I could have gone into security but whats the point? Working for the government is not an ideal job (see posts about offices like caves and inane security clearance requirements). If you lucky enough to have gotten a job in the security industry instead of the gov't things tend to go like this:
Any new exploit you find will either be (a) swept under a rug by the vendor, (b) accepted as an exploit but never patched, or (c) get the researcher sued by the vendor. If by some small chance you end up finding an exploit for a vendor that actually pays for such knowledge, the average is about $500 per exploit I believe. Not really worth a month of my time no matter how you look at it.
If we want a security industry, we have to foster a security industry, not try and hide the fact that we need one (as most companies do now).