Replaced by Outsourcing -- What's a Geek to Do?

SafariShane asks: "Yesterday I was fired from my position as 'Network Security Analyst' from a financial institution. I was pushed out by a 3rd party vendor, who labeled me the major security risk, after performing a 'vulnerability assessment.' At the time, I thought a vulnerability assessment of our network was a good idea, but in retrospect, it occurs to me that this company, who's other product is 'Outsourced Network Monitoring and Intrusion Detection' may pull this little trick everywhere they go. Has this happened to any other network security folks out there. Does anyone know if this is a common practice, and what's a geek to do if they find out a 3rd party assessment is on the way? If this happens again at another institution, should I just start polishing my resume right away?" Here's a question I always wish I could ask managers, whenever the topic of 'outsourcing' comes up: if dealing with programmers overseas is more appealing to the bottom line, why not let your programmers work from home for 50-80% of their current in-office pay? For those of you who feel the threat of Outsourcing breathing down your neck, what are you doing to try and stay in your current job, or even in this current market?

"Here comes the obligatory South Park reference:

1. Perform Network Vulnerability Assessment
2. ?
3. Profit! (Sell Outsourced product)

Looks like they came up with an actual step 2:

Label anyone who is responsible for network security as the risk, and get them fired.

I wouldn't even dream up the above situation, except that when the assessment was done, all results were hidden from me. The company presented the results not to the geeks that can interpret them, but directly to the executives that still think 'Clippy' is a great product.

I'll also note, because people will ask me anyway, if there were other problems. In my year on the job, there was only 1 network intrusion: Welchia, which was contained in twenty minutes. Anyone familiar with Welchia will know that it is no easy task. I was never reprimanded for anything. In fact, I received a 12.5% raise only two months ago for job performance.

I doubt what they did was illegal, but it's bad business at best. Here is a group of network security geeks, who get other network security geeks fired, so they can increase their bottom line.

I'd like to hear comments from folks this has happened to, and what did you do as a result?"

Re:DUH

[frodo+from+middle+ea]

I was working in India, and I can tell u , that is not a good option

One of my colleague was almost fired because he installed linux on one of the old 486s, which was gathering dust. The security auditing company labeled this move as a big security breach, as they claimed linux is a hacker's operating system and has no place in a corporate environment.

Most of these auditors are MCSEs having no clue what so ever, and they think that if they can't find someone to fire, then their job is not done.

How to move to India?

[MongooseCN]

In all seriousness, just how does one go about finding a job in India? I've always wanted to visit India, Nepal and other countries in that area. Being an unemployed programmer makes it even more enticing as I see more and more IT jobs going to India.

Most Indians speak English so language shouldn't be an issue, but how does someone find a job there? How do you find a place to live, or learn about the cultural differences?

Have you seen Battlestar Galactica on Sci-Fi?

[Ride-My-Rocket]

"You're a major security risk" is NOT good enough.

That is, unless your homeworld has been nuked by Cylons and you suspect a certain arms dealer is a Cylon infiltrator. Then it's a very valid one.