My wife is quitting her job and I'm thinking of doing some side work to make up the lost income. I'm not too skilled at the typical pay-per-job things like pentests, appsec, etc so I'm wondering what others do. For the record, I'm a Sr manager for a small team so I'm very technical but also deal a lot with compliance, metrics, execs, and higher level things. Lots of certs in IR, forensics and a history working in SOCs. I know I could just find a higher paying job but I like where I work and would rather just do some stuff on the side as time permits.
Hello AskNetSec! I'm not sure how else to word the title, so hopefully it's acceptable. Basically, I have been working in different facets of IT for 14 years. My current role is within IT operations as a systems engineer, but it's possibly evolving to be the first true role with an official information security component within the IT department at my company. I'm excited because I've always enjoyed the security aspects of my roles over my career, and my formal education was focused on information security. However, I recognize that I have no formal work experience in a security-specific role, and as such I feel like I'm "winging it".
I don't really know what a formalized incident response looks like within an established security department. I don't know what tools I have at my disposal, or should have at my disposal, to do my job effectively. I also realize that I may be overthinking it. But truthfully, I have no point of reference.
So I come to you all and ask for some opinions and insights to navigate as the sole person with these newly added responsibilities that I would liken to a security analyst, and do so in a way that makes sense and is effective. I'm happy to do my own reading and self-learning (I have access to PluralSight, if that would be useful), but also hoping maybe someone with experience can give some practical pointers and/or high-level procedural advice since I will likely be shaping this new role in coordination with my management.
Thank you all in advance!
Edited because my brain moved faster than my fingers could type :(
So let me start of by saying I have a Net+ and Sec+ certification and am a 6+ year sysadmin. Recently I decided to pursue my childhood dream of getting a hacking certification. I went through the pentest+ successfully. It's been a blessing and a curse. On one hand I'm a much better sysadmin, but on the other hand it's like I'm one of the few people to see ghosts or demons. Ive stopped most quality of life projects and have been patching vulnerabilities and searching for everything I can find to secure. When I'm talking about security stuff to my boss he's like yeah, go fix that. But then he's recently been assigning me these quality of life projects instead. I regret taking the red pill. I'm hella stressed lol.
I am currently a computer science student and I want to pursue a career in cybersecurity but I know that in order to get into security I will need some kind of experience before I can get a job in the field. I'm just wondering what are the best IT backgrounds to have or things that I should focus on that would help me develop skills needed for security careers. I know it depends on what kind of focus I want in security and for now I'm thinking more towards the defensive side like engineer maybe but I would prefer having answers based in either roles (attack and defense).
So to rephrase it a bit better I wanna know what are the best tenporary jobs that I could do to develop skills needed to switch into security (soft dev, web dev, data sci, etc...)?
So, I've just started a new job. Level 2, asset management and support with the usual tickets level 1 can't resolve getting kicked up to us.
Today, a ticket landed in my queue for missing password notes in Outlook. Simple enough, they're probably archived, and I have to educate the user that they really should not store their passwords here.
I jumped on to the user's screen to look over what's missing intending to help them find the archive and where these notes might live, move them somewhere secure, and delete them... but they don't go to "notes" in outlook. They go to contacts.
The user reveals to me that for years now (at least since 2016) she and others in similar roles have been creating contact cards, filling in all of their passwords to everything in the company in the "Notes" field....
And Sharing Them With Each other
From the user's Outlook I could see every password for more than a dozen users including some big names and lawyers that each of these individuals had willingly shared with her.
Needless to say, we've got a meeting with infosec in 30m to come up with a plan on how to fix this mess.
I've worked in InfoSec for 2 years now (at one large healthcare org), and previously had a 10+ year career in a different industry.
I've worked with some incompetent people before, but it seems far worse in InfoSec. I've known people with 10+ certs but no common sense and zero leadership or relationship skills. I've known people who, on paper, appear to be an expert, but when I speak to them, it feels like I'm talking to an intern (e.g., do not even know the difference between meeting minutes vs. agenda). I've also known people in InfoSec who have 100 excuses and take weeks to finish something that should take 4hrs. I've worked with people who may have been double dipping and despite what appeared to be passion, extensive experience, and significant expertise and certifications... they just couldn't deliver anything (even though they were VERY expensive!).
I'm wondering why that is. Is it... A talent shortage? InfoSec may just be harder and more complicated than some professions? Does it just seem worse in InfoSec because the impact of incompetence is higher than in other professions (ex., training industry)? The higher salary attracts more impostors? The emphasis on certifications leads some people to think they know it all when they have 3 or more certs, and there's a disconnect from common sense?
I am just curious... What's your perspective on this?
EDIT 1: It seems some people here are getting offended because they're assuming I'm saying that someone more technical should know these things. Not at all - that's not my expectation. I really appreciate the technical teams I work with because they have expertise that I don't, and I couldn't do what I do without them. I frequently tell them how grateful I am for them, and I think they're glad that I do a lot of the follow up and chasing people to ensure compensating controls are implemented and we have evidence of it, because they don't want to do that. They get to just give me their expert opinion, and I respect it, and work to make sure that business/application owners are following it.
EDIT 2: When I say 'incompetent,' I don't mean someone who is a little slow, or doesn't know a few things. I'm referring to a dumpster fire level of incompetence, the kind where people are lying and eventually get fired. I also mean people who just aren't getting any work done, or not in a reasonable time frame (like taking weeks to complete simple tasks that should be able to be done by a Sr Governance indi
... keep reading on reddit β‘If the Board wants to understand the benefits that are derived from their spend on IT Security, what is a good way to quantify and present the information? Anyone have any good resources or a framework to use?
Iβm thinking we should speak to risk reduction, use metrics of organizations with and without things like education programs to demonstrate the impact that educating the workforce has. Also thinking we should speak to the likelihood of events like ransomeware in our industry and show how we reduce that risk through out programs.
Happy to hear any thoughts on how to articulate Infosec benefits to a Board or CEO.
Thank you.
I am probably going to have to quit my security analyst job soon to take care of my son full time. Iβm also going to be starting OSCP labs but in the mean time at night I would like to pursue my own self employment. I have a lot of ideas for services to offer but donβt have time for all of them, and really not a lot of time to waste on things that people donβt really need or pay for. Wondering if any of you have experience doing your own thing, and if these are worth pursuing for the effort and payoff:
-Vulnerability Assessment(Nessus & Burpsuite)
-Log Management & Analysis (ELK Stack)
-OSINT (investigating and reporting on a target)
-Pentesting (just getting started with this so not the most immediate choice.)
I would get an AWS account to implement the above, and either offer as a managed service for clients or maybe even help them implement their own. Any opinions on which of these would be the best starting point? I tend to stretch my self thin trying and learning too many things at once and just need opinions to give me an idea of the best thing to focus on that people actually need the most, and wonβt take forever to get started. Thanks so much in advance.
Edit:
Want to thank you all for your responses, Iβve narrowed down my options quite a bit, and got some cool new thoughts to add so really appreciate it, this does not seem as scary or hard as before. Pretty sure Iβm going to focus on assessing smaller business and put some simple security controls in place for them, while trying to get some contract auditing role and just pentesting stuff on the side until Iβm competent at that.
As the title says, I just received an internship offer from a bank working on their information security auditing team. As a first year master's student in computer science, I'd truly appreciate input on what I can do to make the most of the opportunity, or any info on what I can expect walking in the door.
A little about myself:
-
First year MS student
-
I'm currently interning at a local security operation center as a tier 1 analyst.
-
I've been programming for a few years. Most my experience has been in C/++ and java. I've completed data structures courses in both languages
-
I haven't been exposed to networking much until recently.I have a basic understanding of TCP/IP and the OSI model, but that's about it. I'm currently taking a network fundamentals course on Edx between semester.
-
I like cycling, running, and long walks on the beach.
Thanks for reading!π
I will be joining in a Fortune 100 company as "Info Sec Incident Response Specialist" from Monday, I have my bachelor's in computer science and currently working on master's. Any advice for me this job? , Currently remote work. Office work from April. I have sec+, so should I focus on OSCP or CISSP?
Edit after some comments: Why Do some People here assume that, I don't have single clue about Infosec or IR, I have done my fare share of HTB in my university, got through the 4 tough rounds of interviews to get the position wanted VAPT position but they offered IR Position. I was Just asking advice from more experience and senior people. I was lurker on this community for lot of time. 1st time posting. thought people will advice to junior but good know about negative side of this community as well. Thank you to all the people who genuinely helped and give advice without questioning how I got the job.
Hey guys, been lurking for a while!
Loving that everyone is helping each other out with gigs & resumes!
I'm personally not quite there yet and have been teaching myself to code and all that jazz (python, CLI, and PowerShell). Also got AZ-900 and am studying for Sec+. But I really want to transition into InfoSec. (no education, worked in the supply chain industry)
That's a bit about me.
I'm wondering if you guys have any info on any cool discords, forums, and subreddits where I can find some buddies to chill/learn with, and hell maybe a mentor to build a longer-term relationship?
<3
Entry level position at infosec. I dreamed about it really. But now I feel awful. Would like to run away, but cannot let myself to give up so fast. So the only option left is to overcome this mental pushback. Can somebody share experience? Is there a good way to escape these mind plays and get back to learning and doing?
I checked out the ones on Meetup.com but a lot of those are either inactive or not active on that site. Been in the area for a couple of years, but I'm still feeling pretty new to the low country.
I was wondering if you guys who work in the cybersecurity field can recall any notable interview questions that youβve been asked in your career.
I have a Cybersecurity Analyst interview coming up for one of the top 5 defence contractors in the US. Needless to say Iβm a little nervous, and want to be as prepared as possible.
Thanks for the help.
In the times before the pandemic I did a lot of travelling for work. Since the start of the pandemic I haven't been further than Montreal (5 minute turn and burn to pick up an old Commodore 64) to the east, Belleville and Sand Banks to the west, and Ottawa to the north. I live on a small homestead farm with chickens and ducks (meat chickens and turkeys in the summer.) I'm an amateur welder and machine builder. I designed and built my own maple sap vacuum releaser including building the industrial controller and programming it. I do some high end microscopic soldering for a small, local company. I'd be interested to hear from anyone who has compatible or complimentary interests in the area.
Also, I had Covid in December 2019 before the widespread surveillance started and am double vaccinated (getting my third on December 22.)
Hi, has anyone successfully (or otherwise) ABAed to NUS infosec? I have a few questions to ask about the portfolio required.
First, my GPA will likely be about 0.1-0.2 below last years IGP. Is this too much difference for ABA? Or is it within the usual range?
Secondly, how much does not having a CCA affect the portfolio? (based on past applications) I dont have a CCA in poly but I have won top 3 in a few national level CTF events, one officially representing the school.
Thirdly, technical wise, how "good" are most ABA applicants? e.g. common infosec certs, exp in infosec etc. I am very specialized in one area of infosec. Is that good/bad/ok?
Also, if i do end up getting an interview, what are some questions that they ask? or is it all based on what you put in your portfolio?
If anyone wants specifics about my current portfolio you can dm me
Thanks!
Where and when are we supposed to register for courses? I don't see any time-tickets on canvas. Am I missing something?
Just curious if the terms are basically interchangeable or represents different aspects.....I know at one point it information assurance.
Iβm a recent graduate (21) and accepted a job offer for application support paying $75k plus benefits. However, I also have the opportunity to pursue an infosec apprenticeship with Robert Half. The apprenticeship pays $15-20/hr and is scheduled to run for 1-1.5 years. I am halfway done with the application process, I just need to interview with Robert Halfβs clients to get assigned somewhere. However, the apprenticeship is targeted mainly for undergrads and there is no certainty that I will have a job ready for me by the time the apprenticeship is over. Both positions are remote.
My future goal is to have a job in cybersecurity and Iβm not sure which position to pursue. I feel bad if I end up declining the support position after already accepting it. Iβm trying to find a way to work both positions since one is full time while the apprenticeship is around 20 hrs/week. But in the event that I have to choose one or the other, Iβm not sure if I should stick with the support role or go for the apprenticeship.
Hi,
I am an attendee of STL 2600 (a local chapter of the 2600.com magazine) at the saint louis hackerspace archreactor.org.
Our meetings are small and relaxed discussions (and not sales pitches) on different computer topics, oriented for those working or interested in IT, security, privacy, etc. It is the first friday of the month at 7pm, and we typically talk for 30 minutes to an hour or so and get a drink at nearby watering holes after.
This month, I am talking about different Linux inter-process communication methods with some example code.
You don't need to be an expert, or read the magazine/be a member of the space to attend. We do require masks (IIRC, i'm not in charge of rules, it may have changed). You will get a tour of the space before or after
I hope to get a couple new people to get some fresh ideas.
7pm 2215 Scott Avenue St. Louis, MO 63103 There is parking on site.
(Meetup.com usage not necessary) https://www.meetup.com/St-Louis-2600/events/281765715/
I recently graduated from college and am staring at two offers in front of me right now. The first is an information security role in a product based company. This means we handle all the internal security aspects of the company like assisting dev teams with best practices and vulnerability tests, maintaining infrastructure security and compliance, incident response tests and handling policies, etc. I know the work because I interned here and I liked it.
The other offer is at a security services company I'm not familiar with. Here, activities will be on client environments and products. They could range from red team work, penetration testing, web/mobile testing and the like. I have some experience with HackTheBox and Vulnhub so it seems interesting, but I don't think I want to be a pentester for life.
Besides that, there's really nothing much separating the two roles. Both are remote and the pay is similar. So I'm hoping to decide based on career prospects. Is the corporate ceiling higher for more general security work? Or is it the opposite? I want to climb up the ladder sooner than later so which of the two would be ideal?
Small background: at my company, traditional βITβ and Infosec are very separate. IT owns basically all security products and is unwilling to relinquish or even allow access to the Infosec team.
My question is what products in your companies does Infosec typically own and what does IT own? AV, PAM, EDR, SIEM, FW, CASB, etc. If IT βownsβ it, how much access does the sec team get?
Hey everyone, so I am in my senior year at university in a Cyber Security program and was hoping to get some feedback from some of you who are in this field on tattoo policies. What policies do many employers have on tattoos? I am an Army veteran and I am pretty much covered from head to toe in tattoos. I know most will be covered with casual business wear and I have a few small ones on my face and head that can be covered with longer hair(shaved head atm) and maybe some makeup or something but the closer I am getting to graduation the more I am begging to worry about the tattoos I cannot cover up like on my hands and neck. Is this going to be something that an employer cannot get past or affect my prospects of having a career in this field? Please any advice, tips, or personal experience would be greatly appreciated.
Edit: Thank you to everyone who commented /messaged me and gave their feedback and advice it feels good to know there are many people out there that don't fit the traditional office employee look in this field and that the industry has a general open-mindedness and acceptance to alternative appearances. Not having to constantly worry about this will definitely be one less thing stressing me out during my job hunt.
People seem obsessed with information security and it's confusing to the layman exactly how much we need to worry. They're always telling us 'don't do X, Y and Z' because Bad Actors will get hold of your data. They never elaborate on that. I should say by 'They' I mean infosec experts, companies, spokespeople - the people who talk about it in public, and the internal tech people in companies and agencies who send emails about the latest risk.
So my question is: how much risk are ordinary folk actually facing? Obviously, you don't give your credit card info to a stranger. But you don't do that anyway - whether it's an email or a person in a bar. Similarly of course you don't make your password Password123 unless you're determined to be hacked. But that's part of my question, which is if my password is Password123 what is actually going to happen, realistically?
It does seem like every company is concerned about infosec but every company also wants to sell you a product that they claim will protect you. Governments love to talk about online threats but never elaborate. Who is the threat? Who are the Bad Actors? Is it China? Is it Russia? The mob?
I understand banks and the CIA need to keep stuff secure. But how much risk is there to an ordinary person? Is it all a lot of hype to sell things, or is there actually a daily risk to everyone and what is that risk?
