<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7650.28">
<TITLE>Hiring Security Architects</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P><FONT SIZE=2 FACE="Arial">We have had open job postings for security architects for a long time with zero hits and I would love to understand how other enterprises are hiring practitioners. Would love your thoughts on the following:</FONT></P>
<UL>
<LI><FONT SIZE=2 FACE="Arial">Are large enterprises sticking with consulting firms to gain expertise in implementing secure coding practices when they can't find full-time salaried individuals? </FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Any thoughts on the capabilities of large consulting firms such as Accenture, Cognizant, DiamondCluster or TCS in terms of secure coding practices or is this still in the domain of "boutique" firms?</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Has anyone ran across a job posting from any large Fortune 100 enterprise for a security architect / engineer that was particularly good that I should consider plaigarizing?</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Maybe the miss is in terms of compensation. What should an enterprise expect to pay in the marketplace for someone truly knowledgable in secure coding practices?</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">If I wanted to get a college graduate and allow them to grow into this position, are their particular universities that have received generous donations of static code analysis software so as to "educate" a younger workforce? If not, what would it take for us to collectively "ask" some of the vendors in this space to do so?</FONT></LI>
</UL>
<FONT SIZE=3><BR>
<BR>
*************************************************************************<BR>
This communication, including attachments, is<BR>
for the exclusive use of addressee and may contain proprietary,<BR>
confidential and/or privileged information. If you are not the intended<BR>
recipient, any use, copying, disclosure, dissemination or distribution is<BR>
strictly prohibited. If you are not the intended recipient, please notify<BR>
the sender immediately by return e-mail, delete this communication and<BR>
destroy all copies.<BR>
*************************************************************************<BR>
</FONT>
</BODY>
</HTML>