[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Full-Disclosure Digest, Vol 88, Issue 2 Re: NSA Cyber security program [ maybe off-topic ]
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 88, Issue 2 Re: NSA Cyber security program [ maybe off-topic ]
- From: Alexander Georgiev <alexander.georgiev@xxxxxxxx>
- Date: Mon, 04 Jun 2012 20:58:49 +0200
I think its a quite intresting discussion. We are all security people
and having a sneak peak into work/payment of the US can't be bad. As we
learned the US government pays much better than the German does or that
this might be a lot of money for foreign people.
btw, thanks for the insight Mikhail!
Am 04.06.2012 20:35, schrieb Georgi Guninski:
> On Mon, Jun 04, 2012 at 10:45:52AM -0400, Mikhail A. Utin wrote:
>>
>> -----Original Message-----
>> From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
>> [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of
>> full-disclosure-request@xxxxxxxxxxxxxxxxx
>> Sent: Saturday, June 02, 2012 7:00 AM
>> To: full-disclosure@xxxxxxxxxxxxxxxxx
>> Subject: Full-Disclosure Digest, Vol 88, Issue 2
>>
>> Send Full-Disclosure mailing list submissions to
>> full-disclosure@xxxxxxxxxxxxxxxxx
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> https://lists.grok.org.uk/mailman/listinfo/full-disclosure
>> or, via email, send a message with subject or body 'help' to
>> full-disclosure-request@xxxxxxxxxxxxxxxxx
>>
>> You can reach the person managing the list at
>> full-disclosure-owner@xxxxxxxxxxxxxxxxx
>>
>> When replying, please edit your Subject line so it is more specific than
>> "Re: Contents of Full-Disclosure digest..."
>>
>>
>> Note to digest recipients - when replying to digest posts, please trim your
>> post appropriately. Thank you.
>>
>>
>> Today's Topics:
>>
>> 1. Re: NSA Cyber security program [ maybe off-topic ]
>> (InterN0T Advisories)
>> 2. TrueCaller Vulnerability Allows Changing Users Details
>> (Kuwait WhiteHat)
>> 3. Re: NSA Cyber security program [ maybe off-topic ]
>> (Benjamin Kreuter)
>> 4. Re: NSA Cyber security program [ maybe off-topic ]
>> (Alexander Georgiev)
>> 5. Re: NSA Cyber security program [ maybe off-topic ] (Urlan)
>>
>>
>> ----------------------------------------------------------------------
>> My 10 cents:
>>
>> While out of topic, the subject has touched a few people.
>> I worked for US Navy as information security analyst /contractor for a few
>> years, and had two projects with US DoT. Plus, had an interview at ....
>> Let's not to mention exact name.
>> I can share a few things with you guys.
>> First, US government employees are paid very well. There are several levels
>> of (as I remember around 12 - 14) starting at 25-30K and up to around
>> 150-170K. That is for non-managerial positions. With my MS in CS and IT and
>> security experience I would easy target 120K. So, the same level as in
>> private sector. Plus, they have numerous perks, and being just contractor I
>> managed to use one. Plus, low cost very good health insurance, and pretty
>> good pension after several years, which is much better than what the rest of
>> US have.
>> So, those are positives. There are negatives as well. First, the environment
>> is highly politicized, and technical upper level management is out of common
>> sense. All is about getting more power. One top level manager once said
>> during business meeting "There should be no humor during business meetings".
>> And this idiot was absolutely serious. The same manager later destroyed
>> security department and moved information security in IT department, where
>> one IT boy said "Even monkey can do vulnerability scanning". He was expected
>> to replace me and my contact had been terminated. I was really happy to
>> quit. BTW, it was not a dumb stupid base in the middle of nowhere. It was
>> Naval System Command top research center.
>> Often US government big projects, like current related to cloud computing,
>> are out of technical common sense and are driven by political will and
>> something I name "legal corruption". In my collection of the most stupid US
>> government activity cases is so named NMCI project - Naval Marine Corp
>> Intranet, which was not Intranet project at all. Who is interested to know
>> details, please email me directly. I'm writing that because being government
>> employee you would be involved in such stupid projects.
>>
>> Concerning hiring process, it also very specific. To be hired, you need to
>> file (now electronically) twenty pages of questionnaire. Plus, two stupid
>> tests, plus writing an essay. Does not matter if you are well-known high
>> level professional - you should pass that crap of tests and writing. In
>> general, each US government department has some specifics in hiring, but it
>> is pretty standard and requires some time and devotion to deal with.
>>
>> Some time ago I saw a paper that US government immediately needs
>> approximately 20,000 security professionals. My assumption - mostly in
>> activities associated with this list interests. However, I do not think the
>> government will do anything real to fill out this gap. NSA project in
>> question, which triggered this discussion, is an example. BTW, NSA build new
>> center in the middle of nowhere, somewhere in Mormon's country. If you like
>> Wild West, you can try that.
>>
>> Summary: if you want good salary, thinking about retirement, health
>> insurance, etc., you can try to get there. You can earch through US
>> government departments' sites, and there are a few head-hunting portals
>> listing all departments, etc. But, be ready for specifics of hiring and
>> internal environment. In some places, like DC, you can find shocking results
>> of equal opportunity employment. I would assume that in some places you
>> could find good professional environment and good people to work with (I
>> enjoyed working with navy guys of my level), but do not count on that.
>>
>> Good luck
>>
>> Mikhail
>>
>>
>> CONFIDENTIALITY NOTICE: This email communication and any attachments may
>> contain confidential
>> and privileged information for the use of the designated recipients named
>> above. If you are
>> not the intended recipient, you are hereby notified that you have received
>> this communication
>> in error and that any review, disclosure, dissemination, distribution or
>> copying of it or its
>> contents is prohibited. If you have received this communication in error,
>> please reply to the
>> sender immediately or by telephone at (617) 426-0600 and destroy all copies
>> of this communication
>> and any attachments. For further information regarding Commonwealth Care
>> Alliance's privacy policy,
>> please visit our Internet web site at http://www.commonwealthcare.org.
>>
>>
>
>
> Advertising working for the nsa on _this list_?
>
> If you ask me, don't work for them, pwn them.
>
> spam v
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/