Solved Security Consulting

---

Anyone go out on your own either as a side job or full time security consulting? What all services did you provide? (Risk assessments, pen testing, ...) How did you get started? What advice to someone thinking about doing this?

@Derek-Agar252,

This is not for the faint at heart. The best bet is to get hired onto a security firm that already does this type of consulting for business. This lends you the resources and benefits of a group rather than relying on your own skills and talents to try and do something that is difficult.

The services side of things should include not only what services you should consider but also the SLA of those services. Most firms can do a higher SLA than what a single individual can do.

You're not likely to be able start a security consultation business without previous experience usually working for a security firm. This is because experience, skill and resources are key to any consultation business that people that are new to the field do not have.

So I would recommend that if you don't have any previous experience, you should try for a security related job first. Gain some benefit of skill and experience serving actual customers first.

If you're already experienced in skills and experience, do you have resources to do all that you want to do, if not you can build those through networking and being willing to work out agreements with others. This is where working for someone else helps, relationships that you've built with security professionals do not tend to break off completely even if you leave the company.

If you're not a business person like myself. I'm pretty decent technically, not compared to the other guys here at ITProTV. You'll need those to help with the business side of your consultation to know what your market target will be and what will keep people as your customers.

Hopefully, others will be helpful in their responses to you as well!

With no other responses, I've marked this as solved.