Coming from the standpoint of a security auditor in a firm that specializes in Managed Security Services, let me lay a couple of things down in our defense.
1. Security firms are told to audit against a certain set of criteria when the audit, be it GLBA, HIPAA, or one of the open security standards. Our work only identifies human security risks in process and policy, not people. If you were individually and specifically labelled a security risk, you should demand to know why.
2. The firm's auditors likely had nothing to do with the loss of your job. Rather, it was your management. Managed Security Firms have two sales models: Unfunded Risk, and Savings. My guess is that their sales team was working on the Savings principle and presented a more cost effective security solution. Your management team decided that cost savings were more important than your job. I hate being a catalyst for that kind of change, because I don't like seeing good people get laid off. Most of our clients use us as a supplement, rather than a replacement. I wish it always worked that way.
3. You lost your job. But we're hiring, and we have a hell of a lot more fun than should be legal. Jobless security professionals and analysts, feel free to reply.
3. You lost your job. But we're hiring, and we have a hell of a lot more fun than should be legal. Jobless security professionals and analysts, feel free to reply.
Heh, looking at your website (or more accurately, not looking at your website), I can see another job opening coming up soon.;-)
I left a perfect contact method. People interested can reply to the post, and I don't expose any corporate externals to Slashdot effects. Seems like a good plan to me.
The other side of the story. (Score:5, Informative)
1. Security firms are told to audit against a certain set of criteria when the audit, be it GLBA, HIPAA, or one of the open security standards. Our work only identifies human security risks in process and policy, not people. If you were individually and specifically labelled a security risk, you should demand to know why.
2. The firm's auditors likely had nothing to do with the loss of your job. Rather, it was your management. Managed Security Firms have two sales models: Unfunded Risk, and Savings. My guess is that their sales team was working on the Savings principle and presented a more cost effective security solution. Your management team decided that cost savings were more important than your job. I hate being a catalyst for that kind of change, because I don't like seeing good people get laid off. Most of our clients use us as a supplement, rather than a replacement. I wish it always worked that way.
3. You lost your job. But we're hiring, and we have a hell of a lot more fun than should be legal. Jobless security professionals and analysts, feel free to reply.
Re:The other side of the story. (Score:1)
Heh, looking at your website (or more accurately, not looking at your website), I can see another job opening coming up soon.
Re:The other side of the story. (Score:2)
Re:The other side of the story. (Score:1)
Re:The other side of the story. (Score:2)
Re: (Score:1)
Re:The other side of the story. (Score:1)