The top security job is highly stressful and sometimes thankless, but it can also provide great satisfactionโespecially for mission-driven CISOs.

Lena Smart makes the perfect pitch for being a CISO.
She talks up the multitude of good opportunities in the field and points to the plethora of interesting challenges that come with the role.
She speaks about the strong relationships she has forged as a CISO, and she readily discusses the high levels of trust that exist between her, her team, and the other executives.
She also likes that she can set a security strategy and know that the organization supports her as she does whatโs needed to implement it.

Lena Smart, CISO, MongoDB
โThe buck stops with me. I think thatโs what gives me satisfaction,โ says Smart, who in 2019 became the first CISO at MongoDBโher third chief security position.
Not surprisingly, Smartโs enthusiasm and professed love for her job isnโt universal among security leaders. The level of satisfaction vs. dissatisfaction varies from one survey to the next; some reports indicate that CISOs are overwhelmingly satisfied with their work, while others have uncovered some significant discontent.
CISO satisfaction: by the numbers
The 2020 Cybersecurity Professionals Salary, Skills and Stress Survey from the security tech company Exabeam found that 96% of respondents were happy with their role and responsibilities and 87% were pleased with their salary and earnings. The 2020 CISO Compensation and Budget Benchmark Study from IANS Research and Caldwell Partnersโ Cyber Security Practice also found that the vast majority of CISOs are satisfied in their positions.
On the flip side, however, the 2021 Voice of the CISO Report from security tech company Proofpoint found that 57% of CISOs believed that the expectations on their role were excessive and nearly half didnโt believe that their organizations positioned them to succeed.
But those reports are just a start to the narrative, casting a spotlight on what makes the position exciting and fulfilling or, conversely, what makes it frustrating and unsatisfyingโand how each side of that divide can positively or negatively impact an organizationโs ability to secure itself and attract the talent needed to do so.
Of course, there are happy and unhappy workers in any role at all levels and for all manner of reasons, but there are some commonalities in what brings CISOs satisfaction that are indeed informative, both about the role and the people who are drawn to it.
A sense of purpose
โI feel like security in a way is a calling. If you find your calling and you find a place where you fit in, thereโs nothing better than that,โ says George Finney, CISO at Southern Methodist University in Dallas, founder and CEO of Well Aware Security and author of Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future.

George Finney, CISO, Southern Methodist University
For Finney, like many security leaders and staff, the variety of challenges that the job brings his way is part of what keeps him engaged in the role. โItโs something new every day; that is so excitingโI hear that from every security person, tooโand the fact that weโre not limited to one part of the business, and we work with everybody,โ Finney says. And, like other successful leaders, Finney enjoys the people-oriented parts of the job: networking with other CISOs and being part of the cybersecurity community as well as helping his staffers grow and move up the security ranks. But one of the most significant drivers of job satisfaction for Finney and other CISOs we spoke with is how their role makes a difference.
โI love being able to take apart a problem and find a good solution for it and finding those real solutions that will actually work to prevent bad things from happening,โ Finney says.
Veteran security leader Ryan Gurney says the ability โto mitigate the risk down for the companyโ directly correlated to his job satisfaction. โI always felt that I had what I needed, and I was able to do what I needed to do,โ he says.
Indeed, the Proofpoint survey finds that having a clear sense of purpose in helping society (44%) and responsibility of crafting a response using technology, people and/or processes to address evolving risk (44%) are top reasons for CISO job satisfaction.
Finney speaks directly to those points, saying โI want to be in a role where I can make a difference. Thatโs what motivates me to get out of the bed in the morning.โ
Leaving their mark
For Andy Ellis, a former CSO, a 2021 inductee into CSOonlineโs CSO Hall of Fame, and now operating partner at YL Ventures, the mission is key.
โThe mission was the most satisfying part certainly for me and I have anecdotal evidence that it is the same for others, that you can see how you can change the world,โ he says. โI think thatโs what everyone wants: They want to know they left a mark on the world even if no one else knows.โ

Andy Ellis, operating partner, YL Ventures
The CISO position is one of the few roles that actually allows for such tangible results, Ellis adds.
โWhen those bad things donโt happen to your organization, and the reason they didnโt is because you made a change [in the security posture], thatโs very fulfilling,โ he says.
In fact, CISO surveys as well as interviews with security leaders turn up general themes that correspond to Ellisโ observation. The findings indicate that those CISOs who feel satisfied in their roles and with their work are those who have the authority to set strategy; the autonomy, resources, and teams to pursue their objectives in the ways they believe are best; and the trust of others throughout the organization to deliver on objectives.
โThatโs the key thing for me to look for: alignment with what you think your job is and what the company thinks your job is,โ Ellis says.
Seeds of discontent
Of course, nearly everyone, including even the most satisfied CISOs, have parts of their jobs they dislike and have weathered significant, sometime unpleasant issues throughout their careers. Theyโve had, for example, frustrating disputes with colleagues about investments and strategies. Some have had to contend with breaches. But on the whole they say theyโve been satisfied with their ability to successfully do their jobs.
That contrasts with the CISOs who in studies and in shared anecdotes express ongoing dissatisfaction and frustration.
The IANS survey listed the top three causes for CISO dissatisfaction as insufficient budget, lack of organizational support, and inadequate career development.
Meanwhile, the CISO Stress Report: Life inside the Perimeter, One Year On from U.K. domain-name registrar Nominet found that 88% of CISOs say they remain moderately or highly stressed with nearly all CISOsโsome 95%โworking more than their contracted hours. Moreover, 48% said the excessive stress impacted their mental health and 35% said it impacted their physical health.
Security leaders say the CISOs they know who are most unhappy in their jobs are those who arenโt seen as executive peers within their organizations, who must fight for needed resources, and who still donโt have the support they require to adequately secure the enterprise.
โMany arenโt in the board room like the other C-levels are, and I do hear this frustration from many that theyโre not getting the support of management,โ says Gurney, who formerly led security at two tech firms and is now CISO-in-residence at YL Ventures.
That in turn can limit a CISOโs ability, or willingness, to tolerate the continuous stresses of the jobโits 24/7 onslaught of cyberattacks, the sometimes thankless nature of the position, the struggles to recruit enough qualified talent.
โThey expect theyโre part of the decision-making process, and theyโre not. Theyโre not necessarily aligned with the CEO and the board, so theyโre in the middle of this tension,โ Ellis says.
That leads to more than a dissatisfied CISO; it can lead to more frequent turnover in the role at the organization, and ultimately it can translate to a suboptimal security posture.
Ellis and others say they havenโt seen CISOs shirk their duties or disengage in such situations. But they note that such CISOs face more challenges in building an effective and sustainable security operation and have greater hurdles in attracting and retaining top talent due to the misalignment and overall lack of support.
However, security leaders stress that CISOs arenโt powerless even in those situations. Rather, they can work to cultivate better relationships with their executive colleagues; advocate for inclusion in strategic planning and decision-making conversations; and learn to more effectively communicate security needs in terms of business risks.
โYou need to have a good story, and it needs to be understandable and relatable,โ Smart says.
Finney has a similar thought, saying: โWhen there is disagreement, I have to wonder if I did my job well enough to tell the story, because if theyโre getting the picture, then my job should be easy.โ
Experienced security leaders also say dissatisfied CISOs may need to engage in some introspection and consider whether they really want the executive role; whether theyโd be more satisfied in other positions, such as ones that leverage their technical skills rather than their managerial ones; or whether theyโre in the right position but working at the wrong company.
After all, they add, the high demand for security experts means switching jobs is always an option. Thereโs no reason to stay somewhere thatโs not the right fit.