Anyone else here move from 5+ years "general" IT (helpdesk/network configurator/sysadmin) to Cyber Security (specifically Incident Response)?
I have my first big "true" Cyber Security / DFIR job interview coming up at a bank since I got a CISSP a few months back - curious if anyone else has done similar, and what the interview process is like.
I have a gist from Google searches, but that only tells me so much.
If you have the CISSP certification, you're probably going to know enough to hit the ground running. A lot of the kidiots I've worked with come out of school with degrees in CS, but they don't know how to do anything. This is why you can get someone with a pulse, send them to a bootcamp for 12 weeks, teach them how to write CRUD apps and use valuable skills like how to use JIRA, and they wind up making like $55k a year to start.
Similarly, most of the people I know who have degrees in cyber security can't do anything practical, have never gone through an actual code review, have no idea how enterprise level code should look, yet simultaneously have terrible attitudes because they think their education makes them more employable. In fact, most of the people I've seen trying to bridge into security just have a sec+. With the CISSP you know enough practical shit that you can be taught.
Cool, thanks for the insight.
To keep my skills sharp I just knocked out eJPT (simple pen test lab), do HackTheBox and am going for my OSCP as well this year.
For the record, I'm working on a masters in cyber security and already have recruiters at google blowing up my inbox. It's such an in demand field that people are doing anything to hire these guys. If you're willing to learn and grow, you'll do fine.
That's awesome! I was a bit stunned; I had an initial phone screen and they told me they were sending my straight to final on-prem next week.
I did my cyber security education kind of in a silo - I've always been interested in it, I didn't even know it was its own field. I was doing shit just like this in 2009 as a sysadmin for an ISP, just thought like an attacker might. My jaw dropped when I found out cybersecurity was its own field (I took a several year hiatus from IT to grow an electronics company).
While working my current IT job (general IT), as soon as I got the offer 2 years ago I made an excel list of the most common CS certs I saw and quietly got 5 of them.
Ah, you were a sysadmin for an ISP, can you a question?
My dad and I were debating this the other day, but how much information do they keep on their users and the sites they visit? More importantly, do they pay closer attention to you / keep a list / notice if you use tor? I know you were working a while ago and things might have changed, but my dad and I were trying to figure this out in a car ride once (I think he's convinced your ISP can't even tell if you're using it).
I'm in a similar boat. My dad was a network engineer so I grew up doing this stuff most of my life. He does like management now and his tech skills are kind of lax.
Funny you should ask this, this was part of my duties, and I was chosen specifically because of my investigative ability (and that's part of why the switch to cyber security feels natural to me)
In short, yes, absolutely - we had a separate "watchlist" of customer IDs and watched for abuse patterns. More than once I had to liaison with law enforcement to turn over logs.
You wouldn't last a month.
A slut will most likely get you fired for sexual harassment accusations.
Soooo many questions.
So wait, what constitutes an "abuse" pattern? Just using tor? Using it regularly?
Are there general timelines involved? Like, how long between using it would it take law enforcement to get involved or whatever?
I remember because there was this hot debate in my actual CISSP class over whether or not TOR was even worth using because it ostensibly draws a lot of attention to you from your ISP.
1. how old are you?
2. where do you live?
3. what is your current occupation?
4. list your top 5 skills
5. post timestamp
6. DO IT FAGGOT!!!