Pros
ALL of the folks on the Security Team are solid all the way to the top. Great Engineers, PMOs, Management and Sr. Management in that specific vertical.
Cons
The board claims to care about information security but fails to take care of the staff. Instead they lie to the staff about actually doing a market analysis to determine if salaries were appropriate and instead gives everyone, even those that didn't deserve it, 2% across the board and expect it to be okay. Additionally, they want the comfort of being secure without any of the hard work. IT Ops and InfoSec are constantly battling to get THE MOST BASIC controls implemented and Ops always wins... even all the way up to the biggest data breach of a missing HDD in HIPAA history. We told them not to rush acquisitions but they did anyway... when assets go missing that weren't encrypted when the company was bought, they were going to hang the manager that told them they were moving to fast to catch stuff like this instead of the new CIO who is a physician as well so he gets what he wants from the board, also made up of physicians, to their own detriment. They need to seriously stop, staff up with local talent instead of off shore talentless hacks and listen to the folks internally that actually know what's going on. Lastly, they lure you in with benefits that are a lie. They give you a list of paid holidays that you have to take PTO for... but don't tell you that. They give you 3% into a 403b account... that you can't keep if you leave so it does 0 good.