|
|
Penetration Testing
felons as pentesters Dec 02 2010 04:57PM amir shadrazar (shadrazar gmail com) (4 replies) Re: felons as pentesters Dec 03 2010 09:44PM J. Oquendo (sil infiltrated net) (1 replies) RE: felons as pentesters Dec 04 2010 07:25PM Mark Brunner (kohi10 rogers com) (1 replies) Re: felons as pentesters Dec 07 2010 02:27PM J. Oquendo (sil infiltrated net) (2 replies) RE: felons as pentesters Dec 09 2010 12:54AM Mark Brunner (kohi10 rogers com) (1 replies) RE: felons as pentesters Dec 10 2010 02:58PM Kevin L. Shaw, CISSP, GCIH, GPEN (kshaw eeenterprisesinc com) |
|
Privacy Statement |
--
Kevin L. Shaw, CISSP, GCIH, GPEN
240.593.4261
Sent from my Android
"Fred" <kbcboy (at) gmail (dot) com [email concealed]> wrote:
>For whatever it's worth ...
>My old boss was convicted of felony computer crimes after breaking
>into federally funded systems at a university, while a student in '91.
> He pleaded and paid a fine plus probation but still had a felony on
>record. Well after working at an ISP that turned into consulting
>company he hired me. He had a secret clearance and we worked many a
>pentest gig. Yes I'd hire someone with a felony. It only matters
>what they are doing now, not what they did ten or twenty years ago.
>Well he started his own company and it did well enough he doesn't work
>anymore. It's important to be up front with the gov't if that is the
>type of consulting that you are going for. They will make their own
>determination based on many factors. Those factors being -
>references, financial status, drug use, criminal record
>A board makes a final decision.
>
>
>On Thu, Dec 2, 2010 at 11:57 AM, amir shadrazar <shadrazar (at) gmail (dot) com [email concealed]>
>wrote:
>> I have a personal friend who has recently asked for my advice. He was
>> convicted of a felony for grand theft auto when he was 21 or so back
>> in the early 1990's and a separate misdemeanor charge for fraud. He
>> served his time, less than 1 year, paid restitution and completed
>> probation successfully in the mid '90s. Since then he has not had any
>> run-ins with the law with the exception of a misdemeanor drunk in
>> public charge 4 years ago that was the result of unfortunate
>> circumstances (he was a passenger in a car that was pulled over and
>> the police officer asked him to step out of the car and then he was
>> arrested) and is definitely a reformed individual. He is always
>honest
>> about his record and has worked in state government in sensitive
>> positions in IT security requiring background checks with
>fingerprint,
>> and holds industry certifications with Ethics requirements from ISC2
>> and ISACA. Both organizations were made aware of his history and
>after
>> legal review decided to grant the credentials. His record cannot be
>> expunged because there is no realistic process to do so in the state
>> he was convicted.
>>
>> The questions are this (answer depending on the sector you work in):
>>
>> Would you hire this person to work for your company providing
>internal
>> security and pentest services?
>>
>> Would you (as a consulting firm) hire this person to perform
>> consulting and pentest services on behalf of your firm?
>>
>> Would he ever be able to receive a security clearance (even a low
>> level secret clearance) and employment from the Federal government?
>>
>> Why or why not?
>>
>> Thanks, I know this isn't the typical question on this list but he's
>a
>> smart guy that's learned from his mistakes and I'd like to help him
>> out if I could.
>>
>> -Shad
>>
>>
>-----------------------------------------------------------------------
-
>> This list is sponsored by: Information Assurance Certification Review
>Board
>>
>> Prove to peers and potential employers without a doubt that you can
>actually do a proper penetration test. IACRB CPT and CEPT certs require
>a full practical examination in order to become certified.
>>
>> http://www.iacertification.org
>>
>-----------------------------------------------------------------------
-
>>
>>
>
>-----------------------------------------------------------------------
-
>This list is sponsored by: Information Assurance Certification Review
>Board
>
>Prove to peers and potential employers without a doubt that you can
>actually do a proper penetration test. IACRB CPT and CEPT certs require
>a full practical examination in order to become certified.
>
>http://www.iacertification.org
>-----------------------------------------------------------------------
-
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]