Well, I have to say that my job is a incredible amount of fun, and is not a security-only shop. Actually, I'm the only security guy here. So I get to do everything. IDS, Firewall, Network design, OS hardening checklists, antivirus, NT, Unix/Linux etc.... Quite a challenge. I don't think this should be too unusual... If you want a challenge like this, look for a company that has been around and is doing some expanding into new areas like e-commerce or web hosting, etc. Many of them have a minimal security staff, because their focus is more on their main product lines, which leaves some challenging projects for the security folks. I don't think I'd even consider looking in a security-only shop. I don't think I'd get near the amount of challenge and hands on experience in the wide variety of tasks as I do now. Regards, Jim -----Original Message----- From: Anton Chuvakin [mailto:antonat_private] Sent: Thursday, September 20, 2001 6:19 PM To: securityjobsat_private Subject: Any profitable SECURITY-ONLY companies? Importance: High Hello all, In the course of my current job search, I seem to have developed a strange conclusion about the infosec companies: they are either start-ups running on the last drops of venture capital (well, last drops might be $40 mil received in Fall 2000, but for the sake of argument - it is still venture money) or small 1-10 person shops that are profitable because they stay small. Both offer little in terms of potential employment: I rule out first group due to my recent experience and second are not hiring at all. Well, there are also behemoths like NAI or Symantec, which are heavily involved in security, but it is quite impossible to get in (no matter how many times one reads "What color is your parachute" book ;-). Maybe I am mistaken in restricting my job search to security companies only, but I do that due to the fact that most fun jobs seem to be there. Compare designing a new IDS to ensuring HIPAA compliance of a hospital and you will understand what I am talking about. Am I wrong (hopefully) or what? I just came back from a local ISSA chapter meeting and we were presented with a hyper-optimistic speech on how the need for security will drastically grow in the next 12-24 months, but I am unwilling to wait that long (need to eat something before that ;-)). Best regards, -- Anton A. Chuvakin === You either succeed or learn! === http://www.chuvakin.org licq: 29034084
This archive was generated by hypermail 2b30 : Fri Sep 21 2001 - 17:18:50 PDT