I’ve stated in the past that I find little motivation to go back to work for any large corporate institution as a security analyst, and there is good reason for this. I care about real security. If a company is so mired with ancient IT standards, and still insists they need credentialed Microsoft (MS) administrators to protect their MS environment, I want no part of that. It is not real security, it is pure theater and histrionics, period. If you are a forward thinking organization, and truly want to secure your assets, you won’t be employing people to “secure” Microsoft operating systems, you will employ someone to entirely re-architect your infrastructure so as to avoid endless hours of chasing malware phantoms on your desktops and servers. The cost to the companies who would do this security and infrastructure re-architecting would be far less than preserving their current models of prophylactic protection. And the costs of maintaining the new infrastructure would be drastically reduced.
Of course, the big subscription-based anti-virus companies don’t want this as it will certainly kill their cash-cow. And, the OS in question doesn’t want this because they don’t want change. If a company is truly serious about security, and they all should be, I will work for you. I will ensure your IT infrastructure is secured, but you can expect big changes in the way real security is done.