Remote Work in IT Security

friz

I have a concern about heading down the IT Security path long-term. I'm just starting out (in IT Security; I've been in IT generally speaking for years), and I've come to realize that this path seems to typically require some pretty heavy travel and at the very least, full time spent in an office.

I'm currently working remotely, though it is a lower-paying position, so I'll be looking to move on in a few months. The concern I have is that I live in a smaller city that doesn't have an immense need for IT professionals like you'd find in the bigger cities, and I have a wife and kids, so I don't want to start traveling for business full time. We'd rather not move, so I was wondering what you guys think: is there a way (long-term, through certifications and finding the right company) to find a well-paying, 100% remote position in network admin/security and/or server hardening? Would it be better to look into virtualization jobs considering my situation? Is it just not possible?

Thanks for your time.

techfiend

While I don't have experience in the IT security field, yet. Other than development and analysis, security is probably the most in demand telecommuting position and there's some 6 digit salaries in the field. With pen testers onsite I don't see how it couldn't be done very effectively remotely. I've noticed some large companies looking for experienced infosec telecommuting positions. One that comes to mind is Search Jobs and from past experience they pay well above average, at least for entry level. They are already one of the largest healthcare companies and seeing substantial growth lately and have applied to serve exchanges for 26 states. It's slow right now but usually see 20+ openings a week in the local area, HQ, at various levels and some are telecommute. If they don't have anything that fits you currently, you might want to follow it anyways.

Cybercoders is another one that has a lot of telecommuting positions they are almost exclusively mid and high level positions and often list 6 digit salaries but some times very short projects. I've seen $250,000 for a 3 month project there but it required a lot of skill and maybe hundred people were qualified in the country.

MSP-IT

I've seen quite a few remote positions for information security in the past 6 months. I think the nature of the work tends to lend to telecommuting.

Check out this Netsec subreddit post. I'd estimate that 10-20% of these jobs are/offer remote work:

/r/netsec Q4 Information Security Hiring

philz1982

I have a 100k+ job in ITSEC and IT Design. I work from home 100% with 40% travel.

abnmi

philz how would i look for a job like that.

philz1982

It's all in how you structure the job. Bring it up in the interview. I focus on the pre-sales side of things so I am directly focused on deal engagement. If you focus on operational roles you will most likely need to be on-site more often.

cyber_fan_monterey

Philz, I think your job is not pentesting is it? Because those guys travel a lot to the sites for the tests. I am really interested in the design/security jobs.

Danielm7

cyber_fan_monterey wrote: »

Philz, I think your job is not pentesting is it? Because those guys travel a lot to the sites for the tests. I am really interested in the design/security jobs.

Read his post right above you. Pre-sales / deal engagement != pen testing.

philz1982

Danielm7 wrote: »

Read his post right above you. Pre-sales / deal engagement != pen testing.

Yes and no...

So 60-70% of my job is presales and deal engagement (hence design and integration)

The other 30-40% is evaluating partners. So I test out the partner technology for vulns and compliance. Kind of a wierd gig. I manage a channel ecosystem of roughly 100+ partners (Avaya, Cisco, and HP are some of the biggest) and I evaluate the technologies for C&A, Reg Compliance, VA/PT using Nessus, Qualys, Burp, and Manually hands on. However, I am testing for compliance and entrance into an eco-system to ensure any technology we introduce will play nice with the network.

cyber_fan_monterey

Wow So you do PT in some scale. It is cool that you are not a sec engineer but you mostly do security work. As far as I knew the job titles in the industry are clearly divided as sec and non-sec jobs. It seems that it is not the case...

philz1982

Technically I don't even work for an IT company so its wierd. There are a ton of hybrid non traditional jobs out there if you know where to look.

philz1982

cyber_fan_monterey wrote: »

Wow So you do PT in some scale. It is cool that you are not a sec engineer but you mostly do security work. As far as I knew the job titles in the industry are clearly divided as sec and non-sec jobs. It seems that it is not the case...

And to be clear what I do is design intelligent buildings and manage an eco system of technology providers to support that. It just so happens right now that cloud, virtualization, and security are the flavor of the day.

cyber_fan_monterey

Exactly! Companies are crazy about having their own private cloud and provide service from there. And they will be in pain to secure it later.

pinkydapimp

Ive been in the pre sales post sales world for a while and my job has been remote for the last 10 years. My previous job was 100% travel(could be anywhere in the country) and current one is 70% travel just locally so no overnight. There are weeks i dont leave my house and others that i am out every day. These roles are definitely out there in the pre/post sales, architect or field engineering roles. But i would say it might be difficult to search specifically for them. Focus on the role types i mentioned and then when you interview you can inquire about how much travel/remote work is typical.