Serious Techy Business Thread

Ah.

It's a better name than either "Oozie" or "Pig", I suppose.

I have to be honest; I haven't done much this morning (notice in last week and all that).

What I did do was an investigation into a contractor (who is leaving) and decided that he'd found a bit of software on his machine which he thought was there to monitor his activity, snoop on his desktop etc.

It's actually for allowing an RDP session over a TCP tunnel to the AV agent if the standard RDP ports are blocked by a Firewall or NAT etc. It doesn't allow snooping and access to an existing desktop session only occurs with that user's permission (as per standard Windows config).

Paranoid, much?

Innit.

Not only that, but we have plenty of actual ways of telling exactly what a given user is doing on their work computers (Traffic monitoring, SIEM, Syslogging, MI analytics platform), as if I need to install anything to view your actual desktop.

To be fair, it is generally worth assuming someone will look at your shit at some point. I deal with so many falsely reported HR and whistleblowing cases, it’s ridiculous.

Yeah. I always advise people to behave as if you’re using someone else’s computer, tbh.

It’s surprising how many people think that their work PC belongs to them.

So this is a new one on me for the state of recruiters. I actually had a recruiter from my old company message me, who I had worked with as a team lead trying to find new engineers. It was for a mid level position back at the old company in fucking JavaScript. Genuinely a bot could do better.

"When you install our new system, could you import all of the data from our 15+ year old database?"
"We can do that but there are a ton of reasons why you shouldn't and the process will be irreversible if you change your mind down the line. This is your chance for a fresh start and the old data isn't going anywhere anyway."
"We won't change our minds, thank you!"

One month later:

"Could someone remote in and remove all of the old junk from our database?"

Having to deal with this with every install lately.

Nope. Have to deal with it now.

What does that mean?

I bet nick has some juicy evil user stories to add to his secops epics now.

Today, I am mostly writing Cyber Security interview questions and preparing to interview my potential replacement.

My boss has sent me the CVs of his possibles. Three of them have precisely zero actual cyber experience (for a "Senior Security Engineer" position). Three of them are asking for a fair bit more than they were paying me.

This all seems rather ironic...

Indeed.

The internet (eg, Reddit) is full of folks (Americans?) saying "yeah, I did tech support for a year, then worked in a SOC for 2 years and now I'm on $200k" which I suspect probably helps. Although, I don't actually believe a word of it.

One of these guys was working in a pawn shop until a couple of years ago. No offence, mate, but even if you're a gifted amateur, you're probably not ready for a senior role.

Blimey.

I guess those folks telling stories on the internet ain't helping anyone. Fancy that.

Cripes.

I know salaries have shot up and more senior, experienced staff can definitely pick and choose... but not to double that level for fairly junior people.

This actually explains why all the recent approaches I had came from recruitment professionals working directly for the company concerned and not from the more traditional route of approaches from contracted agents. I guess it allows them to approach who they want and have that discussion early without wasting any time or spending any money.

Not that I disagree in general but that more or less did happen to me. My highest on paper qualification is an Associates in English, but my experience in healthcare IT and my aptitude landed me a 6 figure architect role out of nowhere.