Which Is Right for You?

By Leo Taddeo, Chief Information Security Officer, Cyxtera

It’s a good time to be a cybersecurity professional. Private and public enterprises increasingly recognize the need to manage cyber risk as part of their digital transformation, putting cybersecurity skills in high demand.

Whether you’re thinking about moving from one sector to another or just beginning a career in cybersecurity, it’s important to know yourself and the environment you’re considering.

With the benefit of hindsight and decades of experience, it’s clear that job satisfaction and success is determined in large part by how well your personal expectations and goals align with the culture, tempo, and expectations of your future employer. While there are always exceptions to the rule, it’s important to be familiar with the differences between working in the private sector versus the public.

As a hiring manager who has worked in both the private and public sectors, the following are a few questions and personal insights to help security professionals make their best choice.

Do you desire a fast-paced, agile work environment, or one that is highly structured and Process-driven?

Most government IT positions are highly structured and process-driven. The average government IT job is highly specialized, and in many ways repetitive. In the private sector, the responsibilities of a cybersecurity professional are subject to change as business needs change, which also means you’re more likely to work with the latest technology.

Do you have highly ambitious career plans?

The career trajectory for cybersecurity jobs in the public sector is very structured. Working harder in a government job won’t necessarily get you promoted at the pace you expect. On the other hand, hard work in the right job in the private sector often pays off. Private sector jobs are often results-driven and offer faster progression up the corporate career ladder.

How important is job security to you and what is your risk tolerance?

Government shut-downs notwithstanding, public sector jobs tend to offer a higher degree of job security than private-sector cybersecurity jobs, but with lower compensation. Cybersecurity professionals working in the private sector tend to receive higher salaries, but also face a higher risk of job loss.

What are your qualifications?

When hiring cybersecurity professionals, the federal government looks for specific qualifications. These commonly include a bachelor’s degree, applicable certifications, a background check, and polygraph and drug tests. In most cases, you won’t get a second look without the minimum degree or certification.

Instead of specific degrees and certifications, many employers in the private sector emphasize technical skills and references. In addition, many jobs in the private sector come by way of networking and establishing your skills within a group of professionals. Employers in the private sector will also rely more on recommendations from existing team members. Your reputation for work ethic and productivity can make more of a difference in the private sector than in the government hiring process.

In Summary

Cybersecurity professionals most likely to have high job satisfaction in the private sector are those who…

  • want a dynamic role that involves working with cutting-edge technology
  • expect that hard and skills be closely tied to salary and promotions
  • can tolerate the risk of a job loss in exchange for higher pay

Cybersecurity professionals most likely to have high job satisfaction in the public sector are those who…

  • consider the satisfaction of public service to compensate for a lower salary
  • emphasize the value of job security
  • are comfortable with pay and promotions tied to seniority and time in grade

Cybersecurity professionals face no shortage of career options. That’s all the more reason why time should be taken to decide what you want out of a job and what you’re willing to put into it. Transitioning successfully from public to private sector job (or vice versa) isn’t impossible, but it does take some extra effort. Making the right choice now will ensure job satisfaction over the long term.

About the Author

Leo Taddeo is responsible for oversight of Cyxtera’s global security operations, investigations and intelligence programs, crisis management, and business continuity processes. He provides deep domain insight into the techniques, tactics, and procedures used by cybercriminals, to help Cyxtera continue to develop disruptive solutions that enable customers to defend against advanced threats and breaches.
Taddeo is the former Special Agent in Charge of the Special Operations/Cyber Division of the FBI’s New York Office. In this role, he directed over 400 special agents and professional support personnel conducting cyber investigations, surveillance operations, information technology support, and crisis management. Previous responsibilities focused on FBI international operations, including service as a Section Chief in the International Operations Division, where he managed operations in Africa, Asia, and the Middle East.Taddeo received a B.S. in applied physics in 1987 from Rensselaer Polytechnic Institute. After completing his studies, Taddeo served as a tank officer in the US Marine Corps. In 1991, he was awarded a Purple Heart and Bronze Star Medal for valor for his service in the Gulf War.  Following his service, Taddeo earned a J.D. from St. John’s University. Upon graduation, he joined the law firm of Mound, Cotton & Wollan in New York, where he practiced in the field of civil litigation until entering duty with the FBI. Taddeo is a graduate of the CISO Executive Program at Carnegie Mellon University. He maintains the Certified Information Systems Security Professional (CISSP) and GIAC Certified Incident Handler certifications.