[OrvalWintermute]

> Incident response is the highest bill rate infosec consulting you can do. It requires travel (used to, still does some today) and decently high technical skills

I take a tiny bit of issue with that.

Cryptography consulting is a higher labor rate, and higher end pen-testing w TS SCI+full poly, and application security gurus are above, or equal to IR.

There are currently poaching wars going on around talented IR folks. A fortune 500 recently hired away an IR colleague with whom I collaborated around tap & agg with a FAANG type offer, RSUs, the whole shebang

[bitexploder]

By volume. Cryptography consulting is a very lucrative niche but there is an order of magnitude less of it happening based on my wild guesses. I have run a high end boutique for 9 years and been doing infosec consulting for 15 years tho, so my guess is somewhat informed, I hope.

Even high end appsec, seceng, and legit reversing pays below crypto and IR. We just can’t charge as much for it for all but the most niche and demanding environments, which is not the bulk of what’s out there.

I am thinking averages here. I know there is high paying work in each domain, but the skills used are also highly developed, etc. If you wanted to build a high end consultancy with a lot of work IR is a great choice. I know ToB has done awesome in crypto (blockchain/contracts) space, etc. but I think IR work is a little easier to get into and build a business on without having really advanced and niche skills.

[tptacek]

This is like saying that Walmart cashiers have a higher bill rate than M&A attorneys, because there are so many more of them --- they're higher "by volume".

[bitexploder]

That may be a bit reductive, but I take your point. The deepest skilled niches in our field always pay most in absolute terms.

[dogman144]

Ya would also add smart contract auditing as possibly the highest billing right now. Pushes $400/hr for freelancing and similar w2 comp.

[sumdude1847]

IR/forensics consulting is definitely more than $400/hr.

[dogman144]

Hm would like to see JDs for that, unless you're referring to the really white glove stuff (ex-whatever, no name consultancies with incredible reps).

[OrvalWintermute]

Nope.

Have seen labor rates across Fireye, and a host of others.

[sumdude1847]

Then the rates you have seen are incorrect, old, or the result of special circumstances.

[tptacek]

It is not my experience that IR people bill $3k days --- though Mandiant definitely has billed out projects that high.