Friday, January 4, 2008

Dream Job

Hoff says:
Assuming you were going to stay in the "Information Security" industry, what would you do if you could pack up your office tomorrow and move into shiny new digs in your dream job? What would that be? With whom? Doing what?
Here's my quick, off-the-cuff answer.

This is an easy one. The company itself would be populated by smart, driven people who are truly passionate about security. Two things I'd be happy doing there would be:

1. Pentesting, but in a smart way. As in not just running some automated tools and producing a pretty report. The ideal would be really digging in to try to find the unique holes for a given project. I wouldn't want to waste time coming up with a big report that basically just said "apply the following vendor patches."

2. Research, ideally studying and inventing entirely new vulnerabilities and attacks. Random fuzzing, not so much. (Though I'd take "fuzz until it breaks/write an exploit" work in a second.)

Makes me wonder why I'm not actively pursuing this.