Work from home security jobs?

Cyberscum

So I'm sick and tired of the day to day in the federal job I'm in.  Meeting after meeting, cubicle cities and penetrating artificial lighting.  I'm looking for some opportunities to work from home but am very unfamiliar with this territory.  

Does anyone know of any specific opportunities or companies that hire work from home security professionals?

Job exp: 10+ years gov sec, CISSP, sec+, forensics certs, clearances blah blah blah.

JDMurray

Typical work-at-home positions in IT are help desk/SecOps/NetOps types of jobs that have little hope of career advancement. That's a good type of job to have if you are also working on a better career path.

Cyberscum

JDMurray said:

Typical work-at-home positions in IT are help desk/SecOps/NetOps types of jobs that have little hope of career advancement. That's a good type of job to have if you are also working on a better career path.

I mostly agree with this statement but I specifically remember a user name Broli (or something close) that did WFH ISSO work with some travel and a few users that did pen/vuln testing from home.  I know they are scarce but I am just curious what the job market looks like as I have not searched on the civilian side for over 15 years. 

JDMurray

Practically any job can be performed remotely (telecommute) if the work can be compartmentalized into tasks that can be strictly planned and monitored. Jobs that involve tickets are an example, as are programming jobs in a DevOps environment. A pentesting team can certainly be mostly remote (and still connected to each other) depending on what is being tested. As a book author, I would work on my own and not talk to my "boss" for weeks at a time.

Are you looking for specific job posting recommendations or suggestions for career paths that are most likely to be telecommuting?

Cyberscum

JDMurray said:

Practically any job can be performed remotely (telecommute) if the work can be compartmentalized into tasks that can be strictly planned and monitored. Jobs that involve tickets are an example, as are programming jobs in a DevOps environment. A pentesting team can certainly be mostly remote (and still connected to each other) depending on what is being tested. As a book author, I would work on my own and not talk to my "boss" for weeks at a time.

Are you looking for specific job posting recommendations or suggestions for career paths that are most likely to be telecommuting?

I am looking for suggestions on what opportunities are out there for xmil/gov types with clearances as well as anything that might help land one of those jobs. 

I have looked online but there are so many spam job postings that falsely advertise WFH opportunities.  Hard to tell what I qualify for with exp in the mil/gov as the job roles for every organization seem to be different.

I have exp in pen testing, ISSM, ISSO, sys admin, net admin, physical/industrial/personnel security.  Not sure what to look for really.

.....Maybe ill take your route and write a book on the current level of security of the gov.....best seller in the comedy section.

JoJoCal19

In an ultra-rare disagreement with JDMurray, you can find a variety of non-dead end jobs that are remote. For security specifically, risk management, security engineering, pentesting/red-teaming, and cloud security are just some of the ones out there. Risk management does lend itself well to remote work. I usually do two searches on Indeed to find remote positions:

title:remote and "cissp (or other security related keyword)" - This searches titles that include remote and have CISSP in the body.
"cissp" and in the location box I put remote - This searches jobs that list CISSP in the requirements and where the company has remote in the location field.

Right now its slim pickins but when hiring season fires up I've seen several hundred under the first search.

Cyberscum

@jojo.  Great advice thx.  Do you normally just apply for alot of them or specifically choose a few?  I have never been in a sec job that I did what my job title was.  It usually starts somewhere close and ends up being what the company needs most lol.


...also this is my first time venturing into the civilian world so maybe my creds are not even desirable lol.  I know this is going to be a loaded question but in your eyes would a be a strong candidate for some of these jobs you describe or do you see something missing I need to work on?

EANx

You might have good luck targeting industries with a healthy reporting and compliant requirement. Finance followed by healthcare immediately come to mind but any industry that has a set of standards where you can point to NIST and say "I've done something similar".

TechGromit

Usually work from Home jobs are not entry level type stuff. They are reserved for in demand experienced professionals, not sure 10 years of Government adequately prepares you for a work at home position.  

Cyberscum

EANx said:

You might have good luck targeting industries with a healthy reporting and compliant requirement. Finance followed by healthcare immediately come to mind but any industry that has a set of standards where you can point to NIST and say "I've done something similar".

Good point.  Although I'm not 100% sure I would like to do that 100% of the time this would be a good start for sure.  Thx

Cyberscum

TechGromit said:

Usually work from Home jobs are not entry level type stuff. They are reserved for in demand experienced professionals, not sure 10 years of Government adequately prepares you for a work at home position.  

What else would adequately prepare me for security work? 

I have pentested many projects with NSA/CIA to include deliverables, RMF (C+A) multiple classified and non class stand alone and enterprise networks, specialized in vulnerability and threat mitigation for five years to include e-eye, nessus, ACAS.  Sys /net admin over ninteen total networks including virtual and air gap nets.  ISSM and ISSO over a few enterprise networks for over seven years.

What else would people/companies be looking for?  Or what should I concentrate on learning in your opinion?

MickyDee

Cyberscum, just out of curiosity, are you not allowed to telework at your current employer. I know some people in the federal government that are allowed to telework between 2-4 days a week, so it may not hurt to ask again, if you have already done so. Of course, if you're not satisfied with the job, then I can completely understand wanting to leave.

Cyberscum

MickyDee said:

Cyberscum, just out of curiosity, are you not allowed to telework at your current employer. I know some people in the federal government that are allowed to telework between 2-4 days a week, so it may not hurt to ask again, if you have already done so. Of course, if you're not satisfied with the job, then I can completely understand wanting to leave.

I cannot.  I currently do only secret squirrel stuff.  Working from home is a sick joke to us all.

JDMurray

Cyberscum said:

I am looking for suggestions on what opportunities are out there for xmil/gov types with clearances as well as anything that might help land one of those jobs. 

Any job requiring a DoD clearance will want your working in a SCIF or similar facility and definitely will not let you "take your work home." The employers in the private sector that are not contractors of the Federal Government will not require or maintain your DoD clearances.

Have you tried actively working with recruiters to find a 100% telecommuting situation? There is certainly a lot of them on LinkedIn looking for all sort of InfoSec pros.

themanwholaughs

You could ask to do remote support at your home and remote in to the servers with vpn but yeah as people have said you can't take stuff home with you as its govt.

JoJoCal19

Cyberscum said:

@jojo.  Great advice thx.  Do you normally just apply for alot of them or specifically choose a few?  I have never been in a sec job that I did what my job title was.  It usually starts somewhere close and ends up being what the company needs most lol.


...also this is my first time venturing into the civilian world so maybe my creds are not even desirable lol.  I know this is going to be a loaded question but in your eyes would a be a strong candidate for some of these jobs you describe or do you see something missing I need to work on?

I usually just target certain jobs that I feel Im a fit for or are appealing. I feel it is easier to obtain a remote position when you've been remote and have been successful. Trying to break in, apply to many (as long as you meet some of the criteria) and try to play the numbers game. 

Sylabicuma

I recommend looking into one of the Big 4 firms. However I will caution you that most of them are split into commercial/federal client work, and if you get into the commercial side you will be traveling around 75%. The federal side often lets you work remote (at least at the firm I'm at), because you're consulting with the federal agency, not working directly for them or as a contractor. They will keep your clearance as well. 

aderon

I also did federal IT sec work for awhile there and I know what you mean.  I'm actually doing remote sec work now.  I was found by a recruiter, but there's definitely opportunities out there.  Setup a new email address, submit your resume to ziprecruiter, monster, dice, linkedin, indeed, etc with that email address.  You'll start getting flooded with emails, almost all will be on-site, but after awhile you'll be able to search through your emails for "remote", "work from home", etc and you'll see there's a few to choose from.  Also, off the top of my head, I know Crowdstrike hires a lot of remote employees.

Ertaz

Right now I'm looking for traveling IT Security Ninja jobs myself.  I can't wait until hiring season.

E Double U

Some of this thread is quite surprising. I have been in Info Sec since 2012 and almost every role I have seen allows remote work from incident responder up to CISO. My current employer uses a flex desk environment where everyone has laptops so no one is bound to a cubicle. You can work at any of our locations or from home as you see fit. 

LionelTeo

Both fortune 100 companies I had worked with allow ocassionally work from home with legitimate reasons, such as to fetch kids from school. Wfh rate is about once every week, but I had known colleague who wfh an average of twice per week. Both environments are in Security Operations. My current environment is also a laptop orientated environment similar to E Double U.