#cyber-and-careers

I’d probably combine that and your “additional information” section together under hobbies/projects or something like that

I would probably cut your certifications section too until you get more well known certs like sec+, cloud certs etc

Paths and classes are not certifications, are those internships real? too small, should be on 1 page

Sure

I don't have paid certs that's why inserted those and yeah those interns are real

Dm'ed you

I wouldn't entertain this CV as an HR manager myself If I have to be completely honest.

@idle river

I have another interview tomorrow for a junior cyber security analyst and they said they will go theough scenarios what scenarios might they ask or how to prepare for

https://twitter.com/badthingsdaily

oh the latest entry made me chuckle: A core dump containing secret keys has been exfiltrated from an engineering laptop.

Would a website portfolio be beneficial for cybersecurity job applications? I have seen many for web designers showcasing their projects, but not too sure what type of information a cybersecurity portfolio would entail

Github

So I have a web portfolio that hosts blogs and writeups, and then also points to my github, should I change that?

I would link both then describe their difference

unless your website is hosted on Github

it is hosted on github.io yeah

Yeah, just link your website then and I'd say that's good already

Awesome, sounds good, thank you!

Morning fellas. Can I please get some input on my resume?

Please explain why

what other websites are good for cybersecurity

I agree with Tr1dent and for me personally, it's because your resume is filled with alot of fluff and surface layer information. "CTF Player" isn't work experience. Your certs aren't certs. Even your internships sound fake due to the generic responsibilities. Also, you want to order your resume starting with the most relevant field and since you don't seem to have any practical experience or paid certs, you'd probably want to lead with your hobbies/personal project then education then work history (work history can be higher but as it is, nothing in your work history stands out to me as actual work experience)

Understood

So should I remove the certs section?

Yep

Add it back once you get sec+ or something

Not anytime soon🤧

I guess the intern title or description is bad for work history

I was an intern for creating CTF challenges at a platform which is something like picoCTF to practice ctf

Internships are fine for work history, you just need to provide less generic roles and responsibilities

Like "carried out day-to-day duties", "performed duties in accordance" what duties? what were you doing? any tools you worked with?

TBH that was created by chatgpt so I didn't paid much attention to it lol

Gotta change it

Explain the CTF challenges you created

Are they in production, are other users actively consuming them ?

The site is still in production

Then say that

Sure IG the description wasn't good according to the role

Created multiple CTF challenges ranging from Web, Crypto, and Binary Exploitation that allowed users to elevate their skills and teach them new attack vectors.

thats how i'd say it

I see in your cybersecurity internship you did security audit, audit using what framework?

Is it an internal one or are you following a standard? what is it based on?

Can I get some advice on my resume please?

Don't just let AI spit out your resume, make sure you're reviewing it too

It wasn't a audit as I said
It was gpt😭

Put your work experience at top, thats what employers look for

Biggest mistake

group certifications with education

Will do. Thank you

next to eachother^

Gave +1 Rep to @dense dagger

Will do. Thank you

Does the skills section looks okay?

You should be able to say something on all of those

Yeah I think its fine, but be sure you're comfortable with these enough to talk about it in interviews. Rather you should feel comfortable to talk about anything you put on your resume

Risk assessment and management, what about it did you do?

No practical
Just THM stuff

Like I have an understanding of it

I would change the formatting to condense it down, like technical skills/tools is taking up alot of unnecessary space. I would also condense your work history into 3 bullets or so. I also wouldn't consider those projects. These sound like a room in THM or something

Projects would be like setting up a homelab

Thank you for the input. The projects are actually legit projects I did and have documentation on. That wasn’t tryhackme. The cloud trail was implemented on my personal AWS environment i have up and running. Maybe I need to word it better?

Gave +1 Rep to @plucky marsh

Maybe not the Mitre Attck framework. I had a few of them and couldn’t put them all on there. I can use a witeshark project or splunk?

I guess the way that it's focused on CloudTrail seemed to me more like you watched a video or followed a walkthrough on how to use CloudTrail. Maybe rephrase it more around what you said - setting up your own personal AWS environment

If you're going for a SOC role then those would be better projects to list here

Maybe even replace these two with Wireshark project and Splunk project since cloud technology isn't as relevant to SOC work compared to Splunk and Wireshark

splunk and wireshark is also important tho

That's what I said

aws would be an advantage if done

Thank you for your input. My splunk project is still tied to my cloud environment tho. The logs reviewed in splunk is being pulled from my cloudtrail logs. Maybe I can elaborate well on the cloudtrail project and add the wireshark

Gave +1 Rep to @plucky marsh

Yeah, that sounds great! Sounds like a strong project for the role you're seeking. I would try to capture that on your resume then instead of it being focused on Cloud Trail. Maybe like a logging project? Tool used: CloudTrail, Splunk, etc. Purpose was to integrate logging into your personal aws environment and to provide experience with log analysis, siem setup and splunk exposure. Something like that

Hey guys, can anyone help me review my resume? I am currently looking for Summer 24 internships in the US, and I would like your help to give me some feedback so that I can update my resume accordingly. I will DM you the resume, please help me out.

Just anonymise it and post it here as an image/screenshot so you'll have multiple eyes on it

That is some great advice! Thank you so muh!! I will get working in that

Gave +1 Rep to @plucky marsh

got it,
Doing it right now

Alright, this is my resume. Please review and give me your feedback.

What are you applying for?

I am applying for Security Engineering internships/SIRT internships for Summer 24

Is internship still something you'd consider with your education?

I think your profile works for entry-level roles already

Actually, as I will be graduating in May 2025, I am looking to gain some experience through internships for the Summer of 2024. My university allows me to do internships only until I have graduated.

Whaaa same bro I am looking for internships as well good luck

Wait do we both have same guy pfp

Writeups and blog posts help at all? My mentor told me to do writeups almost in a pentest report style

Does the Google Cybersecurity Certificate belong on a resume at all? Thoughts?

They do, you get better at writing reports and outlining vulnerabilities

I think blog posts are reserved for research or projects you've done and want to share

I have the IBM version of this. I have it on mine because it’s what I have, but the weight behind it is not very heavy

yeah, I definitely will do more writeups than blog posts

A pentest report will be drastically different from a writeup though unless you actually want to mirror a pentest report

I suggest doing the Wreath network and writing a pentest report regarding it.

That would be more aligned with what you want to accomplish than just doing writeups

I’ll look into it. If I get bug bounties that get disclosure permission, should I do the same for them? @dense dagger

Yeah for sure, that works

Hello Space Cowboy

I did some updating

Any thoughts now?

Work experience > Education > Certifications > Skills > Additional Information

I’d suggest that flow

I see

Thanks

I see you also copied whar I said word for word on CTF Development, if youve made actual challenges there, its all good but if not it might be backfire on you

I did make some

Not binex tho😅

maybe don’t lie on your resume

I have made binex challenges for practice
Just not for the intern

Thats why didn't remove it

I guess if you can prove your knowledge on the subject

Hi guys, so basically i get a bonus to do 4 courses and one of them i choose LGPD, this course can help me land a job in cybersec in future?

Think LGPD in US would be called DPO i don't know if it is

Wait tryhackme consider as experience ?

In europe its called GDPR

And is google cybersec course/cert valid for try something on?

Not professional work experience

That's why added in extras

I don't have much work experience

Same trying to find som low int job but is hard

@idle river I am not going to lie but you should lower the summary this is to much

Oh you think so?
I will cut it down

My professor say that objective and summary worth of nothing

I thought it would be better since it summarize our goals and achievements

I like reading them if they're written well because it can summarize their resume and if they mention something in there of interest, then I can further look at where that experience was relevant

@idle river was your professional summary also written by chatgpt ?

No
It was by me

Should I make it more relevant to the below things?

I would rephrase it into a third person summary and I would make it flow better with grammatical changes. In your case since you don't have too much to lean on, then your summary is more about your aspirations whereas more established individuals can summarize what they've done in their career

Gotcha

Hi Guys, I have updated my resume a little, its tailored for graduate positions hopefully in cyber sec, any opinions please

ignore organisation

HMM I think you should different format because for me it look so wide

Make your projects into a list too

PJPT or eJPT?

Neither

This question depends on your goals. They're two different fields. They are both beginner certs as well

For your projects add your github

i would move ur job to the top, expand ur projects more, in my opinion "core competenecies" i, as an interviewer, will ignore.

If your job + projects + certs shows you know python, no need to put it! 😄

I would recommend skipping both and going for OSCP if you/your employer can fund it. Otherwise go for PNPT or CPTS for a more reasonably priced option, but don't just jump into a certification path. You should spend time on TryHackMe and other platforms getting comfortable with the starting tools and techniques, be comfortable with Linux, Windows, networks, learn a little about bash, the windows cli and powershell as you go

What should headline if I don’t have the work experience, and only have one certification within cybersec? Should I put projects first?

There are elements of every job that align with some aspect of security. Even when I delivered pizza, the relevant security portions are building working relationships with diverse personalities, physical security processes and procedures, prioritization of work based on current business needs.

interesting. So under “responsibilities” should I only put what translates to security?

for example my current position, maybe something like “performed research to fix and eradicate any system or program errors”

even though the errors are with a CNC machine, it could translate

Use your best judgement, but you should be able to link some aspect of your current job to security tasking

I would lean on projects, do you have an it/sec related schooling?

I have competed in Cyber Patriots in HS and made it to Gold Tier, specializing in the linux machines, however, no college other than random courses here and there I found available

I’m not sure I would consider all of those security specific. Just the physical security example

How old are you? How recent would the Cyber Patriots be? Also perhaps look into an IT or compsci bachelors. Not impossible but hard to get by without a degree in IT nowadays

I graduated when I was 16, and I’m 18 now. Will be 19 soon. College is hard to commit to, as I am married, about to have a kid, and not making enough working full time even to afford it

A lot of security is managing relationships with other teams, because security shouldn't have admin permissions on anything they are evaluating. Soft skills are of equal important as technical ability. Many security teams have an overwhelming amount of work to do, being able to prioritize that work is crucial to improving and maintaining the security landscape

It'll be tough but you are young and still have endless energy. Look into at the very least a junior college or accredited vocational college. It'll help you get your foot in the door with many HR, and be a fairly cost effective way to have a known baseline for your knowledge and skills

I'm not disagreeing, I'm just saying I wouldn't consider those security specific. Managing your work and having soft skills is useful in really any profession

you think just a 2 semester vocational program would help? a whole lot easier and affordable to try to work into my life

Right; my point is that if one doesn't have an IT background, relating work experience is important to justifying why one is qualified for the role. And many IT managers have never worked service industry jobs, so it's important to establish that link

Okay, so relatively recent. Maybe try and land a help desk job first and pivot. That should be rather attainable without a degree. I never went the help desk route, but afaik A+ is good enough to get hired there

If you don't get recognized certifications or an AAS/AS out of it, I wouldn't recommend you do that

It's also the ideal route to go so you get that good IT foundation too

that is what I’m going for. Have got a response from one so far, but only asking for more information on my application. Looking at lowest level I can get into, while I sharpen my skills in the area I want to work in

Often, a BS in CompSci will overqualify you for help desk. With my degree and academic background, I was able to jump straight into a senior infosec role. That wont' be true for everyone, but a degree often shortcuts over the junior roles

Since the Cyber Patriots is recent, I would lean on that and personal projects on your resume. Work towards some certs too while applying for help desk positions

again, I’m studying for pentest+ right now, my mentor advised it to be my next certification, but I think right now focusing on projects is my best bet

Well in his case, a bs isn't very realistic, so help desk is his best bet at this moment

what certs do you have right now?

I get that; a BS concurrent to help desk would be a huge boost. A good employer will have a subsidy for employees that pass those classes, it's a really good way to get that degree without going too far into debt.

IBM Cybersecurity Analyst, doesn’t have much weight, but researching it with my mentor seems to have about the same information(plus some) as Security+. Just not CompTIA, and very much so new, that it’s not really recognized

Going into debt for school (especially for something IT related) is not a terrible move, as your base pay increases a lot, giving you more room for percentage based increases and promotions down the road

just got an email for a one way interview for a Security Technical Writer, requiring no experience, just had some tests I had to complete to show my grammatical skills

Pentest+ is very much a niche cert, if you don't have experience it's a waste of money IMO. Pentest is not entry level to security. I would think about getting net+ and sec+ as they are more recognized than the IBM cert.

even if it hold the same weight as sec+, the big difference is that sec+ is 8570 approved so it opens you up to govcon work

That was one I saw and thought it would help

Let’s see if I can win this sec+ voucher than 😂

+1 agree with getting net+ and sec+ over pentest+

@plucky marsh @flat sedge (Tell me if you’d rather I don’t ping you in the future) I’m working on my resume. Should I include on it certifications I’m prepping for?

I would not.

Agreed, I would only include it once you’ve received it

If you're in a long term program, you can say "expected graduation" but certs don't usually have the same kind of rigorousness around them.

Sorry for having so many questions, I’ve just never actually had to craft a good resume, and so I’m very inexperienced at this

It could be worth mentioning it in your interviews though

No worries!

Feel free to reach out

putting together a resume based on Jakes Resume, and watching it shrink as I update it makes me realize how underqualified I am for anything in the security field lol

especially since I haven’t posted any projects ever, and all my old ones are long gone, so now time to start from scratch lol

You’re young, so it’s expected to not have a beefy resume. Especially in security because it’s not really an entry level field. It’s more like mid-high level IT. That’s why the help desk route is usually the way into security, so you have a good foundational knowledge of networking/IT before going into the security aspect of IT. There are fringe cases where there do exist entry level security, but aren’t very common

In a perfect world you should tailor every resume to the job description of which you apply for. Not saying to lie but to emphasize on your experiences that match what they want. Realistically nobody has the time to do this, but I would find a common theme for the type of job you are applying for and make your bullets centered around that.

Having a Master Resume with everything you've done is good, and then when you apply for something take the peices that matter for the position you apply for

I prefer rezi.ai , you can easily make copies and it has ai grading and ensures you are ATS friendly

and its online based so you can login anywhere and edit, copy, download

I did also have time at a garden center being responsible for all IT work and system administration, but it wasn’t my job title. Should I include that?

@plucky marsh

better?

i’ll expand into more detail in projects as I update them

Chronological resumes usually go Contact info -> Summary -> Experience -> education -> certs/projects . I think your experiences could have more quantitative metrics to show impact and scale of what you did

+10 points to griffindor for 1 page though

Hey ya'll, im a computer science student and wanted to get into Networking and start a career out of it. Can you guys suggest me a learning path on Tryhackme?

im currentl;y a unity game dev, as you guys saw what the CEO of unity did, unity is in shambles right now..

so yeah

I'll appreciate if someone would guide me to get a smooth start into networking and get myself in the path of that career

Tryhack me + going for CCNA would be a good start. There are 6 pages worth of rooms that have "network" in their things

contact info is at top, just cut it off. Only reason it’s ordered as is, they said that the top should reflect what qualifies me most for a position

whats the best career path for people like me being a unity game dev which has development experience in a particular language like c#

i know its irrelevant , but still networking and cyber sec is a differnet thing right

The honest answer is just getting to the first job to get some sort of experience and then pivoting from there

You might have to become a help desk technician first and then try to pivot into a network admin and then networking engineering/network security

alright

Some people are able to network their ways into a higher starting position then others, but regardless of your path you will learn things along the way.

im currently doing a job in unity game developm,ent but i want to start learning networking as I dont know game dev is gonna hold much longer seeing the conditions here where i live in pakistan

and i mostly prefer remote jobs too

does entry level internship remote jobs normally require you to have some experience? or do they provide training too?

I hate this answer, but it depends On the company, on the HR team, on what the scenario is

Also remote internships are a bit harder to come by because its way easier to learn and connect in person

i was doing on site work for almost 2 years , but having to work remote is so good i cant go back

I can't speak for outside the U.S but here internships are usually summer "jobs" in between years 2-4 of college. They want you to be in the specific degree field that they are operating

🙂

yeah thats how it usually goes here too, but mostly people start internships after graduating which im also a part of and i always regretting to this day

https://www.wgu.edu/online-it-degrees/network-engineering-security-bachelors-program.html#_ If you don't have a degree I would look into this college

You get certifications paid for as they are required classes and its online, self paced, and affordable(compared to most colleges)

$3,735 USD per semester. You will get the following certifications paid for
CompTIA A+
CompTIA Project+
CompTIA Cloud+
ITIL®*^ Foundation Certification
LPI Linux Essentials

Cisco CCNA OR CompTIA Net+
Cisco DevNet Associate OR CompTIA Sec+
Cisco CyberOps Associate

if i only do stuff from tryhackme, isn't that enough? I know degrees are a big help but still do i need to take time and pay a huge fee to get a networking specific degree

i wanna learn netwroking and start applying for jobs outside of Pakistan

which I think is good, because jobs here in pakistan already work with companies outside of pak but dont pay that well

Not nessesarily. The degree helps you get past the HR Filters when applying for things. Nobody really cares, but its easier to get in the door with the degree then without. There's also a certain point in careers where you may not go any higher without a degree

yeah i can relate with that, HRs will look for that degree and will move your cv towards acceptions,

Also tons of tech companies are laying off thousands, others are forcing workers back in. Theres a mass exodus in FAANG companies and the best and brightest from google, facebook, apple, etc are going to other companies and trying to get to a remote only positions

in 4 days 487 people applied. What about you makes you more qualified then 486 others

i think thats the reality of tech jobs, you never know when you're gonna be layed off, even i have been layed off recently without any notice, which is quite nonprofessional of them and I might need to talk to a lawyer about too.

yeahh..

i get it

It sucks :/

What I will say about WGU is that you can accelerate classes for free if you finish early

well.. im gonna have a discussion with a friend of mine, hes doing networking but on a managerial role, lets see what he suggests

I completed my masters degree in 1 term(6 months) but most people take 2 years

oh damn

noice

So instead of paying $4500 x 4 I only paid $4500 once

reading this while the IT department at my work is disintegrating
Send help lol

@dawn plinth send me the application 😉

😂

good luck man, times are tough when everything just falls apart in an instance

I’m gonna stay for the time being, but i might be the only compliance/infrastructure security guy next year

😐

i’m like a year out of training

If you're considering networking, you should also consider cloud. Getting a couple of basic cloud certs and then doing their networking cert after the CCNA would put you in a great position. These days general networking engineers are usually doing some other form of IT work as well in some capacity a lot of the time. Having a CCNA might not be enough to land a role. It might get you a job on a NOC but then you would be encouraged to push for CCNP and further

yeah my friend is mostly doing IT work , but he told me he specifically does networking

On the topic of cloud certs, I just got my certified cloud practitioner and solutions architect associate AWS certs - I am going to go for the Solutions Architect Professional and Security certs next, but does it matter which order I go in ?

I was thinking of just going SAP -> Security because that's a path listed on the website, but some resources online have said to do Security before SAP

thats 487 applied through linkedin quick apply™️

a pro tip is to google the job and apply throug the companies website, guranteed your interview rate will be significantly higher than linkedin quick applies 🙂

i have heard that SAP contains 80% of Security, and to pass security it takes "1-2 weeks of studying"

i cant confirm as i havent done it though

Yeah I was just trying to find a quick example that fit my rhetoric

and a fair amount of job seekers “strategies” are just hit easy apply on 150 applications then complain they got 0 or 1 call backs

thanks!

Gave +1 Rep to @rugged sable

I was told by someone to put finishing portswigger academy under “projects” of my resume

Yes, because to do the certifiction, you need to buy a full licence version of Burpsuite Pro and that costs hundreds of dollars

you can just get the trial to do the cert

https://twitter.com/PortSwigger/status/1461736254794518533

Yeah that is where you can embellish your resume by highlighting those applicable responsibilities I’d probably just say you were IT Support instead of whatever your job title was 🤷🏻‍♂️

Some labs are also behind a “paywall” where you specifically need Burp Suite Pro to complete it

I think its mostly the OOB labs

i just feel like looking into it, all around it’s not worth it

anyone currently in a role with a title well above your actually responsibilities, do I still put network security engineer if I'm only troubleshooting / implementing rules to allow access to sites

If that's the role the company assigned you, sure

fair enough, just always running on that impersonator syndrome

you put the title down that's on the company internal stuff

Depending on what it is, I would put down what sounds most appropriate (within reason)

I saw this vulnerability specialist/analyst role but their internal name was “vulnerability mangler” lmao I would most definitely not put “mangler” on my resume

do you have some offers in Brno?

czech republic?

how do people fit everything on 1 page on resumes, I need more space

being concise, its an important skill

ignore the info on this, this is an old resume that I’ve improved, but like this

i used Jake’s Resume template online, made it easier

is it worth mentioning about books I read?

Not really no
Will probably be worth mentioning in an interview when they ask about your hobbies though

The 1 page thing is more for entry and junior level positions. Once you hit senior and higher, the resume should be as long as it need to be to communicate the depth and breadth of your career

okay instead of networking, what about the security route?

security is going to be harder to break into

Hello, I am a cybersecurity student, wondering if how could I start gaining experiences even if I am still going to school, could you also suggest some projects that I could probably develop to put my knowledge into work? I would appreciate any answers 🙂

!website

You also get a cool 20% discount.

Would recommend support/heldesk, syadmin, net admin, or dev as the entry level technical routes into security

Ok redid my cv the 3rd time. still got to add some more projects and relevant stuff but how is it looking

Would condense projects slightly. Both of those exist in your homelab, my assumption would be that you have tied your splunk creds to AD using LDAP.

Also do not use first person on formal documents.
Tools and software: What does Azure and AWS mean in this context? Are you an expert at using both to implement a fully functional cloud environment? It's also overkill to list multiples software that doesn't differ significantly - IE, list either burp or zap but not both

Same with Google Suite and MSOffice. If you are competent in one of those, it carries over to the other

i like the formatting, and I think this is a much clearer communication than your previous posts

thank you very much for that will make the changes

my manager is saying that for becoming an soc you need a very strong networking knowledge is this true?

It does help a lot. If you doubt your manager, I would recommend talking to your company's security org and asking if you can shadow one of the soc analysts

Just got a job offer as a help desk support for a health orgaization called Penn Medicine. It is experience, but im not sure how it could transfer into security. I will be going around to different hospitals and providing IT support also working on my security + while working. Is there any advice you have on how to take what im doing and transfer it to a security role in a year or 2

Keep your eyes open for opportunity, and make your career goals known to your managers. They may be able to point you in a good direction for an internal transfer down the road, or offer training

ok cool ill do that. I am new to tryhackme how good is it with giving you the skills to actually do jobs and is it worth to post about the room completion on LinkedIn that they give you

I think this is good advice. I work in the operations department for honeywell and i think voicing career goals with managers could help make a career switch a little easier

Always work with your manager to get where you want to go

They can't help you if you don't rely to them your goals.

Sometimes even if they aren't exactly aligned, you get some benefits that can help you later

honeywell is hiring near here, but NONE of the positions are anywhere near entry level that I’ve seen haha

You should still apply if you have the appropriate qualifications or you believe you have a good deal of the skills requested

def don’t have those either lol

Yeah where im at they're hiring for IT tools admin, can't say if it's entry level or not

hey, if it’s remote or in the KCMO area, feel free to dm a posting to me

any opinions? i'm going to start applying for graduate positions soon

Projects should go at the bottom, education should go top, followed by certifications, skills, then experience

Soft skills don't belong in skills, skills should be individual things, not sentences

A lot of your skills are too broad honestly

You should bullet your experience as a block of text is likely to not be read

You didn't build a vulnerability scanner

ive been told to do it by whats more important/ what has moroe information

if anything it seems like you automated nessus

how are the skills too broad? what am I supposed to put in

if I do bullet points it wont fit on one page

Please stop pinging me

im just replying to your messages?

With pings

with the reply function

@sturdy scarab this is a ping

I am in the chat, no need to have the replies ping

I wouldn't know that?

Over on the right hand side there's an option not to ping

This

Vs this

ok 👍

Right, meaning if you have limited experience and a degree, the degree goes first. If you've been out of school for a while, then experience goes near/at the top

there’s a lot of inconsistency in your grammar which makes it odd to read

Projects shouldn't go first, I don't want to say ever because that's an absolute, but it really shouldn't ever

can you please point out where? I've put this through Grammarly 5 times and word

Ok thanks I will change it

Education, skills/certifications, experience, projects should be your order

got it 👍

Means you likely have too much

Specific items that you have utilized and can talk about, at depth, for 20 minutes or more

imo in a resume you should avoid pronouns, keep to the past tense (unless present), and use action verbs

A resume is supposed to be your "greatest hits". Concise, no fluff, and in an easily readable format

Each job really shouldn't have more than 3-4 bullets

I understand but if I change it from paragraphs to bullet points it wont go on 1 page anymore even if I do 3-4 bullet points because of the space in between the lines. I'm already using size 10 and 11 font size

Then your formating needs work because there's a good bit of whitespace. If you're struggling, you may need to switch to a different template

Something like Awesome-CV

not again 😭

I'm excited to look for my first IT job after I finish my military career

Hey guys, is there anyone, who switched from software developing to security, does it worth, in terms of revenue?

cybersecurity roles are usually well paid but you'll need to spend time learning and frowing your skills and interests. It's a broad field with many areas of specialisation

thank you for your reply. From what i see now - software developing is more profitable then security unfortunatly

Gave +1 Rep to @rugged delta

There's demand growing for software security engineers too

i think mine may be a possible exception, just because I have no education or experience within my goals, so projects are what I have to show. (sorry for the ping, just doing so since the convo has been over for a while)

I have redone my cv again @stoic cave

Remove that bit of red on the text

why it looks cool 😆

It really doesn't.

lol

ok

I review resumes and make hiring decisions all the time, maybe it's just me, maybe I'm old and I don't know what I'm doing. But if you posted it here for feedback, there is some for you. Any 'gimmick' like that, I throw out almost immediatly.

ok thanks I will change it to all black

Gave +1 Rep to @vital laurel

Closing tickets is not improving workflow

Tell what what you did, how much time/money/lives it saved, then tell me how.

how is closing a large amount of tickets in a short amount of time not improving workflow

because that's going through the same workflow quickly

not improving the process

If you improved the process tell me how

ok thank you for your input, does everything else look fine?

Not looking super close, but that red stood out. Fix it up and if you like, i'll take another look

Technical skills should go between education and work experience

Certifications too

I think your projects section needs work still

Work Exprience > Education > Certifications > projects > Technical Skills is how would I would do it.

They don't have much experience and are still in school though

Technical skills in my book, is where you add random crap to get through filters

But they have some

Which is good for a student

If they were 5 years in I would flip, but since they're still in school I would place it on top.

im a guy btw

It says student straight at the top. and I think flipping it is a mistake

"Treat me different I'm a student"

not a great start

But, that is me like I said

so remove student?

Yeah, I didn't see that part

its not to be treated differently

its just stating im a student

still in education

The top should be your name, LinkedIn, email, and website

Remove the student and whatever else isn't what I just listed from the top

ok removed

what next

Your projects section needs work, imo

how?

Grammar to start. Then the projects your listing. Vulnerability scanner, again imo, isn't a project. It's just you using a tool

Was it a homelab? College lab/hw?

what's wrong with the grammar 😭

just homelab

"Building an SIEM"

That was grammarly

Not my fault

😂

You should read back what it does for you.

If you're putting it on the paper, it's your responsibility

Only joking

Oops sorry for the mention

@sturdy scarab maybe education and certifications in the same section? Just to shorten overall length of resume

I wouldn't. Education on a resume is things like high school diploma, bachelor's degree, etc etc.

Certifications are a verification of your professional skills

Does it matter if the format is pdf or docx?

PDF

Ok good

It prevents people from changing it after you submit

Do you think im missing key words

Or what things should i add

To make an employer want to interview me

talior every single resume submission to the opening

pull out keywords that match up from the job posting and put them in

Thank you
And is it worth doing a cover letter for every job I apply ro

To*

Follow the directions

Most jobs i've ever applied too, almost none had cover letters

if it ask for one do one, if it doesn't, i say it's up to you, but I think getting them to the 'core' information the better

you want to deduce fritiction with the reviewer

after 100 resumes, they look alike

Ok thank you will leave it.

I think im finally happy with my resume

After a lot of changes

Are there any perks of htb or thm rank in the job resume?

You do learning as a hobby?

like god rank in thm and pro hacker rank in htb

yes.

Nothing really, as you can get max level in THM just by using writeups.

but in the end, everyone wants a job or internship.

I'm not at max but I just want to know.

ok

I'm applying for IT grad roles (UK) but with an engineering degree, worried about whether I'll be considered haha

I did do a highly relevant placement where I did mostly IT projects, which should help

Hi everyone. I’m new here. Who will put me under his or her wings

what placement did you do/

Would anyone else be taking a significant pay cut changing careers to IT/cybersecurity?

Most of the time when you change careers to another field, you do so with the expectation of a paycut and starting out on a lower rung with the chance to show you can step up higher

Any advice on protecting crucial infrastructure?

That's pretty vague

Do you have any additional information?

I will be done with college in 2024 summer. ( information technology Cybersecurity.) Going to take security plus in November. Currently take part in CTF and my cyber security club to learn more. After security plus , will start on CISSP. I am not sure about pursuing a masters degree. Any other hands-on experience I can pursue for protecting crucial infrastructure for electric grids?

Ah, critical infrastructure

NERC CIP, stuff the Electric ISACs put out, etc you should probably look over

Just know OT Security is very different from IT Security

Also, you need experience to fully obtain CISSP. Prior to the experience requirement, it's called the Associate of ISC²

I appreciate the information.

mine wouldn’t be significant, but it would be a pay cut probably

but i’m willing

i’m just limited on what I can afford to take care of my family, need to make at least like 35k a year before tax to not like, die

I’m 100% self taught and I was wondering if there is people that passed certification (I seek cyberOps associates) and got a good job cause I have question about how you do portfolio and how the interview is going to be

sorry for the messy redaction, on my phone, and have no skin on the tip of my thumb rn, so I had to do my best

I also plan to add a repo to the projects, but this is what I’ve been applying with

I would put experience before freetime projects

see, I had it that way, but I was told to move it around because my experience holds no weight in the industry

I think you should add more bullet points to your work history and put it first. Try to follow a STAR pattern

Not sure who told you that, but projects go at the bottom

Generally you want to order your resume by relevance/importance and considering he doesn’t have much relevant experience (aside from that seasonal job), he would have to lean more on personal projects

And work history is the the most important thing

It doesn't matter if it's not in the cybersecurity field

We can agree to disagree

I'm sorry but no

What order would you say to format it in?

Derails
Work
Education
Everything else.

Details

Experience, certifications, skills, accomplishments, projects

I was also told to change it to “Training/Certifications” and put portswigger academy on it

aye or nay?

No

I wouldn’t put trainings, just training

Just certs *

Commercial experience still gives a higher value than anything no matter what, it tells that you know how to work in a commercial office, then commercial knowledge comes, such as education/certificates to show that you have been taught in said area and not just self studied but got something to "vouch" for you, then your personal skills and projects comes to show how you are personal see yourself and what you do in your freetime

I get where you’re coming from

better?

shoot, missed a letter in a word

other than the missing letter, any more input?

Hello everyone I am looking for a job in information security or web pentesting. Because right now I have no job. But I need one to survive. I have an experience of one year and skill gaining.
I can do remotely because I live in Pakistan.
Thank you everyone.

You will need to create a cv/resume showing your work experience, qualifications, education and skills. To get a job in cybersecurity you would need to demonstrate your knowledge in various domains. It can be worth it to have/pursue various certifications like Security+ or similar. Marcus J Carey has written a series of books called Tribe of Hackers under various domains in cybersecurity. He interviews experts in each area and their answers discuss skills/experience/qualifications and other things you would benefit from knowing.

You should consider a job in IT support or administration as well as cybersec as you will need to demonstrate experience with computer systems in various ways. Also, just having a job and showing that you're currently working can help immensely as it's easier to get hired when you're actually on the job. Plus you'll be more capable of survival

!docs verify

Do I need to finish all the courses to get started for a freelance job? Any guide to get into careers (etc. certs, interview or smth) or get started in bug bounties on bug bounties website like HackerOne or smth?

Freelancing in pentesting is usually done by professionals with some experience

It is very uncommon for juniors to do freelancing in this industry

but what does juniors usually do in this industry?

Well, penetration testing is not considered as entry level and even for junior positions often require some experience in other areas of IT

It’s also really easy to break something during a pentest when you work on your own (freelancing), that’s why when companies hire freelancers they usually seek experienced individuals

So I’d recommend trying to start searching for full/part-time or internship positions at companies to get some experience and after some time when you know what you’re doing moving into freelancing

Yes, It's because the field itself is pretty advanced. Even entry-level jobs require some of essential things.

Freelancing is not a common activity for a lot of cybersecurity work, as companies need to ensure your background and reputation and you need to have a wealth of experience and knowledge. If you're fairly new to cybersecurity, and/or you're not well practiced, it's definitely worth getting into the habit of spending several hours a day learning, and making that a part of your routine, probably the most important part after breathing and eating.

As a subscriber, you're able to access quite a lot of content on THM so take advantage of that. Lots of walkthroughs in all kinds of avenues of cybersec and lots of challenges along with the Learning Paths, Modules, Networks and series. Getting comfortable with doing a little bit (or a lot) on a regular basis will help keep you motivated.

You can also get into the habit of reading books as you progress on various topics. We discuss them a lot in #bookclub so search in there and ask about recommendations.

For certs, as you learn, consider Security+. It's widely recognised in the industry. For #bug-bounty you need to be fluent in web pentesting and there's a great deal of content on THM. With bug bounties, you might consider the HTB CBBH cert and the No Starch Press Bug Bounty Bootcamp book, as well as the HackerOne Hacker101 training exercises. You'll need a good understanding of what it takes to perform those kinds of tests, stay within and follow the scope of what's permitted and how to compile and submit reports. Just be aware going into bug bounties that it is not a reliable source of income but it can be very educational.

You also need to ensure you don't go out of scope, as that could result in severe penalties, legal issues and other trouble. Which is why freelancing is generally not a good idea unless you've got a lawyer to back you up.

alrite thx for the guide btw I am quite curiuos is it just the hacker101 CTF or there's more training available on the website itself?

Gave +1 Rep to @rugged delta

You could try with the Portswigger Academy, great web app sec resource

Just the CTF as far as I know. It's been a while since I've been over there

Some modules require Burp Pro, but you most of it can be done with the free version

the community edition?

There's a professional edition that has other features not accessible in the community edition. It costs $450 a year. Usually an employer would pay for that. If you do get to the stage you're making income from bug bounties, it's a worthwhile investment on your own but otherwise let an employer provide it.

THM has a newly revised set of Burp modules just recently

will get the refresher ASAP

Depends on a lot of factors and generally where you’d land but in my area you would be in a security engineer/analyst role which is more of a broad security role dealing with lots of stuff but its mostly related to how one can secure the org

security + or cyberOps associate I'm really hesitating

Hey y'alls. idk if this is the best room to promote ticket stuff, but here's my entry to @dire rivet contest to introduce their new learning path https://levelup.gitconnected.com/security-engineering-training-programme-just-dropped-3fe577985cfe

Sec+

why

it's not

More well known, 8570 approved

Opens you up to govcon work

yeah but I'm going to find a job in france

Ah

and I believe it's more popular cisco over there

sorry about that lol

but in terms of difficulty and what they are covering are they approximately the same ?

it's all good bro

I’ve actually never even heard of cyberops associate lol

I dont hear much about cisco certs aside from ccna

alright

yeah same I feel like comptia is much better

but my mom was searching stuff and ended up thinking cisco is more popular in france

so idk I gotta find some people over there that can guide me but at first I had in mind doing the A+ and then security+

Cisco is very popular for networking specific roles, as the Cisco training materials have been pretty good in both theory and practice. CompTIA is more theoretical and hypothetical and less on the practical training side.

That doesn't make it worse, per se, but there is a gap that you as a candidate have to take into account and develop your own practices around.

I’ll reach out to my friend who works as a pen tester in France and see what his opinion is on which is more marketable over there

bro if you could do that that's amazing

I'm really lost in how I'm gonna end up with a job

Unless you don't have any background in IT, A+ is probably too basic. Net+, Sec+ are very common, especially if you ahve taken any kind of post-secondary courses. Like at a vocational or junior college

I’ll shoot you a message whenever he responds

yeah no I have no it background

One thing that will help you figure out what you need to get your foot in the door is to look at local job reqs on whatever the dominant job search pages are in France.
Take a survey of 15 jobs you want, look at common certs, experience, and education required.

I'm already half in the A+ learning path I know all the hardware aspect

If you find that all the jobs you want require 3+ years or a BS degree in a related field, you are looking for jobs that are too senior for your experience level and knowledge.

yeah I've tried looking for intership and what you needed to know

but it feels so much

A+ isn't just about hardware. It also covers most of the basics of working in a professional environment; ie, dress like you work in an office and not as a hobo.

yeah I have all the network aspect to cover

Internships in the US are usually reserved for college or university students. There may be apprenticeships and training programs in france, but I don't know how their system works.

but rn I'm having issues trying to make burp working to intercept request from my dvwa server

yeah it's the same everywhere they want student so the government can pay for the intership

That's honestly way more advanced than where you are, in terms of general IT knowledge.

If your goal is to be a pentester, that is really not an entry level IT role.

if you're not a student it's the company paying for it and they don't want that

idk I'm just trying to figured out how things work

That is not how internships work in the US. In the US, the intern is paid a much smaller wage than whichever role they are interning for, and they get a sampling of common tasking across different areas. It's nto a situation where the government or unviersity pays the company to let the student work there.

but yeah when I'm looking at entry it job it's mostly analyst

Help desk and support desk are very common places to start as well.

it's a nice word to say you're gonna watch packets all day tcp and udp

In truth, being an analyst isentry level to security, but it's not entry level to IT

yeah sadly

oh yeah ?

Why is that sad? Some of the best admins and security people I know started in support.

I've seen something called junior analyst

so I thought you could do that as entry level

idk it feels kind of boring no ?

support it's like people helping old people to get their router working ?

Junior analyst means that they are the lowest rung of analyst. That doesn't necessarily mean entry level, you have to look at the actual job requirements to know what the job is actually looking for.

true

You have some real bad ideas about what the job market is, and what the various kinds of IT roles are. Strongly advise you to take advantage of local meetups and educational programs as quickly as you can.

what's that

how do I find those meetups

Support and help desk can be anything from resetting user passwords and credentials, to solving customer problems with software or hardware, and support is often the first line of contact for a company with their customers. Helping old people with their routers may be a function of support for something like an ISP, but that's not what it is in a majority of the jobs.

my mom was telling me that help desk was a bad job and I cannot do that

that's what I told the other guy I would love to talk to people in the field so they can help me

I hate to tell people not to listen to your mom, but don't listen to your mom. A job is a job, and it all contributes to your career path.

but idk where to go and going into discord servers and saying hey I'm new can someone help me feel kind of desperate

I from China

You may not like or enjoy help desk, but it's a place to start getting your foot in the door.

hello

I've seen the video of chuck saying starting with help desk was nice

I wanted to do comptia A+ find a desk job so I gain experienced for security+

Hello everyone, I come from China and hope to make friends with everyone

but yeah my mom was like just do the nice certificate now and get a nice job from the beginning

@warm hinge hello

CompTIA certs build on each other.

nice to meet you

it's a bot ?

A+ is assumed to be known for Net+; Net+ is assumed to be known for Sec+. Sec+ is assumed to be known for most of the 'higher' certs.

NONONO

im from China

oh ok ok

that make sense

i English no good

I've seen a guy saying that network + was bad

and there is a better one

wait let me find it

What's your name?@warm hinge

https://www.youtube.com/watch?v=YeWYlp9JP6g&t=379s

this guy

gives lot of advice on certificate

My name is Little Karami

@warm hinge

go on a community server that is based on talking to stranger

I personally really liked net+ and I think studying for it really strengthened my networking skills, so I highly rec it to others

so you think I should do net+ before going sec+

or I can directly do sec+ after A+

Net+ gives a lot of foundational information on how networks operate, and devices communnicate.

Net+ then Sec+ is what I did and I think it was a good path

usually people do a+ then net+ then sec+

I already answered that A+ -> Net+ -> Sec+ question.

I personally did sec+ then net+ though lol

lmao

but go the normal route

thanks guys now I'm sure to not forget it

If someone does not know anything about enterprise networking, I would not recommend doing sec+ first

the thing is that I live in canada rn and might move to france in a years or so

ok got it

and what about oscp

baby steps first

I heard about it but know nothing

What about it?

is it good ?

I'll try to

Yes. But it's not entry level. And the cost is going to be way more than it is worth for you to pay for. Get a job, work your career path into security, get the company to pay for it.

but I don't wanna spend 5 years in help desk

Certs don't really mean much, it's mostly done so b2b companies can sell services and expertise to other companies, or to demonstrate employee expertise for specific kinds of audits.

Then go to university and a BS in compsci

company can pay your certificate

that's so cool

you've confused me

so it's no good ?

It’s not bad, but an education is better

I didn't say that. But most certs are not priced so that they are affordable for people to just get.

Certs are a business thing, the value in a cert is the rigor of the exam. It shows that the candidate knows enough to pass the exam. There are reasons to pay for the exams yourself, but don't spend more than the absolute minimum to make it past the HR filter for actual entry level jobs.

Pentest is not entry level at all, and it's usually not entry level to security.

ok ok

so I should not do tryhackme stuff and just learn what I need for comptia certs

#cyber-and-careers message

true

I would encourage you to do whatever you want to learn. Just recognize that your learning may not match what is expected of you for an entry level help desk or support role.

thanks for taking time btw

yeah I need to focus more on what's gonna get me a job and then I can do pentest as a hobby for later

but like I bought the mike myers course on udemy and boy it's kind of complicated getting focus for hours trying to learn all those terminologies when I'm doing pratical stuff I can do it for days without getting bored

Lab, lab, lab, lab

Lmao

i am new here

Nice

Welcome

how can i get a good start

You could watch videos of a guy named chuck on YouTube to kind of know what you like

Or if you want there is a lot of room introductions to cybersecurity in tryhackme

ty

Where there is quizz to determine whether you are blue or red team

So yeah I would recommend go on the introduction room to kind of know what is all the different type of job in cyber

Can someone experienced please explain how you would actually do what it says in the bullet points?

Sounds like a question that the recruiter should be able to answer

Hey! I have basic knowledge of C++, Python, C#, MySQL & assembly language . When I say basic I mean I have taken a uni course on each & understand them. Im currently learning malware analysis. Becuz of where im studying Im not allowed to work physically. I have no certs/degrees to my name so I understand a job is a tough ask but im doin a bachelor atm & need work. For someone in a position like me, what kind of work should/can I aim for ?

I'd say to seek out internships and educational programs at your university. You can aim for help desk jobs primarily, as that's usually how you acquire experience at the beginning. Additionally, you can go for Security+ and Network+ certifications, as they hold value in job market and are widely recognized.

What's a good place to start doing labs

https://tryhackme.com

#start-here

Got an interview to be a NOC tech tomorrow, any tips to prepare?

Know networking and networking monitoring pretty well

those are the requirements, gonna study up on them today to be prepped for tomorrow

Hey guys, I’m new here so I wanted to say hello. I’m a software development student (3rd year) and realized I really prefer cyber security career wise. I’m currently working on my Security+ certification but have no experience in I.T yet. Anyone wanting to share advice for a guy like me, I always appreciate tips and advice

start going through the TryHackMe learning paths and figure out which domain of cybersecurity appeals to you. then do projects, labs and learning about that. then start applying for internships or full-time roles that you have a good portion of the requirements.

I'm seeking opportunities for military jobs and I want to ask for advice on what branch's are best for Cyber

Go Air Force 100%

Best QoL and associates degree for your tech school (job school)

I believe they closed off cybersecurity to retrainees only, so you would have to go in for IT roles (or grc security)

okay sounds good I'm looking into it now

My first question would be why do you want to join the military. That needs to be answered first before everything else.

Without a solid reason, you're going to be miserable

I want to be challenged and I feel like college and other opportunities wont challenge me enough or push me enough to a point where I can challenge myself

Have you looked into the Service Academies or the Senior Military Colleges?

looking into that now

Depending on how much High School you have left, the Academies may be an option for you.

senior year

That's too late

Senior Military Colleges should still be accepting enrollment

Ping me with any questions, about to log for the night

I wouldn’t say the military is very challenging but it can be a really good tool for setting you up afterwards

then what would be challenging in your eyes?

probably a more subjective topic tbh

It is subjective but first, what do you mean by challenged? Emotionally? Mentally? Physically?

all of the above really, with a little less emphasis on physical but still important

Eh the military will give you good and bad days. If you’re close to family and friends, it might be challenging in the emotional aspect, since you’ll usually be away from home. Changing to a more structured lifestyle (at least initially - af mainly reverts back to normal life after your job school vs like the marines where your life is pretty miserable around the clock) may be mentally challenging. Physically it could be if you’re in a grunt branch (army/marines), but not so much in the af.

Mentally challenging in terms of what you learn and do for work can depend on what unit you’re assigned to. You might do basic things or you might be trained up in more advanced things.

Yeah it's the "maybe" that has me on the edge a little bit, as I don't truly know what work I will be doing until I'm assigned to do it

Well you know generally what you’ll be doing because you can enlist as a specific job

yes of course

I think I'm going to continue vetting other opportunities

thank you for the information and your opinions

https://www.reddit.com/r/AirForce/wiki/index/?rdt=63086#wiki_enlisted

check out the jobs that start with 3D - those are the tech roles. The identifier is outdated but the jobs still exist

this resource gives you a better day to day and more insight into the jobs than the official Air Force website

thank you

can I get some opinions on this final draft? TIA

improved workflow by 60% - how?

end all or no bullet points with a full stop

AZURE Azure azure, pick one - probably Azure

Can i post here my LinkedIn and could you guys give me an opinion to see if it's good?

If I were a hiring manager, I would probably pass on you for a job from this resume, for the grammar issues that have already been brought up. I'm pretty nit-picky, but consistency and correctness in a resume shows attention to detail and ability to review documentation before handing it in. It's more forgivable in a junior role but it's not a good look.

what grammar issues? please point them out

Moose described some of them to you; would recommend you don't rely on grammarly to ensure correctness.

I have modified building an siem to building a siem

I think that was the only issue?

I wouldn’t say you built a SIEM with Azure. There’s also no clear indication what the SIEM was monitoring. Windows Event Viewer and Geolocation of what? Did you set up a honeypot? Too many question are left to be interpreted

well thats to be talked about in the interview

That is if you get to the interview

I'd like to think my CV is good enough to get an interview

Okay, agree to disagree. I just want to point out that there is no clear indication of what you were really doing with Azure

Its a lot of buzz words but no indication of what you wanted to achieve with the project

anything else that is wrong?

It's the only one I pointed out because it was very obvious. You're going to need to take some time and check your grammar through the whole document.

Hi yall! Im looking to improve my resume, any suggestions?
I graduated college in 2022 and the last 2 positions i had were my first full-time roles (promotd within the same company) Im not sure if i should remove the old partimes roles or keep them since i do not have much IT experience?
This is a rough draft so ik there are some granmatically components i need to improve

Hello guys. Have got a question. As someone searching for Job, been applying to almost anything with security in it honestly… which should I go for Cysa+ or SC-200

I have got security+
No major security experience … Have 2 years IT service experience.

Depends on what you want to do. Are you already working in IT in some fashion already? Most people start in a helpdesk/support role or do standard IT work (administration, cloud, networking, etc). Having experience is considered valuable. Sec+ is a good one to hold and SC-200 is good if you're working in a Microsoft Azure environment and hold other Azure certs as well. All the cloud providers have their own certification tracks

I have around 2 years IT experience … jobless atm, changed countries and looking to get a security role. My options are Cysa+ or SC-200

Do a search on LinkedIn for each of those in your new country and see if they're requested. Otherwise search for sec+ or security+, since you have that

CySA+ is good if you're going into a SOC role or similar. Otherwise look at the qualifications and skills that jobs in that area are actually requesting, get in touch with local recruitment agencies and keep in touch with them

Which is more tailored towards SOC … CySA+ or SC-200 ?

CySA+ is a more general training program. SC-200 is specifically for certain aspects of Microsoft environments and tools. The organisation you're working for would suggest and likely sponsor any product-specific training you need

Thank you !!! 🫡

Gave +1 Rep to @rugged delta

I would look through #jobs-board as this channel isn't really for asking for employment. It's more career questions and industry info

I'm writting up my reume, as someone who is getting out of school soon, do I need to add a professional summary?

Personally, I do not like them/think they are necessary, but I know others here do. My opinion is that that is what a cover letter is for

Thank you

Here is an updated version of my resume. Can I get some feedback on this please.

It's a lot of white space and the formatting is not consistent. I would put it in a LaTeX template, like Awesome-CV

Hi, I hope everyone is doing well. I’m new to here and I doing google cybersecurity certification I want be cybersecurity analyst so can someone give me advice #thanks

Hello, I'm currently looking to find an internship for my third year in university in cs but I don't have a lot to put in my CV as of yet.

So I was wondering if any of you would know some quick to get certifications that I could pass so I can put them in my CV ?

I was recommanded the MOOC from Anssi for example but more of those would be great. So that would be certifs that I can get working on it 2-3h every night within the next couple of mouth, so probable not certifs like network+ or security+, smaller/quicker ones).

ty!

I haven't read the content but visually speaking it could be a lot improved. Perhaps you could look into online templates. I know that they offer some good ones on canvas.

Its okay to not have a lot to put in your CV. You’re still in school!

Academic accomplishments and projects (whether done in school or free time) goes a long way

If its for internships, I doubt you’d need any certifications

I know I know.. but still, the more you have the better ^^

Yes but don’t get too hung up on the idea of chasing certs to prettify your resume! IMO, a person who has a great grasp on IT fundamentals and is willing to put in work to learn even more is way better!

Is this the MOOC you are refering to? https://www.my-mooc.com/en/conceptor/anssi/

if a cert is "quick to get" it probably isn't that valuable to yourself or prospective employees

Not necessarily, for a student like myself I think its always a plus. I wouldn't generally aim for these kind of certifs but like I said I'm already starting to post my CV everywhere so something I can get quickly is preferable atm.

Hi All,

I hope you're all doing well. I'm currently pursuing my Master's in Cybersecurity.

I'm particularly interested in exploring current challenges, emerging trends, or any recent cybersecurity incidents that might serve as the basis for a project. Your input and ideas would be highly valuable to me, and I'd love to hear your thoughts on potential project directions. I truly appreciate your input and look forward to discuss more.

well what do you call a "quick to get" cert. I don't think any that are valuable are easy or quick to get.

most are also quite expensive so you wouldn't want one just for the sake of it if you are going to spend a couple hundred or thousand $

Probably "eJPT"

Thats a quick cert

how about tcm's PJPT

Nah

not worth it?

I don't think it is

wbt the pnpt

That depends on where you live

I highly recommend checking job postings where you live and cross reference the certification you want with what recruiters are looking for

where I live there arent many cyber sec roles that I can find

so Im hoping for remote work or moving somewhere else

speaking of how hard would it be to get a remote job in another country?

Does anyone has done soc level?

It can be hard if its security-related as there may be regulation and compliance requirements

There may be some companies in your local area that do outsource this type of service for international clients and you can get hired there

ah, I see

Here is another "updated from the last sugeestions. Please advise

Hi I am an f1 student in usa and looking for an unpaid cybersecurity internship can anyone help me?

Pretty sure F-1 is fairly restrictive in what you're allowed to do

Your options are listed here:
https://www.uscis.gov/working-in-the-united-states/students-and-exchange-visitors/students-and-employment

@stoic cave I am allowed to work in my field by earning a CPT. I study IT thus I am allowed to work in cybersecurity

OK, it still seems that you have additional things you need to do. More than just applying to places

You're going to need to work with your college (career center or visa person) to determine what your options are.

You also shouldn't work for free

CPT is not earned. Once you complete the first academic year, you would be eligible. That said, if you are legally able to participate, it would have be a training opportunity and not employment. Strongly advise you to talk to the school's career counseling and international students office on this, as we are not experts.

If you do get an internship while a student, please do not ever take an internship that does not compensate you. It devalues you and every other candidate for a similar role.

I am eligible my school career has said that finding my internship is my responsibility however once I find one they would help me with the paper work @flat sedge

@flat sedge due to my visa status I am finding it difficult to find jobs and internships in usa so I really don't mind devaluing myself a little

Try GRC roles.

hey guys I'm gonna get a ejpt voucher for a 100 dollars discount, how long will the voucher be valid for?

180 days

Hi, Guys there is a CTF if you would like to be in our team just dm

wdym

is it private or public?

What CTF?

public

there is a ctf in november and i am looking for a team

Again, what CTF?

They want to know what the CTF is, as in, who's hosting it, are there any requirements? What's it for? Are there any prerequisites/qualifying conditions? Is it online or in person? Is there an entry fee? Are there prizes?

black hat

People want to know the terms and conditions of the CTF as @rugged delta is mentioning. People won't sign up for something they don't know what they're sigining up for

its black hat, no req, adk how to ans, i think yes, first online then i our team gets in the 250's plasment then we will qualify to be in person or if you dont want to come you can participate online, TEAMS (OUTSIDE OF RIYADH) The top 10 teams (if based outside of Riyadh) that qualify for the final round will have travel and accommodation sponsored by the organizers., no entry fee, yes SAR 700,000 (Approx. USD 187,000)

Any link for it?

https://blackhatmea.com/capture-the-flag

Hi, i want to develop a career in pentesting but i’m at the very beginning and really don’t want to have to do much comptia, i’m a very practical person and i hate the idea of non practical certs.

could i do google it support, net+, then google cybersec and sec+ as a viable alternative to the comptia triad?

what about just going straight for net+ and google cybersec then PNPT for a security job with no experience? i know these are very naive questions but i’d really like to gauge the viability of it all, thank you ^^

Helo, wahts your IT background so far?

I’m familiar with windows and mac as i grew up with both and messed around in them, and i’ve been messing around with linux a bit and just made the switch to linux mint as my daily driver, trying to use the terminal as much as possible

i’ve done some a+ and started the offensive pentest path and that’s all really

Are you a student

i’m self taught, did some computing in school and went to college for cyber security but left as i couldn’t keep up with the education model and wanted to do it more personal and hands on

Okay okay, what is your job experience so far?

really not much, i work at a printing bureau and i help with troubleshooting computers and i’ve helped a little with the server racks too, configuring cables etc. but i’m not too experienced otherwise

Okay okay. It may be hard in your case to get a job without a degree. Not saying its impossible, it will just be hard.

Before pentesting, you may opt to focus on building IT fundamentals which will help immensely. Security+ is really good even though you don’t like theoretical certs but its mostly training you on a broad grasp of a lot of security domains

You can possibly pivot to the IT department in your job and get first hand experience for it.

For pentesting, I’d say if you want to learn stuff, these are what I’ll recommend: CRTP, CRTO, PNPT, HTB CPTS

If you want to get a job and prettify your resume, OSCP is the best but I understand not much people can afford its staggering price so you may opt for the former.

that’s really helpful actually, thank you!

Lastly, pentesting is not really an entry level job and there is seldom who hire for fresh graduates there but I also see it sometimes so you may be in luck in the future hopefully.

@brisk iris what country? 😄

i do hope my certs are enough for experience haha :)

currently the UK, but i plan to move to germany in 4-5 years ^^

oooohhhh

@brisk iris as an alternative to uni you can actually work instead and get a degree at the same time (1/2 days of studying a week, but 90% of your "score" will come from work)

The UK has great apprenticeship programmes for people who do not fit into traditional education but do want a skilled job

https://www.qa.com/apprenticeships/cyber-security/
https://www.civil-service-careers.gov.uk/government-security-cyber-apprenticeship-level-4/
https://amazonapprenticeships.co.uk/cyber-security

those are just 3 of the ones i found

i quite like the govt ones as they are more relaxed and you get to experience the life of being security cleared haha

https://www.cisco.com/c/en/us/about/careers/communities/students-and-new-graduates/apprenticeship.html also this one at my company

i know people on it who are chill

ah i’ve actually been applying to apprenticeships! they’re already a little hard to get in my area though lol

you get a degree from uni of manchester at the end 😄

ooo i’ll look into that

omg and that too!

ah yes, if you live in the middle of nowhere it'll be hard to get a remote apprenticeship as they are already kinda doing you a favour in a way 😦

i do live close to london but sadly the commute there can be a little lengthy, the only people who got back to me for an interview ended up in a total commute of 4 hours there and back for me, so i had to decline the interview i applied to lol

@brisk iris if you DM me I may be able to refer you to the Cisco one, although no promises that I can. Referrals are very messy at such a big company lol

I can also put you in touch with someone on the programme 😄

Your pronouns are she/her in your bio, the government is desperate for more non-white non-male applicants and I know many good things about cyberfirst. I'd suggest applying for this one too https://www.gchq-careers.co.uk/cyberfirst.html

there's also the 2 week programme from prince's trust
https://adarma.com/adarma-partners-with-the-princes-trust-to-drive-get-started-in-cybersecurity/

Probably too basic for you, but it'll be a nice ✅ on a CV

May I also suggest in-person CTFs / hackathons? I went to one at Deloitte and they basically offered me a job on the spot 😂

HR is a big, big barrier but meeting the actual managers / people in charge of deciding whose on their team is a nice fast track

i really appreciate all the links thank you!! i’m definitely going to open all of these in a second :))

ooo, i love the idea of that!

Hello. Pardon me, but may I know if you got into Cisco as a fresher or did u have prior experience

Oh also meetup.com groups for professionals. Living close to London, you'll be able to go to so many great ones for cybersec. Look out for ones hosted in offices, as those offices are hosting them to hire people like you.

I know it sucks and is a lot of work, but actually meeting people and talking to the people in the field instead of begging HR to read your CV will be better in my opinion 😄

no, but i have uni grads on my team

worringly they are much better than me 😂

Wait, no to what

thank you 😭 it’s a lot to process but in a good way hahaha

Gave +1 Rep to @rugged sable

you caught me at a good time, this is my once-every-6-months check in on the discord 😂 Do tag me / DM me if you have any questions. I'll tag you in any London meetups I think that look cool too 🙂

There is Blackhat london actually. https://www.blackhat.com/eu-23/scholarships.html it says "university students only", another uncomfortable thing would be to email them and explain uni is not for you but you are still looking to get into cybersec 🙂

Also this. This is basically the networking only ticket 😄

i have prior experience at a startup

Ah ok. Thanks🙏

i’ll do that :) also yes very lucky omg
ive heard of blackhat i didn’t know they were in london though!!

i have a lot of things to look into now, i’m really grateful, thank you @dense dagger and bee :)

Gave +1 Rep to @rugged sable

this is my once-every-6-months check in on the discord

You've been more active over the last few days 😅

@brisk iris welcome to the fold and enjoy your journey

thank you!! ^^

Gave +1 Rep to @rugged delta

just u wait until i dissapear again

first time i left the community for 6 months i came back and we had migrated to discord from slack

Don't they Still use slack?

oh thats the employee slack

there was a community slack back in the day

Oh I see

Woop, welcome to the newb club @brisk iris Woop woop!

hahaha thank you i’m honoured! 🥳🥳

Gave +1 Rep to @elfin spruce

Okay I just want a regular Help Desk Tech Job... How many years experience and what certs do i need to have to be the top 1% for any company that offers that job?

a help desk job would require 0-2 yrs of experience depending on the seniority of the role. For entry-level, you wouldn't even need experience, maybe internship but thats all.

certs arent also required

I am clueless why i am not getting any interviews then... I feel like i need a cert to proof them i am worth their time or whatever..

You can post a redacted version of your resume here so others can chime in and give inputs

I'll get on it tmrw. or day after. this week is a wee bit of a busy week plus. Also been studying as much as possible and writing some python code every day and i am almost done getting the Google Cybersecurity Cert from Coursera im on the last of 8.

if it helps, I applied to 100+ helpdesk jobs and none of them got back with me

the main hardship of it is that everyone is applying for them. If you look, thousands of people applied to some of them. It’s because everyone knows it’s the IT entrylevel position

Location, resume and cover letter. Those are the main points.
Make sure to send a tailored resume and cover letter to each place you're applying it. That definitely will increase your chances.
If you're active on LinkedIn, try to connect with people in the field you're looking to get into.
Networking is extremely important.

hello

Hi!

Nice to see YOU here

Hi, can you help me?

I would like to know if there is an official tryhackme app for android

Not that I know of