A little over a year ago I started at CAN in the role of Senior Consultant Information Security. The role demands a lot of travel and gives me the chance to visit many different organizations, where I can help identify gaps in ISO 27001, ISO 9001 and NEN 7510 compliance, when performing internal audit. I also helped some organization in implementing an ISMS according to ISO 27001.

Reflection

In the past couple of months I have reflected on whether the role is the right fit and what I want to do for a living.

That led to a hard decision. On the one hand, I really liked working at the organization. To me it felt like becoming part of a team with a strong sense of belonging. On the other hand, I felt increasing discomfort in how the role was executed.

Conclusion

In the end I concluded that not being able to pursue a more technical implementation of my role turned out to be the deciding factor. Although I appreciated being asked to pinpoint gaps during internal audits, I wanted more than identification; I wanted to propose improvements and help implement them.

In addition to my technical interests, the mandatory travel was also a strain.

Finally, the work became a bit of “wash, rinse, repeat” and lacked a sense of intellectual growth for me. I want to keep learning new things.

Next Steps

Having an honest conversation with my team lead and manager was warranted. Mid April we had a very honest and open conversation in which we came to the conclusion that the organization unfortunately cannot offer enough of the kind of challenges I am looking for.

On this basis we concluded that the best approach is to part ways. This parting was quite amicable and fits my experiences in the past year.

In the past weeks I have applied for and am accepted for a more fitting role; on June 1st am I starting in the role of Technical Security Officer. The prospect of this role is more aligned with my conclusion above. I am looking forward in starting!