Network Automation | Linux | Docker | Ansible | Python | BASH | Git GitHub GitLab | Cisco IOS & Nexus | Palo Alto | DNS | BIND | IPAM | DDI | DHCP | Infoblox | ITOM | ITIL | ServiceNow | AWS | DevOps | SRE | CI/CD
BEING CHEAP AFTER A SECURITY BREACH DOES NOT HELP YOU!!!! MGM Grand's IT crashed and burned because of a hacker, and now they are only willing to pay $100 an hour 1099 to get things back up and running?!!!! I didn't include this, but it was in the job description: Work Environment: - Office-based working 10-hour days until the job is done on October 15th - Some on-call responsibilities may be required. 10 hours a day, on-call, for $100/hr 1099?!!!! For that little money, a hacker could get hired for this job and learn more about their internal network and systems. What they need to do is hire a contracting firm, but then they would have to pay at least $400/hr, if not more. BEING CHEAP AFTER A SECURITY BREACH DOES NOT HELP YOU!!!!
Maarten B.
11mo
At least they’re honest about the fact that you’ll be working 70 hours per week. I bet their overtime policy is fantastic too. 🤣
Bruce Mikel
11mo
How did they get hacked? Well it started on this very platform LinkedIn. They impersonated a employee profile and called the organization’s service desk to ask for access to their account. This suggests that they didn’t have a system to enforce end user verification at the service desk. After initial entry, they gained administrator rights and proceeded to deploy a ransomware attack.
David Miklas
11mo
Paying an hourly rate for an independent contractor is a red flag for possible misclassification under the FLSA.
Mark Licke-LION
11mo
That's pretty much how they got in to that boat
Gary Feinstein
11mo
Perfect example of a questionable job listing. Firstly, a qualified technology recruiter should never post the client name (unless specifically ok'ed by the client). I'm not sure why any company that is looking for security Ops or IT Administration would want their name posted in the description for all the world to see. Secondly, why mention a recent Hack in the Job description? That's really poor optics. I can appreciate being candid about the breach but I'm certainly not leading with that for job applicants. 70 hours a week seems excessive, no? I'd question this listing and the associated firm that sent it.
Igor Khokhriakov
11mo
Oh, wow, MGM was hacked... Anyway I see positive that at least they are try to fix things fast (sure that is a corp). There is another story, this summer one of the research facilities in EU was hacked. They went to a complete shutdown for a half a year, but most importantly it is very unlikely the cyber security situation will improve after even that amount of time
Mark Wright
11mo
Spending money on security after you were bitten hard is what you expect even though it's stupid. Being cheap after you were bitten just adds insult to injury.
Jeff Pewarski, MBA
11mo
Your MSP should no be doing security it's two different vertical these days. MGM is public they should be following SOX. Sad to see.
Ralf Lenz
11mo
lol i wouldn't do this for 400/hr 1099. 5k/day 8hrs. you want this done properly? Thye're a fucking casino, running a business that should literally be a license to print money.
Security Engineer | Splunk | Cribl | CySA+ | Pentest+ | Security+ | CISSP
11moI'm not familiar with 1099. What makes that especially bad with the rate?