Sunday, June 26, 2016


Wow. . . In all it's quirkiness, BrainDead @BrainDeadCBS is a weirdly compelling TV show. . .

Monday, June 20, 2016

Anybody Got Openings for a Senior Level Security or Project Management Resource?

Couple of good friends of mine down here in the Dallas/Fort Worth area are both on the market looking for a new role due to some unforeseen cuts.

  • Carrie Weeks --
    Carrie is a deeply experienced IT Project manager of engagements large and small (and really everywhere in between), dating back to 1997. She’s also a PMP, active since 2001.

    More about Carrie @

  • Frank Richardson  --
    Frank is a hands-on security guy with 23+ years of experienced focused on Customer Relationship Management, Team Leadership, and Perimeter Controls (among many other things)

    More about Frank @

Both have families and roots here in the area. As a result, neither would be able to relocate. But they would be very open to telecommuting for the right opening.

I’m admittedly not doing either of them justice with my quick summary of their extensive experience. But their LinkedIn profiles are up to date and further explain the value they would potentially bring to a new Team. Strongly invite you to review them in detail at your convenience to fill in the details I’m not able to give in a blog post.

I’ve known both Frank and Carrie for a minimum 15 years each. Simply put -- they’d be invaluable to any Organization who scoops them up.

If you have no direct openings for which they can fill, I hope you won’t hesitate to forward their info out to other colleagues who might be able to help.

Thanx for your help -- reach out direct if there are any questions I can answer. . .

Sunday, June 19, 2016


Back from @SANSInstitute SANSFIRE2016 SEC579 -- Returning to regularly scheduled programming, already in progress. . .

Marcinko SANSFire 2016

Tuesday, June 14, 2016


Arguing with somebody about politics on Facebook is like trying to get my dog to stop licking himself.

They're not going to stop until they pull every little thing out of their butt, and you're going to be disgusted with what you see all along the way. . .

Sunday, June 12, 2016

(UPDATE2) Looking for New Home on the Range?

Answering a few more questions that have come up since the last message -- if there is anything else I didnt cover, feel free to reach out

4) The 20% travel amount listed at the top of the job description does not match the 50% in the body -- which is true?

Good catch. I'll point that out to our HR

Travel will be closer to 50%. That said, one of the reasons why we are looking for regional resources is that travel will be more local when needed. There will be other travel for various engagements. But that's the primary intent. And that 50% would include travel to customer sites within your own city/town. I live in the DFW area, and engagements throughout the metroplex would count to that total just as much as engagements in Tampa, Austin, etc

5) Do the Senior Security Consultants Telecommute?

Yes -- absolutely

When you are not on a customer site, conference, onsite SHI meeting, etc -- this is very much a work from home position. Home Internet, cel, travel, and personal mileage is also reimbursable (with the typical caveats enforced by accounting)

Note -- the work from home benefit does not extend to the Junior SE roles. If you're invited to the party under that role, you must be able to work from the Somerset, NJ office full time. We want you to grow into both the current role and into a senior role on the practice. That requires good people being around other good people -- to grow into great people. The expense policy for these roles is also somewhat different since home office based charges not included

Answering a couple of questions that have come up in private messages -- if there is anything else I didn't cover, feel free to reach out. . .

1) Will you consider those outside of Chicago and NJ?


Chicago and NJ are preferred based on where our immediate needs are.

But our need for skillsets and experience are just as strong. If you know what you're doing and you're a good fit, that's what counts most

All of us SSAs are scattered in TX, CA, FL, NC, and PA with a manager in NJ. We do travel when needed

2) How do I apply?

Both of the links on our SHI HR page have a resume submission button at the bottom. That will get your CV into the system, to be reviewed by our leadership. And if they like what they see, they will definitely be in touch. We are purposely choosy in who we invite to the party given how the role will put you in front of customers large and small and speaking with the voice of the Practice. But again, if you know what you're doing and you're a good fit. . .

That said -- if you do apply -- I also invite you to shoot me a note to let me know as so I can call attention to it. Things dont often get lost through the cracks between HR and my team but always a first time

3) Do you have any additional info regarding the Junior roles?

These roles have unfortunately not been posted. But generally speaking, these will be tagged with understanding a specific vendor in detail (Checkpoint, Fortinet, Mcafee/Intel, Splunk, etc) but will be responsible for speaking at a high level (and neutrally) across all vendors in the space in a presales context. You will potentially also be asked to do delivery of your primary technologies as you grow into the role and our team.

To that end -- if you know and can deliver Check Point -- that is one of the many areas we're seeing high demand. Successful Check Point delivery experience would be potentially considered a plus. (As would any delivery experience, to be sure)

These SE roles are also specifically structured to allow the person to grow into a Senior SA role (described in the above links), assuming you dont want to go into Sales AE elsewhere in SHI. If that's where you want to be, but you're not there yet and are hungry to be -- Maybe we can help you grow into it?

The catch on these is that these SE roles, however, **must** be available to be in our Somerset NJ office full time. Partially due to how the role supports our customers and AEs. Partially due to how knowledgeable people being around knowledgeable people will always make everybody more so.

If you're interested in the Junior/SE roles -- let me know directly. The roles will be posted by HR in the short term -- but I can get your info to leadership in the interim

Original Post
My SHI Security Practice is looking seriously for two (2) Senior Security Consultants who can travel -- and can hit a curve ball just as comfortably as they can the slow pitch softballs.

Simply put. We're booming. We service a wide variety of customers with just as much of a variety of assessment, presales, and technology and delivery engagements. And we do it across the US.

Care to join the party?

We're trying to cover the whole country -- so preference will be given to those in Chicago IL or Somerset NJ (NYC Area). That said -- good people are what they are.

Great people, the spiffy ones that are naturally hungry to learn, grow, and be a part of a team -- well, even more so. And that's the kind of resource for which we're looking.

So if you're both interested and have got the game, we want to talk to you.

More info about both roles below and @

Feel free to reach out direct if there is anything I can answer

We're also hiring a variety of SE roles which will be technically specific to an individual vendor, and sometimes delivering the technology (also traveling). But most of the time will also be speaking vendor neutrally about solutions to customers in presales conversations. Those roles are not yet posted. But if you're interested in those, reach out to me with that too.

% of Travel Required : 20-30% 50%+ (including travel in your own home town)
Job Type: Full Time Employee
Career Level: Experienced (Non-Manager)
Category: Customer Support/Client Care

Job Description:

  • Constantly growing in response to the needs of our customers in all sectors and verticals, SHI has transformed itself from a $1 million "software-only" regional reseller into a $6.8 billion global provider of information technology products and services.
  • From software and hardware procurement to deployment planning, configuration, data center optimization, IT asset management and cloud computing, SHI offers custom IT solutions for every aspect of your environment.

Job Responsibilities:

  • Responsible for delivering on larger projects with greater oversight, but still responsible for delivering their assigned tasks on time
  • Responsible for delivering small projects on time and within budget with minor oversight
  • Required to develop project plans for use by project managers on small projects
  • Required to provide input on tasks (description, breakdown, duration) for larger project plans to lead architects
  • Required to develop and maintain internal intellectual property, a combination of white papers, subject matter guides, and project briefs
  • Required to occasionally help with pre-sales activities including preparing and delivering presentations
  • Required to review and provide input for statements of work

Job Requirements:

  • Highly organized with strong communication, presentation and consultative experience and skills across a diverse set of security technology solutions
  • Knowledge across multiple areas of security technology solutions including NGFW, SIEM, DLP, NIPS, HIPS, FW/VPN, SSL VPN, IAM, encryption and End Point (client security)ØDeliver vulnerability, risk and social engineering assessments
  • Able to articulate client needs to build a requirements document based on discovery information obtained
  • Able to design an appropriate security solution based on requirements document
  • Able to provide assessment services based on best practice and security frameworks such NIST, ISO 27001, HITRUST other security frameworks
  • Able to support the sales organization throughout the entire sales life cycle related our supported security solution matrix
  • Able to support and lead delivery of project consultants
  • Able to work in high-profile and stressful customer environments
  • Able to work flexible schedules, evenings and weekends, according to project requirements
  • Able to travel minimum of 50% or as needed according to customer project requirements
  • Able to deliver projects with minimal oversight and direction
  • Able to work with project managers and lead design and implementation to support consultants
  • Able to provide technical support to the pre-sales teams for services and product support
  • Able to conduct self-study and independent work in lab facilities to increase job-related skill
  • Able to obtain technical certifications as needed
  • Able to communicate effectively in written form
  • Able to recommend new security solutions based on industry trends
  • Proficient with Microsoft Office products including Visio, Word and Project

Education and Experience:

  • Minimum of 10 years experience working with design and delivery/implementation of information security/risk management products and assessment methodologies
  • Should have one or more of the following Security Certifications: CISSP, SANS GIAC, CEH, or equivalent
  • Should have one or more vendor certifications from Check Point, McAfee, Symantec, RSA or equivalentMust have skills with IT networking products such as Cisco, HP, Check Point, Fortinet or Palo Alto
  • Should have a BS degree (Computer Science or Engineering preferred though not required) or equivalent education and work experience

Preferred Skills:

  • Technical writing, public speaking, SOW creation and delivery, project scoping