I made a career change - is it too late to change back?
July 5, 2011 8:21 PM Subscribe
After a career change and a trip back to school for an MSc in Environmental Sciences, I now work in the contaminated land field. I want to find a new job and maybe even change back to what I used to do. I've had my current job for 3 years. Previously I was a technical writer and then I helped companies prepare I.T. controls for Sarbanes Oxley audits.
I think my career change may have been a mistake for a variety of reasons. I make a lot less money now but I'm disillusioned with the environmental field as it seems like I'm paid to try to figure out how companies can get away with doing the least possible.
I'm trying to figure out what my next move should be and could use some help with figuring out answers to the following questions. How's the tech writing field at the moment - is there much work going? Could I get back into it after being gone for several years? How about Sarbanes Oxley (the I.T. side only as I'm not an accountant)? Is there a job that would allow me to combine my environmental skills with the tech writing or audit preparation stuff? And if I do decide to go back to tech writing, how do I "sell" the fact that I left to do something else and it didn't work out?
I think my career change may have been a mistake for a variety of reasons. I make a lot less money now but I'm disillusioned with the environmental field as it seems like I'm paid to try to figure out how companies can get away with doing the least possible.
I'm trying to figure out what my next move should be and could use some help with figuring out answers to the following questions. How's the tech writing field at the moment - is there much work going? Could I get back into it after being gone for several years? How about Sarbanes Oxley (the I.T. side only as I'm not an accountant)? Is there a job that would allow me to combine my environmental skills with the tech writing or audit preparation stuff? And if I do decide to go back to tech writing, how do I "sell" the fact that I left to do something else and it didn't work out?
I'm in this area. From an IT perspective, audit and compliance are *huge* growth areas. With SOX, PCI-DSS, HIPAA/HITECH, NERC/FERC, FISMA, etc., etc., not to mention the compliance program frameworks like ISO 27000, NIST, COBIT, there's a lot of work out there. We regularly pick up a tech writer to give final documents a final polish.
It seems you understand what's involved in audit response, and you're clearly clueful to get a MSc. How about you become an auditor. Suggestions (most of which cost money and time, I'm afraid):
- Get a CPA. CPA + legitimate SOX response experience is a license to print money. Get picked up by one of the big guys (KPMG, PWC, etc.).
- Get certified on one of the GRC management platforms. I could place you with a client today if you knew EMC/Archer. Maybe tomorrow for Symantec/CCS. Modulo, CA, SAP, HighPoint, etc., etc. are all in demand.
- Get some security certificates or experience. CISSP or some such. Look at getting vetted as a PCI QSA. You might not get where you want as a tech writer, but with your background and some recognized auditor credentials, you'll be very valuable.
- If you think you can get a security clearance, cruse the Federal world. There's a huge demand for compliance folks there, where NIST is king. We're part of a massive project at the CDC right now.
I will have to say that, while you might (or not) make more money in IT audit, it's not really different in the sense that we seem to be looking at what is the minimum that a client needs to do to pass, and fighting to convince them to do all that they could.
posted by kjs3 at 9:41 PM on July 6, 2011 [3 favorites]
It seems you understand what's involved in audit response, and you're clearly clueful to get a MSc. How about you become an auditor. Suggestions (most of which cost money and time, I'm afraid):
- Get a CPA. CPA + legitimate SOX response experience is a license to print money. Get picked up by one of the big guys (KPMG, PWC, etc.).
- Get certified on one of the GRC management platforms. I could place you with a client today if you knew EMC/Archer. Maybe tomorrow for Symantec/CCS. Modulo, CA, SAP, HighPoint, etc., etc. are all in demand.
- Get some security certificates or experience. CISSP or some such. Look at getting vetted as a PCI QSA. You might not get where you want as a tech writer, but with your background and some recognized auditor credentials, you'll be very valuable.
- If you think you can get a security clearance, cruse the Federal world. There's a huge demand for compliance folks there, where NIST is king. We're part of a massive project at the CDC right now.
I will have to say that, while you might (or not) make more money in IT audit, it's not really different in the sense that we seem to be looking at what is the minimum that a client needs to do to pass, and fighting to convince them to do all that they could.
posted by kjs3 at 9:41 PM on July 6, 2011 [3 favorites]
This thread is closed to new comments.
I think you can always sell that you tried something and it wasn't a good fit without having to get into the details of why it wasn't a good fit (depending on the job you could also mention that this will be more in line with your ethics/interests/what-have-you).
posted by ldthomps at 7:42 AM on July 6, 2011