I work in IT Security. I do 2-4 pentests a week. I shouldn’t, but I work for a small firm and don’t have much control. I easily do 80 hours a week. If I don’t we don’t get enough done, we bleed clients, and I worry about clients getting hacked. I should not work 80 hour weeks, I do not think it should be possible, but I definitely work 80 hour weeks and I am not wasting time. I do web app pentests, network and infrastructure pentests, and emergency response when they need help, and that is easily an 80 hour week. Maybe 5-10 hours of that is meetings. The rest is legitimate work.