What do you do for a living?

I do large enterprise IT infrastructure architecture and admin work.
I tell people I work with computers and I instantly get asked how to hack out a $50 amazon tablet not to show ads, when in reality I spend all day integrating new systems/vendors/processes into already complex IT environments. Usually work from home most days now, go into office as needed, usually something like once every 2 or 3 weeks. We were already heavily refactoring systems into either SAS solutions or Cloud infrastructure before Covid hit, and it just accelerated things and let most of the IT staff get reclassified as remote workers.
 
1075tech said:
I kinda envy those of you that really enjoy what you do for a living.

I don't exactly hate my job. Just no real personal satisfaction from it. It's just something I do.

Seems as though I can't afford a hobby so I just work
Click to expand...
I enjoy my job, have a hobby, but no time to do it cause I'm always working
 
Mike79 said:
One of the main reasons I walked away from it...well that and a broken neck that healed just fine with a boss I'd like to see again!
Click to expand...
At least you don't hafta do msha refresher next week
 
1075tech said:
At least you don't have to teach it.

Next week is my turn in the rotation for hazmat training. 6 hours. It's painful. Not only for me, but those who have to listen to me for 6 hours
Click to expand...
Only 6, msha is 8 boring hours, rumored to be moving to 10 hours. New miners hafta do 40 hours
 
1075tech said:
At least you don't have to teach it.

Next week is my turn in the rotation for hazmat training. 6 hours. It's painful. Not only for me, but those who have to listen to me for 6 hours
Click to expand...

heavydoc said:
Only 6, msha is 8 boring hours, rumored to be moving to 10 hours. New miners hafta do 40 hours
Click to expand...
I bet it does suck as bad if not more to teach it though
 
myst173 said:
I do large enterprise IT infrastructure architecture and admin work.
I tell people I work with computers and I instantly get asked how to hack out a $50 amazon tablet not to show ads, when in reality I spend all day integrating new systems/vendors/processes into already complex IT environments. Usually work from home most days now, go into office as needed, usually something like once every 2 or 3 weeks. We were already heavily refactoring systems into either SAS solutions or Cloud infrastructure before Covid hit, and it just accelerated things and let most of the IT staff get reclassified as remote workers.
Click to expand...
Ever deal with SOX?
 
1075tech said:
At least you don't have to teach it.

Next week is my turn in the rotation for hazmat training. 6 hours. It's painful. Not only for me, but those who have to listen to me for 6 hours
Click to expand...

Ya gotta figure out how to make it more interesting.

I gave training on fracture mechanics, a topic that is horrendously boring to submarine Reactor Operators, watch officers, and supervisors, and "spiced" it up a bit. (Fracture mechanics being the study of crack propagation through metals.)

My opening slide was a picture of a horrendously obese lady sitting on a guy's face with his arms and legs splayed out and captioned "CRACK KILLS".

It went downhill from there, but that was the most risque image.
 
Last edited:
1075tech said:
At least you don't have to teach it.

Next week is my turn in the rotation for hazmat training. 6 hours. It's painful. Not only for me, but those who have to listen to me for 6 hours
Click to expand...

Of the things I miss about technical rescue and pre-hospital/EMS, HAZMAT (or as I like to call it, "ethylmethyl bad sh**") is not one of those things. Because of my CBRNE experience I had the technician level, but the only thing I ever felt comfortable in was the biologics, and a little of the radiation stuff. The chemical/pure HAZMAT? Not so much.
 
Chuckman said:
Of the things I miss about technical rescue and pre-hospital/EMS, HAZMAT (or as I like to call it, "ethylmethyl bad sh**") is not one of those things. Because of my CBRNE experience I had the technician level, but the only thing I ever felt comfortable in was the biologics, and a little of the radiation stuff. The chemical/pure HAZMAT? Not so much.
Click to expand...
Ours for employees checks the box for OSHA for the 90 day new employee as well as the recurring 3 yr. Covers Hazcom, general awareness, security, and function specific for most. During investigations and inspections, OSHA, PHMSA, and with an additional section, FRA have accepted it.

One of the things I don't get to do enough of but actually do enjoy, is teaching propane emergency response.
 
I don't think I actually posted anything in this thread about what I do for a living.

I'm a nuclear engineer at Norfolk Naval Shipyard, which sounds fancier than reality. It's not at all like what Scotty or Laforge do in Star Trek.

I used to be a Reactor Operator aboard submarines before I retired and started doing this. What I get to do is translate various instructions for ship alterations and field changes to nuclear instrumentation and control systems into procedures which the mechanics (electricians) can then use to incorporate those aboard ship.

I also do troubleshooting and repairs to the nuclear I&C systems as well.

There's a bit more to it, but that's the gist of it.

Oh...and I get to listen to @GoWolfpack give training on what we do, too.
 
I help build the interiors of excessively expensive water toys for the ultra rich. We terrorize the rain forests in search of the “perfect log” to produce flawless amenities for the elites. We basically just spend megarich people’s money for them. Aint it cool? Lol! And all this for a damn fish trophy!
 
Mathieu18 said:
Ever deal with SOX?
Click to expand...
All day every day it seems sometimes. I end up getting involved with interviews with the auditors and providing documentation around controls and architecting new solutions to mitigate some shortcoming. SOX isn't as bad as HIPPA, Fedramp or whatever since SOX is just guidelines and not hard and fast requirements. The big audit houses just follow the "you should have something in place for X" recommendations and start asking questions.

What is your standards addressing that control/need?
Can you prove you're following the standard, show me your documentation around that control/system?
What happens if you fail to follow that control?
Can you prove you haven't failed?

To keep your life simple you need
Good change management and trouble ticketing. Can you document and show approval for changes, do processes when they fail open incidents to document the failure/repair?
Centralized logging, go ahead and look into something like Splunk, Datadog, Mezmo, etc. Access control logging (user login/account locks/resets. account creation, add/removal from groups) all need to go there as well as logging for any systems doing data transfers, ftp, moving $, working with employee information, etc are all where auditors will look first.
A good system of controlling access and auditing use of elevated/privileged accounts, basically adopt a policy of least permissions possible on everything.

Then everything else starts layering on top of that
Configuration management on servers.
Endpoint configuration management.
Threat protection configuration and reporting.
Vulnerability scanning.
it goes on and on

Just accept as long as you work for a publicly traded company you'll always be implementing changes and new processes identified by your annual audits. The auditors and more than likely your board are always going to want to see better than last time, so some type of security score card is important so you can show hey, last year we were at 75%, this year we're at 80% because we implemented XXXXX, you just want to focus on that improvement and try NOT to have a failure in a control policy. The auditors are ALWAYS going to find something so it's important to be able to keep the conversation framed around "we're doing good in the following areas, here is where we've identified areas we can improve in and how we're going to address it before the next anual audit". If you don't then it's going to be "our IT department is a failure, just look at all XXXXXX found during their audit".
 
myst173 said:
All day every day it seems sometimes. I end up getting involved with interviews with the auditors and providing documentation around controls and architecting new solutions to mitigate some shortcoming. SOX isn't as bad as HIPPA, Fedramp or whatever since SOX is just guidelines and not hard and fast requirements. The big audit houses just follow the "you should have something in place for X" recommendations and start asking questions.

What is your standards addressing that control/need?
Can you prove you're following the standard, show me your documentation around that control/system?
What happens if you fail to follow that control?
Can you prove you haven't failed?

To keep your life simple you need
Good change management and trouble ticketing. Can you document and show approval for changes, do processes when they fail open incidents to document the failure/repair?
Centralized logging, go ahead and look into something like Splunk, Datadog, Mezmo, etc. Access control logging (user login/account locks/resets. account creation, add/removal from groups) all need to go there as well as logging for any systems doing data transfers, ftp, moving $, working with employee information, etc are all where auditors will look first.
A good system of controlling access and auditing use of elevated/privileged accounts, basically adopt a policy of least permissions possible on everything.

Then everything else starts layering on top of that
Configuration management on servers.
Endpoint configuration management.
Threat protection configuration and reporting.
Vulnerability scanning.
it goes on and on

Just accept as long as you work for a publicly traded company you'll always be implementing changes and new processes identified by your annual audits. The auditors and more than likely your board are always going to want to see better than last time, so some type of security score card is important so you can show hey, last year we were at 75%, this year we're at 80% because we implemented XXXXX, you just want to focus on that improvement and try NOT to have a failure in a control policy. The auditors are ALWAYS going to find something so it's important to be able to keep the conversation framed around "we're doing good in the following areas, here is where we've identified areas we can improve in and how we're going to address it before the next anual audit". If you don't then it's going to be "our IT department is a failure, just look at all XXXXXX found during their audit".
Click to expand...
Well that’s encouraging (sarcasm) and pretty helpful (truthfully). I just took a position as head of Business Tech which will be role out and management of control systems, mostly on IT side but some involvement with the finance requirements and controls. It’s for a division of a public company, fortunately they’ve done this roll out to other divisions before so they have a game plan and some tech in place for change logging etc.
 
1075tech said:
At least you don't have to teach it.

Next week is my turn in the rotation for hazmat training. 6 hours. It's painful. Not only for me, but those who have to listen to me for 6 hours
Click to expand...

My two favorite areas to teach in Hazmat Tech class were monitoring/sampling/analysis and control techniques (leaks/spills/plugging/patching)
 
Last edited:
Mathieu18 said:
Well that’s encouraging (sarcasm) and pretty helpful (truthfully). I just took a position as head of Business Tech which will be role out and management of control systems, mostly on IT side but some involvement with the finance requirements and controls. It’s for a division of a public company, fortunately they’ve done this roll out to other divisions before so they have a game plan and some tech in place for change logging etc.
Click to expand...
Oh congratulations on the new job. The good thing is you now have job security for life as long as you do a good job.

If it's a multi division company depending on how they're doing finances for everything you may have access to shared systems that you can use for the big parts. If it were me going into what is a new roll for you and what sounds like a new implementation (I'm guessing public company bought a private company and are going to continue operating them as a separate company?) I'd ask a couple questions.
What is the standard the company is using for the other divisions, esp anyone operating in the same vertical as this new one?
What's the audit frequency and who performs the audit, can you get example findings from the previous audit for other divisions to see where they've been looking?
What systems are already in place that this new division has access to?
Have they had an external security audit done with a risk score and findings provided?

The first couple years are going to be you going after the low hanging fruit that lowers your risks, change management, patching, configuration management/monitoring, logging, basic identity management, access management and exceptions. Network with the people doing your roll in the other divisions and find out what's been their pain points and where the parent company has been willing to let $ be spent and plan out from there.

It all sounds like huge pain but it's actually rewarding to see all the things you're doing being put into place and making the environment better. Good luck with the new venture!
 
When I was in the Coast Guard, I arrested people for making and transporting drugs.

Now, I make and transport drugs...

I'm a Sr. Clinical Project Manager for a biotech company, in Raleigh. I'm currently managing a phase 3 trial with 150 sites in 17 countries.

Hopefully nobody will arrest me...
 
Alabamacoastie said:
When I was in the Coast Guard, I arrested people for making and transporting drugs.

Now, I make and transport drugs...

I'm a Sr. Clinical Project Manager for a biotech company, in Raleigh. I'm currently managing a phase 3 trial with 150 sites in 17 countries.

Hopefully nobody will arrest me...
Click to expand...

I wouldn’t count on that depending on who you work for. 😳😬
 
RetiredUSNChief said:
I don't think I actually posted anything in this thread about what I do for a living.

I'm a nuclear engineer at Norfolk Naval Shipyard, which sounds fancier than reality. It's not at all like what Scotty or Laforge do in Star Trek.

I used to be a Reactor Operator aboard submarines before I retired and started doing this. What I get to do is translate various instructions for ship alterations and field changes to nuclear instrumentation and control systems into procedures which the mechanics (electricians) can then use to incorporate those aboard ship.

I also do troubleshooting and repairs to the nuclear I&C systems as well.

There's a bit more to it, but that's the gist of it.

Oh...and I get to listen to @GoWolfpack give training on what we do, too.
Click to expand...

For the first 10 years of my time in the shipyard I did the same cog engineer part that Chief does. I translated instructions from ship alterations and manuals into smaller work documents that makes things easier to track on the project level. And I troubleshot and repaired whatever they asked me to, generally alongside Chief.

Now I gave up a lot of the glory and the overtime so I could have a more regular schedule and do training instead. I do a job that isn't very hard, that I enjoy, pays well and allows me to take off basically whenever I want.
 
You must log in or register to reply here.
Back
Top Bottom