How can I do cool non-cleared computer security work?
It would help to know what you define as “cool” about working in computer security. If it’s policy and the systems that surround/enforce policy, you might try for a job at a consulting firm that handles security and compliance systems (I refer to Sarbox as “the 21st-century
Start meeting people in the field. Go to security conferences (SANS, Blackhat, RSA) if you can afford it & hacker cons (Defcon, HOPE, CanSecWest) if you can’t. Go to local security interest meetings like the ones sponsored in several cities by Matasano Security. Get involved in online security forums at SecurityFocus. Network, make contacts, show off your talent & let people know you’re available.
Follow-up from the OP: First off, thanks to everyone who posted here. I appreciate your input. I suppose I should’ve been clearer when I wrote the initial post: I’m asking this for contingency planning in case my clearance doesn’t go through. That’s why I stipulated that I was looking for things outside of (federal) government work — everything I’m aware of requires a security clearance. I’m a civil servant now, and for reasons of my own, I’m emphatically not interested in becoming a contractor, so it’s civil service (not military) or private sector work — nothing in-between. It looks like it’s about time to roll up my sleeves and do some good, old-fashioned networking. Re: the drugs, I admitted everything on both my SF-86 and to the investigator in person. Including that Ambien that my dad gave me on a long flight to help me sleep, because it’s technically prescription drug abuse, even if it’s not recreational. During the interview, the investigator didn’t delve into anything other
