I think its a quite intresting discussion. We are all security people and having a sneak peak into work/payment of the US can't be bad. As we learned the US government pays much better than the German does or that this might be a lot of money for foreign people.
btw, thanks for the insight Mikhail! Am 04.06.2012 20:35, schrieb Georgi Guninski: > On Mon, Jun 04, 2012 at 10:45:52AM -0400, Mikhail A. Utin wrote: >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of >> [email protected] >> Sent: Saturday, June 02, 2012 7:00 AM >> To: [email protected] >> Subject: Full-Disclosure Digest, Vol 88, Issue 2 >> >> Send Full-Disclosure mailing list submissions to >> [email protected] >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.grok.org.uk/mailman/listinfo/full-disclosure >> or, via email, send a message with subject or body 'help' to >> [email protected] >> >> You can reach the person managing the list at >> [email protected] >> >> When replying, please edit your Subject line so it is more specific than >> "Re: Contents of Full-Disclosure digest..." >> >> >> Note to digest recipients - when replying to digest posts, please trim your >> post appropriately. Thank you. >> >> >> Today's Topics: >> >> 1. Re: NSA Cyber security program [ maybe off-topic ] >> (InterN0T Advisories) >> 2. TrueCaller Vulnerability Allows Changing Users Details >> (Kuwait WhiteHat) >> 3. Re: NSA Cyber security program [ maybe off-topic ] >> (Benjamin Kreuter) >> 4. Re: NSA Cyber security program [ maybe off-topic ] >> (Alexander Georgiev) >> 5. Re: NSA Cyber security program [ maybe off-topic ] (Urlan) >> >> >> ---------------------------------------------------------------------- >> My 10 cents: >> >> While out of topic, the subject has touched a few people. >> I worked for US Navy as information security analyst /contractor for a few >> years, and had two projects with US DoT. Plus, had an interview at .... >> Let's not to mention exact name. >> I can share a few things with you guys. >> First, US government employees are paid very well. There are several levels >> of (as I remember around 12 - 14) starting at 25-30K and up to around >> 150-170K. That is for non-managerial positions. With my MS in CS and IT and >> security experience I would easy target 120K. So, the same level as in >> private sector. Plus, they have numerous perks, and being just contractor I >> managed to use one. Plus, low cost very good health insurance, and pretty >> good pension after several years, which is much better than what the rest of >> US have. >> So, those are positives. There are negatives as well. First, the environment >> is highly politicized, and technical upper level management is out of common >> sense. All is about getting more power. One top level manager once said >> during business meeting "There should be no humor during business meetings". >> And this idiot was absolutely serious. The same manager later destroyed >> security department and moved information security in IT department, where >> one IT boy said "Even monkey can do vulnerability scanning". He was expected >> to replace me and my contact had been terminated. I was really happy to >> quit. BTW, it was not a dumb stupid base in the middle of nowhere. It was >> Naval System Command top research center. >> Often US government big projects, like current related to cloud computing, >> are out of technical common sense and are driven by political will and >> something I name "legal corruption". In my collection of the most stupid US >> government activity cases is so named NMCI project - Naval Marine Corp >> Intranet, which was not Intranet project at all. Who is interested to know >> details, please email me directly. I'm writing that because being government >> employee you would be involved in such stupid projects. >> >> Concerning hiring process, it also very specific. To be hired, you need to >> file (now electronically) twenty pages of questionnaire. Plus, two stupid >> tests, plus writing an essay. Does not matter if you are well-known high >> level professional - you should pass that crap of tests and writing. In >> general, each US government department has some specifics in hiring, but it >> is pretty standard and requires some time and devotion to deal with. >> >> Some time ago I saw a paper that US government immediately needs >> approximately 20,000 security professionals. My assumption - mostly in >> activities associated with this list interests. However, I do not think the >> government will do anything real to fill out this gap. NSA project in >> question, which triggered this discussion, is an example. BTW, NSA build new >> center in the middle of nowhere, somewhere in Mormon's country. If you like >> Wild West, you can try that. >> >> Summary: if you want good salary, thinking about retirement, health >> insurance, etc., you can try to get there. You can earch through US >> government departments' sites, and there are a few head-hunting portals >> listing all departments, etc. But, be ready for specifics of hiring and >> internal environment. In some places, like DC, you can find shocking results >> of equal opportunity employment. I would assume that in some places you >> could find good professional environment and good people to work with (I >> enjoyed working with navy guys of my level), but do not count on that. >> >> Good luck >> >> Mikhail >> >> >> CONFIDENTIALITY NOTICE: This email communication and any attachments may >> contain confidential >> and privileged information for the use of the designated recipients named >> above. If you are >> not the intended recipient, you are hereby notified that you have received >> this communication >> in error and that any review, disclosure, dissemination, distribution or >> copying of it or its >> contents is prohibited. If you have received this communication in error, >> please reply to the >> sender immediately or by telephone at (617) 426-0600 and destroy all copies >> of this communication >> and any attachments. For further information regarding Commonwealth Care >> Alliance's privacy policy, >> please visit our Internet web site at http://www.commonwealthcare.org. >> >> > > > Advertising working for the nsa on _this list_? > > If you ask me, don't work for them, pwn them. > > spam v > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
