I received two separate offers this past week thanks to the grace of God. We are praying about the decision, and anxious to see where God is leading us.
Interestingly enough I have also had some fruitful conversations with several people regarding my last position and how it ended.
I can totally sympathize with the guy in the cartoon. Aside from that, I have been interviewing for several different types of positions. Some are for penetration testing and consulting which I feel is one of the most fun jobs in the world. Others are for "Security Architect" type positions which give you an overall view of an infosec program and the different layers an organization has in place. Lastly, I have looked at a few security analyst positions where you do a little bit of everything for an organization. These are all critical roles and all opportunities for me to learn new things especially for the individual organizations based on how they do business. A few of the opportunities are contract-based positions which would allow me to start up my own vulnerability assessment, penetration testing, and compliance business. I can definitely say that all of these are quite intriguing and I am looking forward to the opportunity to continue learning and move forward. The toughest part are the moving as we were hoping to stay in Knoxville. Thus far, here are the possible locations:
California - contract
Ohio - contract
North California - perm
Florida - perm
DC - both
Texas - perm
Over the years I have had the opportunity to see many different cyber security or information security programs. It would seem that most folks in the field are now used to preparing for the type of information warfare that is either underway against their enterprise or they are preparing for what they see happening to others. As infosec programs adapt, evolve and expand I see a greater emphasis on good layered, or defense in depth, security. It's great to see programs that "get it" and their desire to move towards a proactive approach rather than the traditional "whack-a-mole". Special thanks to one of the dudes who interviewed me for the whack a mole phrase.
As an infosec professional, it's very refreshing to see this shift in thought. Many times in the past I have seen or heard the many excuses that plague this field. So often budgets are not allocated for security or the wrong personnel are placed in the wrong position to affect needed change. As information warfare continues to escalate it's been comforting to see so many organizations that truly desire excellence in their programs from philosophy to implementation. I have also talked with several government entities or government contractors that are definitely ready to win the war against those people, groups, or nations that would want to use our data for harm against this great country. Better Internet neighborhoods are something I always wanted to see in the past but that I felt couldn't happen based on some of the issues I had run into over the past 7 years. I have hope now as I see these teams pushing towards their common goal.