Unconfigured Ad Widget

Collapse

Cyber Security Career w/ no Experience

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • yolocalypso
    Junior Member
    • Apr 2021
    • 80

    Cyber Security Career w/ no Experience

    What is the best way to move into the cyber security side of IT without any prior experience? I?m a systems analyst currently, been working for about 6 years, but I?m looking to move into the cyber security side. I?m working on a couple certs, and I have school experience as CS was my concentration, but no formal experience. What job titles should I be looking for?
  • #2
    Cowboy T
    Calguns Addict
    • Mar 2010
    • 5725

    Turns out that I'm, among other things, a cybersecurity guy. Depends on what you want to do in "cybersecurity". Any idea of what you like in that field?
    "San Francisco Liberal With A Gun"
    F***ing with people's heads, one gun show at a time. Hallelujah!
    http://www.sanfranciscoliberalwithagun.com (reloading info w/ videos)
    http://www.liberalsguncorner.com (podcast)
    http://www.youtube.com/sfliberal (YouTube channel)
    ----------------------------------------------------
    To be a true Liberal, you must be 100% pro-Second Amendment. Anything less is inconsistent with liberalism.

    Comment

    • #3
      yolocalypso
      Junior Member
      • Apr 2021
      • 80

      I really enjoyed the exploits and hacking part when I took it in college, but I think I?m a ways away from that in a career sense.

      Comment

      • #4
        FF90
        Member
        • Jul 2014
        • 158

        1st step is to get Security+ cert

        Comment

        • #5
          yolocalypso
          Junior Member
          • Apr 2021
          • 80

          Working on that one already.

          Comment

          • #6
            xfer42
            CGN/CGSSA Contributor
            CGN Contributor
            • Sep 2007
            • 709

            A support role at a firewall manufacturer is where you get tossed in the grinder and have all the latest issues forced on you. It sucks 95% of the time, but you get incredible knowledge on the latest threats and techniques on how to mitigate them. With no experience, you probably wont start in an operations type role, which is likely where you want to end up.
            Last edited by xfer42; 03-21-2023, 6:21 PM.

            Comment

            • #7
              SnipTheDog
              Junior Member
              • Mar 2016
              • 58

              Lots of companies have people to de-filth their sites of kiddy porn and other disgusting stuff. Burn out is high but jobs are available.
              I have a friend that would get bounties from law enforcement for turning in the perps.

              Comment

              • #8
                xfer42
                CGN/CGSSA Contributor
                CGN Contributor
                • Sep 2007
                • 709

                Originally posted by SnipTheDog
                Lots of companies have people to de-filth their sites of kiddy porn and other disgusting stuff. Burn out is high but jobs are available.
                I have a friend that would get bounties from law enforcement for turning in the perps.
                Yikes. Back in early 2000s when inline content filtering was a fairly new feature for firewalls, all of the claims and/or complaints about "kiddy porn" getting through had to be reported to the FBI. It was pretty much halt at that point.

                For regular porn, we would always check and verify on our lab machines, which were at our desks. So it wasn't out of the ordinary to go to someone's cube and see them checking porn sites.

                Comment

                • #9
                  HKJay
                  Member
                  • Sep 2011
                  • 109

                  Agree with Cowboy T that it kind of depends on what you want to do. And also to an extent what your salary requirements are. If you're already making a decent salary it's going to be a lot harder to transition with little experience.

                  To give you _some_ answer, I'd start with "SOC Analyst". Lots of local businesses are running small SOCs and there are a couple MSSPs like Proficio down in Carlsbad that are looking for cheap staff to serve as basically Tier 1 ticket takers. With some talent, hard work, and spending around a year learning the basics you could likely transition to a tier 2 role and move up from there.

                  Comment

                  • #10
                    Abu Riyah
                    CGN/CGSSA Contributor
                    • Apr 2015
                    • 523

                    Agree 100% with all of the above. A SOC Analyst position is kind of the entry-level position for security much like help desk is on the ?pure? IT side. There are many paths and many specializations?I do cyber insurance claims-based digital forensics and incident response?a lot of business email compromises and ransomware investigations. The first involves a lot of log analysis and the second is more system artifact analysis, so it ends requiring a broad skill set with depth in a few areas.

                    There?s no one path and there are many ways to get to your target position. The hard part is identifying what you ultimately want to do or be and then having the flexibility to accept that that will likely change along the way.


                    sigpic

                    Comment

                    • #11
                      brassburnz
                      Veteran Member
                      • Nov 2006
                      • 3553

                      One of teaching colleagues picked up a cybersecurity certification from UCLA extension. Was offered a job at a bank with a 50% raise. Took a leave of absence from the classroom. He lasted a week working from a cubicle. Not his cup of tea.
                      NRA Life Member
                      CRPA Life Member

                      Comment

                      • #12
                        Cowboy T
                        Calguns Addict
                        • Mar 2010
                        • 5725

                        Yep. Definitely start at the SOC Analyst if we're talking about penetration testing and exploit examination. A CompSci degree can, if they taught you well, be helpful in analyzing binaries for bad behaviour. Used to work with a guy (CompSci grad) who did just that, and he seemed to enjoy the work.

                        Know this, though. What we now call, "cybersecurity", formerly called, "information security", really is just one aspect of proper systems engineering. If you aren't doing information security, you aren't doing proper systems engineering. I know, there's specialization, and that specialization is needed. But keep perspective and take a holistic view toward whatever system you're working on. That'll help you keep your eye on the prize, which is, ultimately, a properly functioning system that does what the designers of it intended for it to do. Remember "C.I.A."

                        C = Confidentiality
                        I = Integrity
                        A = Availability

                        That's what you want for your information. You want it to remain confidential, you want to keep its integrity, and you want it to be available to those who have a need to know. That's what INFOSEC, or now "cybersecurity", is pretty much all about.
                        "San Francisco Liberal With A Gun"
                        F***ing with people's heads, one gun show at a time. Hallelujah!
                        http://www.sanfranciscoliberalwithagun.com (reloading info w/ videos)
                        http://www.liberalsguncorner.com (podcast)
                        http://www.youtube.com/sfliberal (YouTube channel)
                        ----------------------------------------------------
                        To be a true Liberal, you must be 100% pro-Second Amendment. Anything less is inconsistent with liberalism.

                        Comment

                        Working...
                        UA-8071174-1