if can join fasng, why even bother interviewing lol

hmm govtech or CSA better? hehe

go private, it can boost ur resume...unless super like pushing papers

Govtech CSG liaise with govt stakeholders while CSA interacts with broader CII sectors (which includes pte stakeholders). Depends on where your interests lie but CSA is seen more as a regulator for industry.

Hi, can anyone break down the day in the life working in CSA? Like how busy can your day get and how exciting or boring your job scope is?

govtech. they do the advanced tech research and work. pay is higher and the people there are also much more technically competent

csa like others have said is a regulator

CSA got a big pool of Cyber folks. Am sure they are not just doing a regulator job!

press x to doubt...... u sound like u are not even from CSA or GT

right on. different dept have different focus with regulation forming only a sub section of the agency.

seeing a lot of comments regarding the CSDP scheme, my 2c and general feedback

pros:
+basic salary 4.x
+training opportunities (good)
+occasional training with reputable organisations and strategic partners
cons:
-training opportunities (bad)
-free certs with that grant absolutely no recognition in places that are worth their salt (CEH is seen as a negative value for some orgs)
-honestly speaking you might be better off paying your own and getting better intro level certs, it's not that expensive
-no autonomy in training, you are sent for training without your consulation on your interests or based what you already know
-not much hands on as we are a regulator, no getting your hands on data (see below)
-usually no visibility into what other parts of CSA are doing

summary:
-might be ok to start, but don't stay here too long

general csa:

+either plenty of free time and work-life balance or very busy depending on department
+strategic partnerships with many organisations
+training opportunities

-for technical folks, total annual salary packages are below market rate and will never keep up with inflation, especially for technical farmers
-bonus takes up large % of total compensation, depends on your performance grade/rating
-grades are given out on a bell curve, but technical people are not valued here, scholars and eunuchs are and they get most of the good performance grades
-demographics and DNA of this organization's senior and middle management are heavily skewed towards ex-military personnel spending the bulk of their career in non-cyber domains
-people with actual technical cyber experience in private sector are in an minority-most that join do not stay long, you will most likely not be able to learn and experience technical mentorship and guidance
-as the regulator, it is by design that they do not own any assets, and this means you will not be able to do pentests, take concrete and measurable interactions on threat intel, perform threat hunting at will or investigate incidents with any meaningful frequency
-thus for those looking to do actual cyber work, your amount of hands-on experience/year here will be a fraction of what you gain while working in other firms
-your work duties here will include usually include 1 or usually several other miscellaneous tasks not related to cybersecurity, as with any other civil service job-there is no concept of a purely technical role
-knowledge management in most teams/departments is very poor and almost non-existent across teams/divisions
-knowledge exists mostly in email, and old-timers just keep all the information to themselves
-knowledge sharing internally is few and far between, culture does not reward and encourage the rare few that try to do this
-they are in cybersecurity but they have little to no software dev capability internally, large reliance on external vendors and being at their mercy
-significant % of middle management and permstaff are happy to coast and farm the salaries here and show no drive to innovate
-the average tenure here is less than 2 years but they conduct employee surveys less frequently than that, and draw flawed conclusions about sentiment and effectiveness of policies
-new joiners are increasingly forming a large % of the organisation via the CSDP program, some departments have also given up hiring people from private sector
+new joiners are inexperienced but enthusiastic compared to the average permstaff
-WFH % will only decrease as COVID eases up, management tends to like to see staff in office
-internet surfing separation means that you will have to carry 2 laptops everywhere you go to work effectively, you will not be provided a separate internet machine-source your own.

this place is what it is, if you feel like you are stagnating or not growing just leave.
infosec roles are in major shortage right now at all levels


thoughts on this then? ^^ are the cons of CSA true as listed above? if so, certainly not a bed of roses. feel free to chime in on the positives as well.