Does your organization need to comply with HIPAA, DIACAP, SOX, GLB, PCI, or other regulatory scheme that requires that you not only secure your computer systems and networks, but prove you have done so by means of testing, risk assessment, vulnerability assessment, and/or penetration testing? I've written computer security policy manuals for government agencies -- I've consulted for several -- and at various times have been hired to try hack into banks and other organizations' workstations and networks.

I'm also a practicing attorney and former State of California Industrial Relations Counsel.

When, as for example right now, I'm between W-2 jobs, I ramp up the solo law practice and go out and hustle for clients. I've recently defended kids who were sued for alleged music piracy; and other types of cases I've handled include defending so-called "zombie debt" cases and other small business and consumer litigation matters here in Southern California.

I'd rather have a W-2 job, especially in information assurance/computer security, so if you know of something give a holler. No, my limited law caseload won't inhibit me from working full-time.

I'd prefer to stay in SoCal, but, of course, I'd love to be traveling and earning miles.