Now that's the funniest thing I've read all week. Did you know Nash? Long time friend of mine, he worked there a couple of years too.

As to the original poster's question-
The question is a bit vague, but yes- I've been working full time in the computer security industry for about 9 years. (Prior to that there wasn't much demand for infosec-type work so I did lan/wan design and troubleshooting.) The last 6 years I've been in the Information Security dept of a large company, instead of working for a provider.

What I do remember from working for various integrators and consulting firms was this- The difference between what the engineers (us) had in our heads as valuable and what the sales people had in their heads as valuable was huge. This was a constant source of problems.

The sales people made impossible pitches. The engineers delivered things that neither the sales people or the customers wanted to hear. A lot of this was due to a lack of level-setting by sales. It was a mess. That's largely why I decided to move into the more political and less glamorous world of working for an "end-user" instead of doing pen-testing and consulting. (That and I got sick of the travel and the 60+ hr work weeks.)

Ethics... well there's another beast altogether. My experience is: the smaller (and younger) the company, the less ethics their sales people / management have. Of course that's not always true, but it was a pretty decent first swag- at least it was a good indicator of how much salt you should take with them.

If I hear one more "enterprising business owner" pitch the idea of "hacking into people's networks" and then selling them a security solution I'm going to start carrying a pipe-wrench around. I mean, geez- people... does that REALLY sound like a good idea? That's like breaking windows to sell car alarms. There's a reason that it's illegal in every other industry to generate sales that way.

Ugh.

-pm

Secret and Lies is a good book.
Care to expand more on the irony of working for Counterpane?