Ventajas
They have homemade cold brew coffee (not available anymore from what I heard the person who makes this quit as well) Beers and liquor you can drink after work Free costco snacks (gradually went down hill to few good ones) Friday lunch (Now they just have dominoes pizzas…Shame...) The interview is extremely easy.They hire people based on their "character" not on their competency so if you are a semi good person you'll be hired. This is a double edged sword because you WILL work with these “consultants” without any background in technology. There are quite a few “consultants” here who falls under this category (very hard to work with and get technical with). Few people were cool Vegan friendly Quarterly happy hour
Desventajas
First off, One of the Security Consultants quit to serve the nation and I remember one of the Principals made a joke in big yearly staff meeting saying something along the lines of "Everyone is here besides one person who quit. May he rest in peace." Are you serious? HE IS SERVING THE COUNTRY! SHOW SOME RESPECT! I saw Senior Security Consultant here who didn’t know how to open metasploit This isn’t pentesting… Sorry kids… Extremely under-paid and the raise is little to nothing. You will be forced to take any projects you can in order to get some billable hours. They do not know how to say no to clients. Feels like running a scam All the Project Managers are drama queens and ask you inapproperiate personal questions at workplace such as your political stance (which can affect the number of projects you can be put on). Some of them blatantly flirt with executives and other higher ups. All Project Managers have 0 technical skills If you're not part of the "cool old boys club" you are going to have a rough time here Principals Consultants/Directors here are incompetant not only in technical skills but also in management Extremely disorganized If you are not part of the cool old boys club they will book you on a gig from morning all the way to the next morning so you literally have no time to sleep.If you complain to them about it, they will tell you all those projects are equally important and will need them completed in unrealistic timeline. They book you in a way so you cannot reach the bonus. Meaning if you need to hit 70% billable time in a quarter to start qualifying for bonus and you are close to getting there, they will split your project with other consultants in the same boat as you so neither consultants will hit that bonus that quarter. You need to understand one of the biggest selling point of being a consultant is not only do you get to work on many different projects but also your can receive huge bonuses. - They try to give you little bonuses by throwing you a bonus chart that’s more confusing than a tax form. 10% of 10% of 10% of the 5% of something with conditions. If you are a mac user. You will get refused on it unless you are part of the cool club in that case you might be able to out-dated mac pro or cheap mac mini. I got refused by more than a few consultants here when I asked if I can shadow. Their exact words were "No" or "I don't have time to babysit" They just want you to complete their basic checklist, write up the report and go home. Most of the times you will not be able to do 5 day testing because you will spend one of the days just reporting using their terrible reporting software. They will discourage you to spend more time on testing because "you are scheduled for 5 day testing and if you do more than that your hourly rate will go down because they pay flat fee". If you coming here as an intern or an associate. Don't. They will do a terrible job training you and blame you if you don't know something and ask questions. You will have to teach yourself. You are better off doing pentest lab available online for free. -They will only teach you how to scan. SCAN SCAN SCAN SCAN... You will become a scan monkey with no actual pentesting skills. Good luck trying to get hired anywhere else after learning nothing here. You better hope that next place has no technical interview. -ANYONE CAN BE A SCANMONKEY! Literally a middle-schooler can do what they do. Press scan, verify and report. -If you don’t know what I meant by scanning is. It’s literally a button in a software you press... That’s it... And you just verify if scanner was right... Promotions here mean nothing. Anyone who stayed here for over 2 to 3 years will be promoted to senior. Pay raise is a joke. Many associates and myself as an associate have found more findings than many senior consultants here. People here are washed out. They are not motivated at all. They just want to do 9 to 5, clock out and get their paycheck every 2 weeks. This is not a place for people who want to grow and learn. This company will not help you grow at all. Want to learn how to do network pentesting? Nope, go do web application pentesting and go home. Want to shadow someone on malware analysis? Nope, cause we don't have anyone who knows how to do that. Can I get a VM Fusion? Nope, go use VSphere we share with 40 other consultants with 40mb of ram. It's a joke. I personally took on projects that earned the company over 30k and they can't even pay my 1k bonus. Where's the money going? Big boys up top. There is a reason why people who are actually talented are leaving. Why do we have such a big sales team that makes hundreds of cold calls everyday? Good products sell itself, right? They gossip so much. This place is like a high school 2.0. Immature work environment. The worst HR in the world. You have any questions about insurance, benefits and etc? You will find the HR often on their phone and not doing their job. I had to ask many times to get emails I told them to send me. - They will often forget to send you important things even after reminding them many times. These things can effect your living quality. - Or they will tell you wrong information and call you to tell you that they misspoke (too late!). They keep hiring associates because they know they can bully them around and the associates won't do anything about it. They can't afford to have actual talents or seasoned veterans because those people will know what NetSpi is doing is wrong and speak up. Benefits for this place is getting worse and worse every year. - Oh now we finally got VSP (vision insurance) but you need to pay - Oh you want a decent insurance? pay up You can have all the fancy titles you want. You are the only one in that department. King of ashes is no king. If you are not part of the cool club. They will talk bad behind your back. They can dish it out but can't take it. Cool clique guys will make insensitive jokes to you but when you do it, they'll become super PC all of a sudden and you'll find yourself in the HR or 1 on 1 with a higher up. Mentors, principal, managers will hold you back when they're supposed to help you grow and reach your goals. They hire people and fire them in less than 2 months (sometimes like 3 weeks). You are messing with people's lives here. Some of us moved here from a long distance for this job. There is absolutely no precautions with the hiree, they don't get in trouble at all for hiring a bad employee. - I personally saw people from all departments get hired, fired and quit too often All the qualified people either quit or get fired. This is because they refused to play the politics and kiss up to the higher ups. If you keep firing actual talents the company will never grow. -When I say kiss up I mean kiss up to a point where they all line up and sing happy birthday to one of the executive puppets from investment firm placed there (Equity firm who bought them out). - I've never seen this bad of a kiss up in my entire life. It's bad. Have some dignity. If you are thinking of relocating for this job. DO NOT! I REPEAT, DO NOT! IT’S NOT WORTH IT TRUST ME. They will disencourage you from doing actual pentesting. You think you can escalate your findings to something more serious like RCE (remote code execution [awesome stuff])?Nope, some arbitrary excuse about why you should not do it such as "just report that as X and finish the checklist". Good luck trying to get your bonus on time. Even when you have absolutely no work. You have to stay til 5 even when your own superior who warned you about this goes home at 3. YOU have to stay cause if you don't someone in the cool clique will snitch on you. Training: You will read "The Web Application Hacker's Handbook" for the first 2 weeks and do some easy labs. After that you will scan all day. One of the Principals in charge of training associates will not give you any feedback even after requesting it multiple times. - Request such as: Associate: "Can you review my report for any suggestions and improvements?" Principal Mentor: "Yea sure, I just got a lot of things to do" *Never gets back to you after 5+ times of asking **How are you going to know you are improving then? -If you are Principal because you are in charge of training associates and you don't do it. You should not be Principal in charge of training! If you want actual feedback, then you are going to have to go ask other seniors (not part of cool clique) for feedback. You will only learn how to do Web Application Pentesting and not allowed to learn anything else. Even on your free time they won't give you any advice and tell you to continue focus on Web App. -How about this? I'm going to do what the heck I want on my free time. If I want to learn how to hack networks then I'm going to learn how to hack networks. Don't discourage anyone from growing and pursuing their dream because you're incompetant and afraid of them growing and being worth something. They promised me Netspi U program will teach me everything I need to know to jump start my career in information security. What a lie that was. Netspi U program is a joke. I'll never forget this. Netspi goes to DEFCON every year like a family reunion (which you should not do because any reputable security company will know that DEFCON is a party scene not a place to learn like Infiltrate or Recon). Bunch of associates (newly grads with no money) and newly promoted security consultants went as well. As soon as we reached the airport. Principal and managers who are responsible for taking care of the new recruits just vanished. There was a strict per diem of only 60 ~ 70 which you are strongly encouraged not to spend over or about. - I remember there were many of us associates at the time who just moved to Minneapolis and newly grads with no money cause we just got hired. My manager did not message any associates for any type of check up, did not treat us to food or drinks a single time. But the principals and managers of course had company expense card they would use on themselves and their cool clique entourage kiss ups to buy whatever they wanted. - Vegas is expensive, I remember the cheapest breakfast place was still $35 for eggs and hash browns. I would have to go to McDonalds and other fast food places to meet the budget. - Oh and you have to spend your own money. You get reimbursed. meaning. Buy everything on your own don't care if you are newly grad and got no money. THEY DON'T CARE. The reimbursement money? Expect that back more than a MONTH LATER. GOOD LUCK PAYING RENT! Stop publishing fake reviews. These reviews can affect people's decision on coming into the company. There's a pattern to their fake reviews if con is a pro then its fake.At Least try to sound like a real review. Stop! Conclusion: You cannot treat people like this. You are playing with people's lives here. Change your work culture because its TOXIC. Suggestion to other people about to join: Don't join unless you absolutely have no other choice. Any other place will pay you at least 10k to 20k more with much better benefits than this place and give you better training.