cybersecurity

3173 readers

2 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

[email protected]

Infosec Engineer AMA (infosec.pub)

submitted 1 year ago by [email protected] to c/[email protected]

40 comments fedilink hide all child comments

Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I've worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I'm also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 1 year ago (1 children)

Having a CTF on your resume and being able to speak to that experience is great imo. Early-career is always a bit difficult for resumes since you wanna beef it up but you don't want to fill it with things that don't matter. CTFs, trainings, content you've created (blog, podcast, write-ups, GitHub), etc.. are all great things to put on there imo. If you have any coding projects or cloud experience (easy enough to get) you can put that on there too. Will you be looking to get a job while pursuing your masters?

[–] [email protected] 2 points 1 year ago (1 children)

I'll go for something like a TA maybe. I have some job experience already (sde, not cybersec) so idk if it counts.

things that don't matter

Can you give some examples so that I can avoid that

[–] [email protected] 3 points 1 year ago (1 children)

Mostly non-tech experience. This is subjective and will vary hiring team to hiring team but in this field I have always glossed over any non-tech things on a resume. There's so much opportunity for people to learn and get involved with IT/security that there's no excuse to not just focus on those competencies on the resume. Just my opinion.

[–] [email protected] 2 points 1 year ago (1 children)

Okay. So my experience as a software developer while not the main thing being judged will still be relevant?

[–] [email protected] 2 points 1 year ago (1 children)

Absolutely still relevant!

[–] [email protected] 1 points 1 year ago (1 children)

Thanks a lot! Also any certifications I should start doing rn?

[–] [email protected] 1 points 1 year ago (1 children)

Kinda depends what you want to get into. If you’ve let to land your first security job maybe something like Sec+ to help get your foot in the door. If you know what discipline you want to get into (appsec, endpoint-sec, etc…) this could help further filter down what cert/training might be best to shoot for. Do you know what you think you want to do?

[–] [email protected] 1 points 1 year ago (1 children)

I was thinking Network Security. But I'm not sure about it. Sec+ will help me decide that?

[–] [email protected] 1 points 1 year ago (1 children)

Depends what you mean by “Network Security”. A lot of companies have adopted cloud-first environments so traditional netsec is more so cloud infra. In this case there are cloud-specific certs from Azure, AWS, GCP you can take that would be great. If you’re considering traditional network security it may be different. (Though a lot is very much shared).

[–] [email protected] 1 points 1 year ago

Okay. Thanks a lot! :)