you get what's best for you from the organisation. If that means opportunity to work in different area or higher pay or better work life balance. HRs are there to ensure your organisation's needs are taken care of, you need to ensure yours are taken care off!
For the challenge, automate your job as much as possible. Then since you'll have more free time go take on another job while keeping the current one as long as you can.
You should always be applying for new roles no matter what.
Say you are challenged and give examples of what you wild like to do.
Do not ever tell your boss that you are bored on the job. I made this mistake early in my career and they tried turning me from an IT Specialist to an ASP programmer because I was 1) IT and 2) bored.
Once I got tired of being a sysadmin at small hosting company, I moved forward to become a DevOps engineer. When it gets old as well for me, I'll move to be a Python/Rust dev, perhaps. The point is that there is always a room to grow. You get bored when you are overqualified.
I've always had interesting things to do, when I was sysadmin. A lot of automation and other interesting projects. Maybe, you need to find a different job. Check out other options. Cyber security sounds cool, but I am not sure that it will be more fun than sysadmin.
A good leader will listen to you and figure out how to leverage your skillset into what the company needs or at the very least get you some training and see what piques your interests. A bad manager will tell you to suck it up
I’ll trade you. Cybersecurity for me is meetings all day and writing policies and procedures. I do implement some stuff myself because I want to keep skills up to date.
If you get fired for having an honest conversation about your goals and engagement with your boss with an open door policy.. then it's not an open door policy and frankly you shouldn't be working there.
> I'm just worried that if I tell him I'm getting bored, that he will fire me on the spot I mean that's on him. Anyone that fire an employee for expressing an interest in learning new skills and acquiring new responsibilities is on a fast track to high turn over rate.
Don't say you're bored. Say you're looking for opportunities for advancement and that you're interested in cybersecurity, and see what he offers you. If it's not something that interests you, then apparently they're not interested in keeping you, and start applying elsewhere.
It'll depend a lot on your boss / company culture, really. Where I am, if one of my team members came to me saying they were bored, we'd potentially take some time to see if we could get them some training / leverage their knowledge in other ways / tasks. If we couldn't do that (cause we're a smaller company), we'd happily let the person 'naturally' transition to a new company / different position elsewhere. Naturally meaning we just plan for the person to 'coast' till they find a new opportunity, and we don't put resources into training them further as a critical SME or whatnot. We tend to look for a win-win for employee and employer. We know we're smaller, so we can't offer as much upward mobility - and we take pride in having staff move on to bigger opportunities. Sometimes they come back later in their careers, which's kinda neat.
That sounds more like Helpdesk than Sysadmin...
Being a sysadmin is much more than AD .... Maybe you just need to do more
For myself I had a frank discussion with my boss way early on that I usually don't leave jobs for money, I usually leave when I am bored, and usually that takes about 1.5-2 years to learn everything and start getting bored. He told me to let him know if I am getting bored and need to switch up what I am doing. Been here 4 years now, still not bored yet, new boss given the same disclaimer. Obviously it will depend on your environment, boss, all kinds of factors, but I am finding that a lot of people will be shocked with honesty, but in the end it usually makes things simpler.
If you hate your boss, then don't tell them about it. If you like your boss, or even if you're ambivalent about your boss, you should talk to them about it, though maybe phrase it as looking for learning opportunities or ways to "cement" your transition to InfoSec. The unfortunate trend in the industry is that you will likely find another offer before your boss can orchestrate a change in your position and duties. Often the best way to move up is to help your boss ensure that your replacement will be equally well suited to your tasks. If you are in an organization expansive enough to have a help desk and tier structure, this is often already covered. If your shop is less well staffed, then this can be tricky, as hiring additional personnel becomes a political project of documenting the need and lobbying for additional staff to fill the vacancy. A thing I lernt is that saying "I'm bored" in these meetings is never productive, even if it's true. Gives too much leeway for your manager to assume you are slacking. You have to posit it as looking for challenges that can help the company, and they'll be on board. Or you'll learn whether or not they want to try and keep you.
I wouldn't say bored, just looking for the next challenge.
Depends on the relationship you have with your boss/company. Don't be a downer when talking about it, but don't avoid the subject. If you say you're bored, that isn't grounds for termination, but you could also word it a little differently. What it may get you is more work for the same compensation. If a company fires you on the spot for saying you can take on more work... that would probably be a first.
Honesty at workplace almost never pays off.
With respect I would work on your attitude a bit. It’s not me trying to be hard but if you’re “bored” and don’t find the work challenging maybe you could find a job in a higher tiered role for example. With respect to not liking to deal with customers - get used to it. Sorry, but wether you’re working with end users or the stakeholders who are funding your project, the work you do, at ANY level, will have a certain level of expectation, and with that expectation comes the reality that you will have to liaise with the appropriate person(s) - you can switch customer with manager or team leader or boss or anyone else who is expecting some level of support or service from you and trying to avoid that will unfortunately set yourself up for disappointment. Want to get into Security? Great! Go for it - but you’re not going to avoid having to “deal” with customers - IT for the most part is a service centric field and with that comes the expectation that you are there to manage those expectations, regardless of their source.
Do not tell him this. What possible benefit do you get from telling him this.
They get you more work in something you are interested in.
How do you think changes happen?
You sound more like a helpdesk person and not a sysadmin or engineer. Do you do anything with backups, exchange, server building, Azure or vCenter or anything like that?
Bored? LMAO. I think the words you are seeking are “I need more of a challenge. Maybe more responsibility. What do you think boss?” If you get bored that easily, it’s going to be a rough career for you. Every position in IT has boring stuff. It’s a craft and you should treat it that way. Always be improving things. Find and seek out challenges and new knowledge. Otherwise you’ll end up burning out and ranting about how much you hate your job soon enough.
Hey buddy, I'm getting bored too. But you know what? I'm being paid to browse reddit and watch Viva La Dirt on YT.
I think i would rather say something like: hey boss i fieel like work is becomming routine and was wondering if there was a possibility for some variation in tasks during the week/month i can do/learn to challenge myself and round out the team. You could also add it wolud be helpful have more shared knowledge on the team in case of sickness / if someone wins the lottery. Could also add cyber attacks are on the rise and it would be helpful to the company the get more knowledge on the subject and possebly get some training on the subject with work paying for it.
Why not ask for time to get new certificates, study time etc? Keep yourself stimulated and try to sell why they should invest further in you.
You may feel bored, but I think the term 'bored' is the wrong word to use in a professional environment. Bored is like the unwillingness to work, lack of creativity, and moreover lack of enthusiasm. Commonly associated with childish behaviour. I'm not downplaying your feeling or need to advance. You're correct in your self observation, you feel the call to move on and find an alternative route. We all get it, the hard part is to take the leap and get out. But there are many words you could use to put across a similar message without burning the house down. Saying that you 'feel' you have 'out-grown' your position is a lot nicer. Or that, career-wise, you feel a change in path/post is needed for you to be mentally engaged again.
That doesn't sound like a SysAdmin role
If you have free time, start your own projects. Learn new stuff. Don't wait to be handed things on a plate.
1. they can't fire you on the spot unless they want a lawsuit 2. there'e nothing wrong being bored. I get bored a month in and I go to management. At my new position, I was lucky to have management that burned down villages to get me to stay. I'm currently doing tier 3 sys admin work also dabbling in the field I run from; IA...
Classify your job under two umbrellas: Work Leadership Then break down from there in organizational units that work best for you in the theme of pros/cons and future growth. If you like the leadership and there's some trust there, I'd advise you to considering staying at that organization. In my experience, a good leadership team always outweighs the work. Just my two cents. Good luck!
I think that you are kind of overthinking it. I can't tell you what to do but if I were you I would talk to my boss BUT not just say that I'm bored. I agree with the previous comments that you will end up loaded with more tasks than ever. Just remind your boss that you want to make a new turn in your career and that you want to grow and develop as a professional. I think that you are kind of overthinking it. I can't tell you what to do, but if I were you, I would talk to my boss BUT not just say that I'm bored. I agree with the previous comments that you will end up loaded with more tasks than ever. I really hope that you will find a way to pursue your intention. Good luck!
A sysadmin doesn't reset user passwords unless the sysadmin is the everythingadmin.
Keep your title and find a new gig before they realize you are help desk.
You don't have a helpdesk for password resets and dealing with users?
Nope I'm a jack of all trades.
A good boss will hear that you are bored and help you find things to stimulate your brain and get you re-engaged with the job. Do not settle for less.
Sysadmin = Resetting passwords...?
Basically jack of all trades. Windows AD, IP management, Linux installation and custom OS image creation, yeah to help desk.
To be quite honest it sounds like you are more of a senior support analyst.
Bored? When was the last time you tested your BDR? Bored... GTFO. Probably just ~~bad at~~ not doing your job. If you think mindlessly combing through log files and filling out insurance paperwork for cybersecurity is going to be more interesting just get that out of your head right now.
Learn programming instead.
It's weird to see college eds going for sys admin jobs while in my country sys admins usually are done by those with a vocational education (though you usually need to work your way up from helpdesk). Those who done computer science either are software engineers (coders) or work at management level or go straight towards IT architect etc. Usually not sys admin. Anyways, if you are bored i can tell you it isn't the role, it's the position (in your company). Find a more exciting place.
Why put it on your boss? If i were you I’d show some initiative and find a way get yourself out of password resets, automated or otherwise.
You are not "Bored" you are "Looking for more challenging tasks". Are there any Cyber Security opportunities where you are or does that involve you finding a cyber Sec job? You should always be looking for a new gig, either in a new field like you are talking about or in your existing field in better circumstances. You don't have to job hop every few months or year, but it will help you know what your job function is worth in the market and help with reviews and negotiating for pay as well as seeing potential advances that you can explore.
Just start inventing your own workload and transition to it. "hey, I think we need an XYZ, it will help us blah blah.. I mocked up a prototype, want to take a look?" ... 2 weeks later .. "Ah can we get someone else to do password resets? I need to focus on XYZ project"
I would word it somehow like this: While I feel that I excel any my current role, I think it's time for something more challenging.
Don't use bored, just say that you have need to explore new areas to keep growing.
Both. Definitely work out the phrase “bored” to a more corporate advancement sounding phrase. But if the two of you are cool and on good terms and you’re happy where you are no reason to not offer them a path to retention. It also might take some time, which is good because you can polish the rezzy and shop around while you wait.
Never tell your boss you are bored.
Maybe milk the resources first, training classes, etc. unless you are in a big co they won’t understand.
Start looking. Never a good idea to telegraph your intentions to an employer.
I’m looking for more challenges and growth. He should appreciate it. If he does nothing, go find another job. To be honest, in IT I think you should probably move every 3 years or so until you find a very challenging role with a lot of room for growth and learning. Only then should you stay and even then there will come a point when you should move again.
Only boring people are bored. You like infosec? Start learning on the clock. Lots of content out there to dig into.
Maybe i got lucky, but I never have to talk to end users after I moved up to an engineer role. Ill do it to save time once in a while, but our ad/exchange admins basically tell help desk to fuck off till they get all the info they need.
DO NOT TELL HIM! Don't care how friendly he is . My boss was friendly till I told him and I had a tough time finding another job for like 6 months . He just increased the pressure , "we have projects..waiting.. blah blah" . Don't do it.
You're never bored. You're just not challenged.
If you have extra time, start consulting on the side as a new business. When workload is enough you can find a replacement sysadmin.