We have a compliance manager role at my site, which includes responsibilities to conduct internal audits and host external audits. When the audits have findings, they make sure appropriate owners correct the problems. It can be very thankless. My direct boss is amazing at it but she kinda hates it and bowed out after two years doing it.
I’d wager what sucks most with that job is dealing with people. Chasing different teams and having to nag to get them to do something that they think is a nuisance to their work can be draining.
Yep, people owning that there is a problem that needs to be fixed and not getting bogged down in blaming. She is really good at getting the team to focus on process breakdown instead of blaming a person, which translates into “let’s fix the process” instead of “Bob fucked up, he should get retrained or fired”.
My peer at my last-last shop moved from devops to security; but to the checklist part of security. Making lists, validating lists, reviewing lists, checking compliance; she was a-fucking-mazing. A joy to work with because she was just a joy anyway - I’m sure everyone had a bro-crush on her - and outstanding at her job. She needs to get paid even more.
We have a compliance manager role at my site, which includes responsibilities to conduct internal audits and host external audits. When the audits have findings, they make sure appropriate owners correct the problems. It can be very thankless. My direct boss is amazing at it but she kinda hates it and bowed out after two years doing it.
Checklists suck, especially to go through repeatedly but they realistically save more lives than any of the more dramatic heroics.
I’d wager what sucks most with that job is dealing with people. Chasing different teams and having to nag to get them to do something that they think is a nuisance to their work can be draining.
Yep, people owning that there is a problem that needs to be fixed and not getting bogged down in blaming. She is really good at getting the team to focus on process breakdown instead of blaming a person, which translates into “let’s fix the process” instead of “Bob fucked up, he should get retrained or fired”.
My peer at my last-last shop moved from devops to security; but to the checklist part of security. Making lists, validating lists, reviewing lists, checking compliance; she was a-fucking-mazing. A joy to work with because she was just a joy anyway - I’m sure everyone had a bro-crush on her - and outstanding at her job. She needs to get paid even more.