It’s hard to keep up with all the movement of OT security professionals between companies, Tim Yardley, Zachery Lambert, Isiah Jones, Pascal Ackerman, Ron Brash, … There is no sign that demand for OT security pro’s will diminish in the next to 1 to 3 years.

If you’re in your first or second decade, you should consider taking a 2 to 3 year stint in a different type of company or a very different role in your current company. It will broaden your experience, it will keep you fresh and learning new things, and you may find you like something better than you expected.

Digital Bond alum Michael Toecker is the best example I can give you. He has worked for an engineering company, an electric utility, an ICS security consulting and research company, started and ran his own company, and now works for the government. About the only thing lacking is working for a product company. He is in a position to know what type of job and company he enjoys, and can demonstrate experience and insight for a wide range of potential employers.

The last point is important. Even though OT security salaries are relatively high at all levels, the lower salaries and responsibilities early in your career allow a company to take a chance on you. This will be more difficult when you have twenty years in your career and you want to try something brand new at a senior level.

Not only is a diversity of company types helpful, but also a diversity of roles. I started out, atypically, as a cryptanalyst, so leaving government in 1990 I had to try something else. I’ve done sales, product development, product marketing, channel marketing, and ran a public company, all before starting Digital Bond in 1998. At Digital Bond, we started out to develop a product to secure Internet brokerages in the very early days and did consulting to stay afloat when that failed.

Little did I know I would enjoy consulting more than any of the previous roles, and didn’t even know what SCADA was prior to our first ICS consulting engagement in 2000. I also stumbled into running a conference (S4) and content creation. Now these are the most enjoyable and largest part of what I do at work.

You may surprise yourself at what you are best at and what you enjoy most if you try very different things. And even if you don’t you will learn what you don’t want to do.

The other benefit is you will understand other parts of the company much better and be able to empathize with the challenges your peers in different roles have. This knowledge can help you resolve or avoid conflicts and find solutions since you understand what others need to accomplish.

The tricky part is trying something new in first third of your career may not be the easiest nor best paying job option. Especially in a hot job market like this where salaries are bid up for those with experience highly similar to the potential job. It’s a job description version of the golden handcuffs problem even if you are able to change companies.

If you are considering moving to a new job, it might be worthwhile to consider the less obvious and less similar companies, sectors and roles.

Subscribe to Dale’s ICS Security: Friday News & Notes