Well, I certainly didn't intend to make anyone feel down.  I've been working at this for more than ten years; there just aren't any security jobs (zero) within an hour of where I live.  I wanted to know where I stood.

Oneeyedcarmen, I do wish you the best in your endeavours.

I don't trust them, but my dog keeps digging up the mason jars I buried.  What can you do?

I don't think we'll be able to get away from it anytime soon, but there are some things that can be done to make it safer. 

On some of the sites I use, the site sends an email with a unique URL to the address that I registered with.  After clicking the link, I still have to enter some personal information.  This isn't perfect--someone could have already compromised my email--but it's better than letting me reset the password entirely in-band.

Sites also need to log IP addresses when a reset is requested and monitor post-reset activity.  If your banking password is reset, the bank should not allow your account to transfer all of your money to another account or allow a transaction that is 10x normal without actually calling you to make sure everything is okay.

One thing I do to protect myself is to use information that is not true, but that I can remember.  You can't get the answers to my questions by going to my MySpace page.

Thanks guys.  I appreciate the assessment.  I wanted to make sure I wouldn't be wasting my time. 

I realized after reading ChrisG's response that I really needed a website that I can send potential employers to so I set up a site on Google with my resume, publications, and a personal statement.  I hope it helps.

Regards.

I'm planning to start applying for some security jobs soon and I'm hoping for a little advice.  I have never had a full-time security job, but I have had security responsibilities and would (ideally) like to land an intermediate-level position. 

Is this possible, or do I need to put in some time in an entry-level position first?

My justification for wanting to do this is that I think my technical skills are much more in line with an intermediate-level position.

I have 6 years of full-time experience in networking, programming, and IT management.  My responsibilities have included managing an IDS and performing product security testing.

I'm Security+ certified and plan to pickup the C|EH soon.  I've taken Foundstone's Ultimate Hacking: Expert course.

I've published several articles (in print) on buffer overflows and other security topics and have also contributed to several Wikipedia articles.  I can write exploits and shellcode and can use advanced techniques to bypass StackGuard, PointGuard, no-exec, ProPolice, etc.  I can also find and exploit other vulnerabilities such as as SQL injection and XSS.  About eight years ago, I reported several vulnerabilities on Bugtraq.  I spoke at Defcon around the same time. 

I know TCP/IP really well and have spent hundreds of hours analzying traffic with tcpdump, Ethereal, Wireshark, and Snort.  I've created a lot of custom traffic (for product security testing) using Hping2, Packit, Nmap, fragroute, and my own protocol fuzzers .  One of my work projects required me to analyze and qualify signatures for Snort and the Cisco IDS.  I documented dozens of the signatures in the Snort project.

I've been using Unix for 14 years and can comfortably manage BSD, Linux, and HP-UX.  I have some Windows server experience (and a lot of desktop), but no Active Directory.  I have experience with Cisco routers and switches, HP switches, and Foundry layer-4 devices.  I'm comfortable with Unix firewalls but have no hands-on experience with commercial firewalls.

My knowledge comes mostly from personal projects and reading--I've read more than a thousand articles and conference/journal papers on security (and hacking) over the last ten years.

So, what should I aim for?

If you think I'm getting ahead of myself, say so.  If I should go for an intermediate-level job, how do I get past HR?

There are two things that I think you need to impress on your employers.

1) Someone can eventually find a way in.  An attacker only needs one misconfiguration or unpatched vulnerability to get access to some system.  Even if you have good security practices and are patched up-to-date, a new exploit could be released tomorrow that leaves you vulnerable to every script kiddie who decides to take a poke at you.

2) Once an attacker gets in, he usually wants to keep his access and move to other systems within the network.  The primary means of expanding his access are cracking passwords, or otherwise stealing credentials from the first machine, and sniffing the network to get other credentials.  Many people don't believe that it's possible to sniff switched networks, but many also think the Earth is flat.  Tools such as Cain and Abel, and Dsniff have made sniffing on switched networks relatively easy.

Good security isn't only about keeping the bad guys out, it's also about containing the damage once they get in.  If an attacker gets into one machine and can then sniff FTP, telnet, POP, LM/NTLM, you're wide open.  If he gets in but has limited network access (due to firewalls, VLANs), is unable to crack the passwords on the system, and can't sniff any useful traffic, he has a much more difficult task ahead of him.  That's not to say that he can't still own the whole network, but it raises the bar significantly in terms of skill and time.  Increased time is increased risk for the attacker; the longer he is logged in and putzing around on your systems, the more likely he is to get caught (especially if you have good logging and some IDS in place.)

Cheers.