Holding Multiple Jobs In Cybersecurity

I've heard this through the grapevine but not sure how accurate it is. I heard that there are some places in the US where you can have multiple cyber security jobs. They say the system is usually to have your one main job, then have one or two more additional jobs where you're paid on 1099 (self employed). Those jobs are 100% remote and you don't have to come into the office at all. Matter of fact, they're usually high-paying.

Is there any accuracy to this at all? If so, can somebody with multiple jobs help shed some light on how someone can get additional jobs? The SOC where I work their is usually little going on and I could sure use a second gig to help pay off student loans.

Find more posts tagged with

second job

Comments

TechGromit

egrizzly said:

I've heard this through the grapevine but not sure how accurate it is. I heard that there are some places in the US where you can have multiple cyber security jobs.

I guess it's possible for well known cyber security professionals to have side gigs, like Eric Cole, Ed Skoudis, or Stephen Northcutt, it's unlikely Joe Smith who works at ABC inc and has a CISSP is going to have the repetition that other companies are going to trust sight unseen to preform cyber security work for them. Companies need a certain level of trust to have there employees work remotely, especially when they are set up cyber security policies, practices and defenses. I think someone been watching too much late night TV, you too can be a Cyber Security professional, work from home, work for several different employers at the same time, Act now and we'll throw in a secret decoder ring!

bigdogz

If you are well known in the InfoSec industry you may get some side work occasionally.

roninkai

I posted this once before, but was asking if anyone had used or heard anything about Advisory Cloud. I did do their phone consult. In theory it seems like you can make some great side income just being a cyber advisor. They pay per meeting or for a set amount of time. But far as I can tell, it mainly benefits the C-level people who already make a killing. For us engineers, I don't know if it would be worth the monthly fee for "access" to these gigs.

Then there is UpWork, where you can probably land recurring work if you do good work the first time around. However I have a love/hate with them since they are run by a bunch of millennial idiots who can't think past their scripted email responses. I got banned for something trivial and stupid (provider account/buyer account). Apparently I'm now damned to their "upwork millennial hell" because I didn't follow their policy about not having two accounts. No amount of emailing or explaining has done any good. Its unfortunate because I think there is a good amount of cyber work to be found there.

bigdogz

I did Upstart but I found that it was not worth the effort. I guess I left them before I was banned.

wd40

I googled Upstart and it appears to be an

"online lending marketplace that provides personal loans using non-traditional variables, such as education and employment, to predict creditworthiness"

is this the same company?

LordQarlyn

egrizzly said:

I've heard this through the grapevine but not sure how accurate it is. I heard that there are some places in the US where you can have multiple cyber security jobs. They say the system is usually to have your one main job, then have one or two more additional jobs where you're paid on 1099 (self employed). Those jobs are 100% remote and you don't have to come into the office at all. Matter of fact, they're usually high-paying.

Is there any accuracy to this at all? If so, can somebody with multiple jobs help shed some light on how someone can get additional jobs? The SOC where I work their is usually little going on and I could sure use a second gig to help pay off student loans.

What you are describing sounds much like what a consultant does, though in most fields consultants do show up at places of businesses. I have no doubts there are a few unicorn jobs like you described, but I would imagine you have to be in the top of your expertise, with some degree of reputation, especially if these jobs/gigs are high paying. Essentially, as others pointed out, you have to be a recognized name in information security. Maybe not at the level of Eric Cole or Ed Skoudis who are probably on a whole other level and can name a consulting fee for a week's work what many IT security people make in a year, but you probably need to have at least a long running blog or YouTube channel with a decent amount of monthly views to get something like that.

roninkai

Sorry, UpWork, formerly Elance. I think this is why I had two accounts, because one account was a carry over....for which I was banned.

tedjames

Plenty of people do bug bounties on the side for extra cash. I'm hoping to be good enough to do that eventually. Of course, if you already do penetration testing in your main job, make sure that your company doesn't have rules regarding conflicts of interest. Most just want to know if you're working a side job and want to ensure that it doesn't keep you from completing the work they're paying you to do.

JDMurray

I know someone who is a SOC analyst by day and a bug bounty hunter and options trader by night. I wish I had that energy!