Recently in work-jobs Category

A short post, to relate a story... just as I was about to hop onto a con-call this morning, my phone rang with a call from my Mom... given that it was first thing in the morning and that I still have a couple elderly grandparents, I answered fearing the worst... boy was I ever unprepared for the news!

Mom played for me a voice message left on her home answering machine. It was a recruiter from TekSystems, in a strong accent that I could barely understand, calling for me regarding an opening he was trying to fill. Yes, you read that correctly... a headhunter from TekSystems literally dug into the way-back machine and tried to reach me at my parents' home!

In case we've never met, let me baseline it for you: I'm well into my 30s, haven't lived at home since I was 19 (first Summer home from college), and haven't used their address as my "permanent" address since I was 22. Suffice to say, there is ABSOLUTELY POSITIVELY NO REASON that they should be calling for me there.

So, here's my reaction:
a) Tweeted my discontent.
b) Blogged my discontent.
c) Setup a gmail filter that will delete all mail from @teksystems.com, skipping my inbox completely.

What a galling way to start the day...

Interested in working for a strong up-n-comer in the GRC space? LockPath officially launched 1.0 of it's product on 10/10/10 and is now up to 2.0. We're growing quickly, and we need some top-notch folks to help us on our journey. Specifically, we're looking for:

• Support (2 people - based in KC)


• .net Devs (3 people - based in KC)


• Infrastructure/Data Center (1 person - flex location, KC might be helpful)


• Sales (1 regional sales, 1 international sales, 1 federal sales, 1 sales engineer - remote is possible)


• LPS (2 consultant/training people - remote is possible)

If you're interested, then please feel free to email me, leave a comment to follow-up, hit me up on Twitter, or hit the LockPath Careers page.

Thanks!

Well, it's finally happened. I've finally given in to the dark side of the force. As of Monday (8/1), I'll be working for a vendor! :)

I've decided to leave Gemini Security Solutions to join LockPath - a next-generation GRC startup - as Principal Consultant, where I'll get to do all sorts of cool stuff. My responsibilities will vary widely, but will include writing, training, consulting, working with our professional services partners, and generally helping out with whatever is needed.

I've been friendly with LockPath for a couple years now. You might remember my blog post about them last October, titled "Not Your Mama's GRC." I am convinced that LockPath is the real deal. They've worked very diligently to address major deficiencies in the GRC platform space. And, best of all, they've come up with a great, flexible framework that provides a degree of extensibility that I've not seen in other products.

All told, this is a very exciting opportunity for me, and one that I hope to see through to tremendous growth and success. It's an opportunity to help redefine the GRC product space, while also furthering the development of and support for the imperative for organizations to have formal GRC programs. If pending legislation is any indicator, then the need for a formal GRC program is only going to increase, while downward pressures continue to contain costs. LockPath is well positioned to meet those needs.

I started writing this post a few weeks ago, but am only now getting back to it. After getting a good outline going, I simply couldn't bring myself to write it. Part of my resistance, I think, comes in the pain of self-realization. At the same time, I'm sometimes loathe to share these personal revelations as I'm never sure how people will take them. My hope is that you'll read this and think "lessons learned" and not "what a dope." Anyway...

I was asked to pass this info along... flyer here.

"Career and Academic Night" co-hosted by ISSA NoVA, ISACA (NCAC), and IIA (NoVA).

When: Tuesday, October 19, 2010, from 5:30 p.m. – 8:30 p.m.

What:
An event designed to allow qualified candidates in the technical security and auditing professions to connect with potential employers as well as obtain information regarding academic opportunities. The event is free and open to both experienced professionals and recent graduates. We will have a “match-making session” where attendees who arrive early to sign up may have the opportunity to meet with certain potential employers for a “speed- interview.” Additionally, three speakers will give short, informational presentations.

Who:
Companies, agencies and academic institutions scheduled to attend1: Ryan Sharkey, Freddie Mac, Morgan Franklin, KPMG, PwC, Grant Thornton, CACI, Hirestrategy, Jefferson Wells, SANS, Watkins Meegan, Williams, Adley and Company, Cotton and Company, Clifton Gunderson, CompTia, QSSI, Secure IT, Bowie State, ISC2, Cyber Watch, UMUC, Duval & Associates, Customer Value Partners.

Where: NRECA building, 4301 Wilson Blvd, Arlington, VA 22203 (www.nreca.org) Just two blocks southwest of the Ballston Metro station on the Orange line.

How: Free, but needed, registration at: http://www.isaca-washdc.org/careernight

Effective today, I am gainfully employed full-time by Gemini Security Solutions. I'll be coming onboard in a combined security consulting and business development role. This is a very exciting opportunity - one I look forward to knocking out of the park!

About Gemini
From the About page: "Gemini Security Solutions provides impartial information security consulting services that ensure the confidentiality, integrity, and availability of critical business information and resources. Our value is centered on our ability to deliver the right expertise and the right experience, at the right time."

I've been following, with some amusement, the recent small burst of blogging on how to get into infosec. I find it somewhat amusing for a number of reasons, not the least of which is that it reminds me of any number of "lightbulb" jokes (How many general relativists does it take to change a light bulb? Answer: Two. One to hold the bulb while the other rotates the universe.). Why does it amuse me so? Well, for one thing, there's no real defined path into this industry. For another, there are still lots of grey areas with respect to roles and responsibilities. That being said, here are some of my quick hit thoughts.

Hey folks - I just lost my job again. ARGH! I'm at a loss for what to say. In the meantime, I need a new job, and asap. I'm currently based in Fairfax, VA. Relo is not an option this time, but I am open to travel.

Resume is here: [ PDF ] [ DOCX ] [ DOC ]

As noted on Sept. 22nd (see "IMMEDIATE AVAILABILITY: Looking for Work"), I lost my job in Phoenix and was in need of work. 2 weeks later (Oct 6th) I accepted a position with Foreground Security as a Senior Security Engineer, which will be moving us back to Northern Virginia. My initial engagement will be on a large contract with a civilian federal agency. Overall, an excellent opportunity!

I promised some people that I'd talk a bit about how the job search process went, and in particular look at how I was fortunate enough to get a job so quickly when others are looking for work, and have been for quite some time. Overall, it comes down to networking and luck. However, there's probably more to it than that.

Howdy! As of this morning, without warning or much in the way of explanation, I've found myself unemployed and in need of work ASAP. My resume is available here:
http://falcon.secureconsulting.net/resume/Ben_Tomhave.pdf

In a nutshell: I'm a high-level strategic security person, particularly adept at writing. I've tended to focus largely on "layer 8" concerns as of late (that is, the disconnect between people and their security needs), but also have deep experience in architecture, solutions, policies, compliance, and overall program organization and management. I'm published, have a MS in InfoSec Mgmt, CISSP, etc, and am an experienced speaker.

Location: I'm currently based in Phoenix, AZ, but we're open to moving. In particular, we have a strong interest in moving back east, such as to No. Virginia / DC metro. Given the circumstances, a bit more flexible in this area.