#cyber-and-careers

Yes, just build up a portfolio I.e on GitHub and show other ways that you are passionate about the area

Join a local group. Network

Is there any good portfolio I can refer to understand

You’ll find something eventually. But you’re gonna have to slowly work your way up from help desk to more advanced roles over time

I dont have any I could provide sorry

All I could suggest is to tailor it to your area. I.e if you want to end up in SOC you should make a portfolio relating to that

Is there anyone, with whom I can work as intern ?

Try to look at https://discord.com/channels/521382216299839518/775144008853749770 🙂

Try handshake or other job apps. They normally only take people in school though

Hi all!
A little bit of help here. Let me tell you my story, I'm a professional working in banking industry and I would like to change my career path inside the organization, from Ops Payments to IT Security and from what I understood it is needed a comptia+ certification (at least). I cannot figure out which online platforms have the best support and learning courses (+ recognized www certification) for a noob like me, so that's why I'm asking you, do you know any platform that full fills the above requirements? cheers 🍻

Professor Messer is the best for A+, Net+ and Sec+

On YouTube free or his website has additional study material for a payment

as a learning materials, ok but I'm doing right now in THM. I've meant and I was referring to online platforms that supports for certification in comptia+.

Def recommend his sec+ and A+ exams

If you want another platform like THM try HackTheBox. It’s not like THM where they hold your hand through it all

actually I'm looking for a platform which can offer a certification

HackTheBox offers them. Check out their pricing though

OffSec has the OSCP you could take their year long learning course then take the exam

Although that’s advantageous

Not a beginner thing either

Comptia has their own training too. Although their book is pretty boring

Stick with the foundations I.e THM then move onto HTB if you want more of a challenge. Then look into certifications when you feel comfortable

thanks!

and any other website besides https://www.comptia.org/ for the certification?

Maybe CCNA by Cisco?

https://www.cisco.com/site/us/en/learn/training-certifications/certifications/enterprise/ccna/index.html

Here’s a career pathway diagram from comptia:

I personally like their career paths

They have more on their site

nice, really thanks!

No problem, enjoy the journey :)

Hey @merry axle I have a doubt like learning and practice rooms will boost our skills + can we update our resume with the acquired skills on THM? Is there any change in getting jobs with the acquired knowledge on THM?

I know you didn't ask me but I tend to say no 🙂

@final hound Hey mate, it's okay but thank you so much for your genuine response

Gave +1 Rep to @final hound (current: #1285 - 3)

I look at it more as a hobby than anything. Some people put their certifications on their resume. But I wouldn’t put it under actual certifications imo

It could help you overall though

Would u say their certs have much recognition yet?

I honestly don’t know. I don’t have their certificate to really prove that it helps

Look up how many jobs it provides compared to other similar certificates. I’m sure others will still be better

I’m not a recruiter though so 😅

Just giving my 2 cents. I really liked ccna cert. you learn a lot and there is some overlap with security+ so much of what you learn throughout ccna studies can easily translate to sec+

I would say what if we apply for a very basic entry level job with 0-1 or 0-2 with decent certification + with updated practical knowledge gained from THM on resume would help? Because I have 1+ years of experience with CCNA + Ethical Hacker certifications from Cisco. Would these help or it's a waste of time

Id say in order to best reflect that knowledge gained would be through projects that you can add onto your resume

Wow this is the best idea 💡

For sure make a portfolio on GitHub

With that being said, if anyone has any project ideas I’m open to recommendations lol. I’m looking to pump my resume a bit

Looking to transition out of HD this year

@merry axle Thank you so much for your valuable insights and @fleet breach thanks for such a good idea mate

Gave +1 Rep to @merry axle (current: #500 - 11)

Ofc no problem

I’m currently making a set of pentesting automation tools. Might be something you’re interesting in.

Right now I have Cyber Defense. Launches my SOC

+rep @fleet breach

Gave +1 Rep to @fleet breach (current: #2594 - 1)

Since you couldn’t get it in :P

lol thank you

Def sounds interesting

My goal rn is to ultimately get into a soc

Long term goals still not quite sure

That sounds fun. Maybe build your own SOC bro bro

Yeah I was going to explore that new SOC simulator that THM recently added

I fucking love how they have that now

Do it

@merry axle So once who wants their career into cybersecurity needs to start SOC first or can go as per path recommendation by THM as penetration tester. I checked on THM and it recommended me to go for Penetration tester

Lemme look at that rn lol need a break from this network stuff

You don’t need to start off in SOC but personally that’s what I would do. Because I’m a mad man and I like to know both Blue and Red teaming

I have premium does this means I can access this simulator for free or is it a paid thing

Yes I believe one of the modules is available to you

You can access one scenario

Interesting 🔥

@merry axle if u don’t mind me asking are you already working in security or building towards it

Exactly please tell us

Both, right now I’m doing odd jobs though and Bug hunting

Im ultimately finding a Red Team to settle into right now. Hard to find a good team though

Great, if possible if I get stuck or have small doubts regarding career advice can I tag you here mate? and get your valuable advice from you.

Feel free. I’ll try my best to help

w mans

Do you think AI will take over all Cybersecuirty jobs in the next 5 years?

No. Do you?

idk haha

I don't think so. I don't believe AI can handle zero days and mitigate them like a human...and thats just one aspect.

@coral crow @oak hinge @empty shell interesting topic, honestly it can probably take some of the menial repetitive tasks away or be used in some initial SOC triage but a human ultimately needs to be overseeing it, because the AI may encounter something it’s never seen before and it may not know how to handle it

hey
um
I want to work in computer science
but there are so many branches
And i don't know which to focus on
is there any tips

Check out this article 🙂

https://tryhackme.com/r/room/careersincyber

no i mean
career in computer science in general

Maybe you can check this then 🙂

https://www.cmich.edu/blog/all-things-higher-ed/23-careers-computer-science-degree

Hello all, I've recently started my journey in the world of cyber, and eventually am invested in the idea of working with pentesting and back end development, I would love to do these things so I can have a more broad spectrum of opportunity in the career scene, but wasnt entirely sure if this was the best idea because I'm not sure how well pentesting and backend development actually interact with each other, and they jobs that are complementary to one another? is there anything I should know or learn on this topic, or in general do you have any ideas/reccomendations, or general feedback to this idea? Thanks for your time. Please reply to this message, or while replying @ me, due to my notifications not always being the best ❤️

Guys, I need a mentor. I am very committed.

Well we're all here to help 🙂 . If you need help with some room on THM feel free to ask in https://discord.com/channels/521382216299839518/522158539129618453 🙂

dm me

surely the backend needs pentesting, great choice!

As I see it, development should be done thinking in the security, however, doing back end development and doing pentesting in the field are two things completely different, so I suggest you to first make a choice on which of both you would like to work, then go for it.

alright, I appreciate it

Hello. I’m currently doing the soc l1, sc 200 and was looking at the giac gsoc. Would these be enough for starting a job hunt as an entry soc? Would i need sec+? I also did the ccent and some small cisco stuff but i find them worthless

You will have more odds to land a job if you start in general entry level positions like Help desk or sys/network admin first.

Sec+ generally increases your odds of getting a job/getting higher pay at a job, so it doesn't hurt. I would recommend it as it's an entry-level certification. Getting it myself to help my odds

Hi guys

Today I have my first interview for Sysadmin, any tips?

practice interview questions with ChatGPT

🥖 🇫🇷 French learners ... I saw there is this free event/fair for you with those conferences in Paris on the 29/30 th of January : https://www.cybershowparis.fr/content/programme-2025?searchtext=&page=3&%24pagegroup=tous
(an opportunity to learn something at the conferences, to encounter cyberfriends and maybe to find a job ... good luck to all of you.)

good tip, I didnt think it

Does any find there is any value sharing the room or challneges completed in THM on Linkedin? Thought about posting them, but not sure how much stock is put into that.

Not a lot, if I had to guess, especially if it's for job hunting. I personally do it just so my professors will see I'm putting in an effort to learning, as I'm applying for a scholarship soon

Why not 🙂 ? I don't think it would make any harm 🙂

Right, I didn't mean to say that one shouldn't post them

But I don't think a recruiter would look at it and hire someone based off it

You're definitely right there 🙂

Definitely no harm if you are just showing you are taking steps to learn

Not at all

just have to back that up in interviews

Thats the part that counts

guess its just the pessimist in me

What do you mean? At the end of the day it matters whether YOU find value in it, not anyone else. If you wanna show people you're dedicated to learning, go for it by all means and don't hold yourself back

Wassup to you all, I’m currently starting my journey into cybersecurity but I don’t know which online course to take and which certificate to get first, I’m thinking to get Comptia Security+ or Red Hat

those are two different certifications with two different subject matter

Security+ is an entry-level certification designed to validate fundamental security knowledge

Red Hat is a distro of Linux commonly used in enterprises and sysadmins

Security+ is pretty much a de facto requirement for most entry-level security positions, at least, in the United States

Ok bet so that one is just mandatory

depends on the job posting and company, but practically, for all intents and purposes, yes

And I’m currently doing hands on practices just to gain experience but I have to find more webpages that provide that

TryHackMe, Hack The Box, LetsDefend, Udemy, Port Swigger Academy, Security Blue Team, Pluralsight, vendor websites (Splunk, Sumo Logic, Varonis, etc.), and much more

I’m currently on the first three but thanks alot 🫡

Do you have coding skills as well?

May i ask why 4th feb?

Ohh nice

I sniffed around Bug Bounty, hard is it get in? I mean u can't start it with the basics only? I tought it would be good for practice and maybe cover the price of certs but im completly lost there

Don’t rely on it to make any amount of money. Use it as a hobby

There’s free certifications out there. One I’ve looked at prior is this: https://www.isc2.org/certifications/cc

You need to pay AMF though

There’s also the Google cybersecurity certificate that you could complete with a free trial after going through all the content you can for free prior to using the trial

I just took this

Its free but 50 $ annual fees

How was it?

Is it tho? I heard somewhere you have to pay for it despite free trial

Ez as hell

If you have some IT knowledge and know the ABCs of networking and security its a smooth ride

Its similar to security plus in terms of material but like i am broke to afford that cert😂

I’m 90% sure. I’ve heard a from a few people that did it the way I described

Ohh

Rn i plan to take a comptia cert, and aim for cissp after some time, maybe another aws cert as well

I am due for using that 50% off voucher so got to take that as well

! 50% that’s great

Yup

How is the comptia pentest?

I wanna gain some knowledge on pentest too, once i finish the soc path

It was a bit stressful lol. My first two questions were long and I was praying it wouldn’t be so complex through the whole thing. Thank god it was just the first two questions lol

Gave +1 Rep to @whole frigate (current: #1287 - 3)

Ohh so its a lab component?

Ctf type like thm or is it based on a given scenario ?

It wasn’t a full blown lab but I had to understand and fix some code in a few spots

Nice

Thank god I learned some python prior lol

Did you only get 2 PBQ’s?

You recommend knowing some basic Python before taking Pentest+?

Hi! I have been looking at cybersecurity-related jobs in Sweden, and it seems that it-infrastructure background is more important than software development background. Is this unique to Sweden and if it-infra is a better background to have, why?

Can’t really say much about the test :P

But yeah, I recommend for you to learn Python and Command line for sure

No prob, thanks

Gave +1 Rep to @merry axle (current: #469 - 12)

Still need to pay for the voucher right?

I was thinking bout getting the Google cybersecurity cert as well just so many different certs

Did anyone complete CertMaster from CompTIA to renew sec+?

Depends on where in security you wanna work. If you planning to go red teaming - having software engineering background is a plus since it requires coding and scripting. If you go into blue team/operation security, infrastructure is a plus, since you have a broad knowledge about systems and architecture

@mystic drum Thanks for your answer! I have a software developer background, but most jobs I see around here seems to favor infrastructure (so feeling a bit sad about that).
I would also like to see application security jobs, but they seem even more scarce. It feels like orgs assume that the dev teams takes care of that (but I know most wont).

Gave +1 Rep to @mystic drum (current: #779 - 6)

There’s a few labs I haven’t done yet but other than that, yes. It wasn’t to renew though, just to earn for the first time. I took the 701 yesterday.

Hello everyone

I guess I have my interests a bit backwards, I have a SWE/programming background including low level stuff but I have an interest in cyber engineering /blue team lol

Idk, i just never had a knack for pentesting personally

Mage tater magic right there 🧙🏻‍♂️

Ive only done it through Coursera. I don’t know about a voucher though. Coursera is a subscription plan for 49 bucks a month

Having a software engineering background can really benefit you in looking for a cybersec role. Secure programming and other roles in the cybersec field can be quite well paid. Going for Blue Team, completing the blue team paths will help you a long way. A lot of people would consider having Security+, perhaps pursuing Cysa+, BTL1 or other credentials, depending on what employers are looking for in your area

Thank you for the advice. Right now I'm struggling to land my first internship despite having gone to career services twice to have my resume tailored. I also have extracurricular experience and plenty of coursework and projects. I tried to condense it all into a one pager but I had to cut some stuff out. Do you have any pointers?

Gave +1 Rep to @rugged delta (current: #21 - 449)

Well at the moment the job market is a little turbulent, so hold tight. When you're submitting your resume, don't be afraid to tweak it to be more suitable to the requirements of the role specifically. There are ATS checker websites where you compare your resume and the job description and it points out what keywords from the role you could put in your resume to improve it

Yeah I may have to just take that extra time for each application. It sucks because it's exhausting to spend hours on applications to not hear back or to get rejected

This market is awful, there's people with Bachelors and masters applying to the internships I'm applying to

Could I post my resume in here later to have someone look it over?

This is golden. I didn’t know about this

Yep, well they're using systems to check your compatibility, so you should too 🙂

I'm looking to get into cybersecurity and only have restaurant experience. My current goal is to become a penetration or security engineer. I only have restaurant experience, and I'm trying to figure out how to best translate that into cybersecurity skills. Any suggestions?

For this exact reason, I don’t always think a “one pager” makes sense. Where your extra experience can help level you with someone that has a single line degree. As long as it’s concise and readable

I have my A+, network+ and security+ certifications, and just graduated last semester from a certification degree at my local community college

You need to start from the basics. Learn about computers, operating systems, networks, programming basics and build from there. Penetration testing is an advanced and highly competitive role space. There are lots of other roles in cybersecurity. Go to #start-here to find out more

thank you!

I have an updated version of my resume and I'm looking for advice on what I can fix to get a cyber internship

Any pointers would be much appreciated, whether with formatting, projects, or other info included

I think it looks great man. You’d be a prime candidate for an IT intern in my book.

Anyone have advice for someone going into a Network Technician interview with the CompTIA trifecta of certs?

Thanks dude, that means a lot

Idk why but I've been struggling to land internships. I've applied to about 50, even stating that I was willing to relocate with no assistance, and haven't managed to get an offer yet

Gave +1 Rep to @tall frigate (current: #469 - 12)

Wow, 50?! Must be extremely competitive, or the companies know they have time & options so they aren’t reaching out yet. Not sure. One thing that may transition from job resumes to intern resumes, maybe try to match particular skills mentioned by the organization you’re applying to inter for on your resume. For example “cloud security” if they mention thats a desired skill. I’m not saying be dishonest, because based on what I read you probably already have at least some of the skills they’re looking for. And if not, you’ve proved you’re more than capable of learning somewhat about it by yourself. Keywords are huge in filtering interns/applicants.

Maybe they are waiting for March or something, idk

A lot of the places I've applied to haven't outright denied me, but they've closed their posting and haven't reached out

I really appreciate the words of encouragement though. It's been a rough past few days

Some may never respond tbh, I gotten official rejections as long as 2 years later

Yeah that's happened to me, not quite as long as 2 years, but I did have a fast food joint reach out and ask for an interview and I responded "I applied to that over 5 months ago..."

That was back when I was 19 though

I expect it’s the changing of roles. New person inherits the old flow and is more organized and starts cleaning up the mess of stale apps they were given

Absolutely I mean you have a great GPA, know multiple languages, projects, know good tools. You’ve accomplished a lot so far.

Must be. Either way, I had already accepted an offer (and frankly a much better one lol) so I had to decline

And that's how I got to Aldi

Just gotta keep it pushin

Maybe I can look to add another security project

Do you have a career & dev center at your school?

Yes, and I've been multiple times. Honestly, I didn't find the lady who helped me the first few times on my resume very helpful

This most recent one i just sent, i sat and did for a couple hours with my brother who's a business management major

And I think we cooked because those 50 applications I haven't heard back from used the old resume from career dev

Ohh man yea that could’ve been the issue.

The old one just lacked character. The descriptions for my job were long and quite frankly not relevant to IT, and the way she had my skills section organized at first was not ideal

She advised me to avoid putting down skills like Wireshark because I wasn't an "expert" in it

My brother told me as long as I have a working knowledge of it, that counts for something. It's an internship after all, and the recruiters should be aware of that

For what I’ve read about recruiters/hiring managers is that it’s super important your skills match the description. Like make different resumes each time tailored to the specific application for best chances. You only have to change a few things but it greatly increases your chances at being seen & standing out.

Yeah, i have to start playing by that strategy. I was also told to make a master resume, not to apply to jobs with, but to be able to pull things from to tailor resumes

Like you said you don’t have to be an expert in every skill to list them, but be sure to be able to talk about it. Master resume sounds like a great idea.

I have been applying constantly too but most positions have been posted like a month ago or something and new posts get like 100+ applications in like minutes

I have given interview on monday but so far no news☹️ application still shows in process, hopefully i get this one

Are you currently in school?

What does your resume look like?

Larger orgs internship application windows are typically the fall before the next summer. So September/October/November 2024 for Summer 2025 as an example.

@stoic cave This is my current resume, and I am still in school.

I've seen quite a few opportunities for summer still being posted this month so I've just been applying to those. I could've been smarter about how I spent my time in the fall, as I was interviewing with just one company at the time. I thought I had it locked up but they dropped me after the final interview. The person they picked up is a Master's student which i thought was ridiculous since their job description said "juniors and rising seniors only"

@trail rain I am sorry

I am beginning my career in cyber can any one help me with the roadmap

Check out this roadmap on THM 🙂
https://tryhackme.com/r/hacktivities

Hey I'm seeking some interview advice. I applied for a Network Technician position for the organization I work for. A few months ago I applied and interviewed to be a security technician helper, they ended up hiring someone more qualified. Anyways I've now applied and emailed the network manager expressing my interest. I'm sure this is a competitive role and I was wondering if you've any ideas how I can get ahead before/during/after the interview?

Sup guys quick question do you guys think Codecademy is still a good platform to use?

I would definitely recommend it 🙂

Yessir thanks 🫡

Is letsdefend good

For hands on

Yes and they have like labs you can do

And that’s how Im getting hands on experience too to start my career in IT/Cybersecurity

If you want really solid blue team labs try cyberdefenders

you got to fix the formatting man its a little hard to look at (formatting wise)

Any particular recommendations?
That's a fairly standard CV format. Classic and simple.

just from looking at it i would add some spaces between projects

add some lines for each header to separate

it just looks messy at first glance

Decent use of whitespace. Good distinction between the different levels of headings. Conveys the information succinctly (which is exactly what a CV should do).

Yeah, that's a waste of space on a CV. A recruiter will look (rule of thumb) at the first third of the first page. You want as much eye catching stuff as possible in there. Whitespace draws the eye to, well, nothing.

its a resume no?

Thanks for the feedback. Do you have any pointers on what I can do to make it better?

Gave +1 Rep to @undone shore (current: #10 - 821)

Correct

Curriculum Vitae. Résumé. Whatever.

its not the same

Okay. Let's be pedantic rather than colloquial. It's a résumé.

theyre called completely different things for a reason man

Will have a look when I get to a PC. That said, I'm UK, not US. You might be better with Moose, Juun, or Zojja.

Colloquially your typical employer doesn't draw a distinction, especially here (UK).

Sure, if we're being technically correct then a résumé is a summary of an academic style CV. The abridged version of the same document.
Again though, at least the UK (if not elsewhere) will just use "CV" to refer to an employment CV (pretty much identical to what the yanks call a résumé), not an academic CV.
If you want to be pedantic, sure, different docs.
If you want to be useful, don't split hairs

Pretty sure we use the terms interchangeably in the US as well

Although we don't use the term CV often

must be a location thing

Yeah there are very few positions where I've seen a distinction drawn between the two. We're talking mostly academic or educational positions for the most part - everywhere else pretty much uses them interchangably in the states.

theres more of a distinction in north america

There we go then 🤷‍♂️

Exact opposite over here. CV is the normal way to say it. Résumé comes across as being very American.

Somewhat ironically given it's French

Yeah, the first time I spoke with someone from the UK and they asked "what does your CV look like?", I responded "???"

Ahahahaha

But yes, lesson of the day: if we're taking the traditional definitions then they are indeed, technically, different documents.

Yeah the most complicated you'll see it, and I stress again this is specifically for research/academia, you'll have your CL, your Resume, and then maybe you'll bring a CV during the interviewing phase.

But in regular dialogue the terms for resume and cv are essentially interchangeable.

Generally in the US if a CV is requested it means they want transcripts and documentation referencing any academic publications

Struck gold today boys

Found an internship with only 2 applicants (I have no idea how)

I’ll apply, give a nightmare interview just before yours. Then you waltz in like it’s Easter Sunday

https://tenor.com/view/christ-resurrection-jesus-gif-9134538576179005668

Hahaha I cackled

Lol

Every position i see has like 100+ applicants in like one hour

Hello everyone! My goal is to transition into an Application Security role, and I’m currently working through the TryHackMe Pentester Path. I’ve completed 60% of the Cyber Security 101 course, which I’ve been consistently working on for the past month and a half. However, progress feels slower than I’d like. I’d really appreciate any advice on how to approach my learning more effectively.

And is there any measure of success I should aim for everyday? Should I focus on time spent daily, the number of rooms completed, questions answered, points earned, or perhaps a combination of these? . Thanks in advance for your insights!.

Month to two months seems perfectly fine for Cyber 101 . Don't focus on the time spent focus on the things learned 🙂

@keen tundra thank you, but about the second point how can I measure my progress

Gave +1 Rep to @keen tundra (current: #2 - 2239)

I would recommend you to try some guided CTFs since you're at 60% of the Cyber 101 path . Try the one that I will link below + you have a video walkthrough 🙂 . You will see progress over time as you learn new things and things start to get easier 🙂 .
https://tryhackme.com/r/room/basicpentestingjt

You can go and try CTF on Root me and earn a good ranking : this will show not only your understanding of the theory on THM but also your ability to dive in practical subjects autonomously.

Hey guys, I’m considering switching schools to one that specializes in Computer Science (specifically Cybersecurity and IT). For those of you who are currently Computer Science students, what’s it like?Any advice or insights would be really helpful as I’m not sure if I should make the switch.

Thankyou bro , will be doing that.

Computer Science as a degree isnt worth it, but if you have electives focused on security its good

And focus more on what projects you do

What program are you currently enrolled in?

I live in switzerland it's a bit different I'm in something that you call college that is focused on education

What type of projects as example

Ohh

I've seen some job listings and most of them want you to have a Bachelor in something like computer science since that's the closest to cybersec

Tbh i learned more about cyber through tryhackme than i ever did on college courses

But the fundamentals is what you need

Like maybe setting up a firewall or setup homelabs to test scanners and pentest tools

Or build a secure authentication system

Check out unixguy and madhat

Hmm alright thats a great idea but I dont have the skills to do that yet

True

Alright thanks 🙂

Gave +1 Rep to @whole frigate (current: #1045 - 4)

For jobs they use the degree as a factor to process candidates

Having a basic degree helps in that case but the recruiters really dont care what college you did your degree from

Yeah prob not I don't think they care about that as much

If you can find a cs degree focused towards security go for it

Core cs made me insane

Yeah I'll take a look

What is that

I could never deal with abstraction of maths and theory of computation

Basically the normal cs degree

Well yeah I understand

Computer science

ah alright

If you dont mind can you show the program subjects

Well what I've seen there are some Cybersec focused Masters but not really bachelors

If you do have it for the security thing

yeah one sec

Yep

That’s because computer science covers all aspects like cyber, software and a lot of things, those form the basis of most other domains. That is why there are electives for those who want to major in it

Ah alright

I found two I'll show you both

Aight

What did you mean by program subjects exactly

you there @whole frigate ?

Yes

I found 2 which are specialized on cybersec

Informatik?

What is the third one?

No idea

That means Computer Science

Hmm

Click on it and show me anything related to it

which one exactly?

Hold on

So three options

yeah one normal computer science and 2 specialized in cybersec

But in order to be able to go to any of these I need to complete the school I want to transition to

I dont really know what supsi means

That is your current school yesv

?

It means this Swiss University of Applied Sciences and Arts, Fachhochschule

FMS

its like a college

Because when i applied to colleges in germany we didnt have comp sci degree itself

but I'm thinking about going to IMS which is like a computer science focussed college

The only english taught course was information science course with cs subjects

Yeah because this what I'm showing is after college

Ohh

That would be better

Ah I don't know

Idk what they actually teach in applied sciences and art

Yeah do you think I should try to switch to there

Deffo not cyber for sure

Try to talk with some professors or anyone you know there before switching

I don't know but this school is just part of the SUPSI

Know more about subjects they offer before jumping in

Alright I will

Send it here if you can

Understood

So what I know is they teach 10 Lessons of computer science which is 1/3 of the lessons in a week

and different subjects are probs Math,english,german,french so on

Math is core part of compsci

But languages depend on where your school is

Yeah so prob alot of Math aswell

Yeah we have 3 languages in school here

Make sure they teach OS, networking, software, databases, programming languages or something like that and lots of electives

Focusing on security

Nicee

I'll ask a friend

For masters you do have cybersecurity focused degrees but thats for later

Yes

there are also bachelors with cybersecurity programms that you can choose

This is what the school I want to transition to say on the website: The core of the education is the subject of Informatics, with ten lessons per week. Additionally, you will deepen your knowledge in subjects you are already familiar with (languages, mathematics, etc.) and learn new subjects such as finance and accounting or business and law. You will apply theoretical knowledge practically, work in groups, and learn programming from the ground up. Furthermore, you will be introduced to the fundamentals of systems engineering. You will also learn how to organize yourself and work independently.

I don't know why they add finance and accounting

Oh then its not the right one

Why not

its the college not the bachelor

Oh okay

I thought it was part of the program

There is no more focused computer science college than this

I'll show you the program of the supsi one hold on

That is bachelor tho

This is ideal

Perfect

Just make sure you practice through tryhackme as well regularly

Yes🫡

But I'll have to complete college first

Atb

Thanks alot 🙂

Gave +1 Rep to @whole frigate (current: #896 - 5)

The only weird about this one is that the bachelor takes 4.5 years to finish

4 years is common for Computer Science, some are 3 years, 4.5 is maybe coz you have the project component and seminar thing as well

Ah alright Thanks for your Help🙂

should i get an NCAE accredited bachelors in cybersec at a big college for the networking or would i be able to get away with going to a smaller accredited uni or even a remote one like WGU?

There’s plenty of networking opportunities available at WGU, they offer a career & development center that can help you build a network. I chose WGU because it’s more convenient for my schedule & costs less than the majority of universities around me.

Do not choose big college only for networking. This can be achieved more affordably aside from being an enrolled student there.

WGU is based in Washington State?

I'm a senior in highschool, with coding minor experience and and a passion for cyber security and Dev. My math record is very poor. I have only taken geometry and algebra one in highschool as where I am from an engineering class counts as a math and I only need three math credits to graduate HS. What maths do I need to even begin thinking about what degree I want to go for in either sec or dev?

I have applied for around 300 jobs from the past year and still haven't found a job as frehher. Most of them asked for a prior experience but I don't know how to get experience without a job. From these 300, I have been selected for interviewed for less than 10 jobs and then rejected eventually for unknown reason. Any person here that can guide me?

I am Indian

I am in the same position as yours except maybe at 60 applications at this point. I think applying blindly doesnt net you interviews

Tailor your resume to the specific jd or role or apply to those jobs in particular. And make sure your resume is formatted well. Another reason might be if you have less experience as a fresher, so do more projects and display that relevant skill on your resume

You can do some tryhackme labs and practice with those tools or you can setup your own labs in vm and do it as well

Also try to apply as soon as new postings are listed, chances of getting your profile processed is less if the posting is like a week or more older

Half of my applications are like that, January is a good month for new opportunities so keep trying and dont give up

doing the same

all the points following

@bright spruce @whole frigate What kinda jobs are you applying for?

same here

Remember: cyber is not an entry level sector, as a general rule. Jobs with zero experience requirements are few and far between

aiming to become a soc analyst, so I am applying for it jobs mostly

Entry level analyst roles

And cloud sec roles too

I know but still worth a try

If you go straight into cyber then SOC is likely to be your best bet, so that's a good start.

Soc analyst L1 is probably go to

There are some companies offering internships as well

Any previous IT experience?

True, it became evident after much applications but i don't know
what's your take on even getting intern roles in offensive side

no

I got through an interview for a finance company its more or less early career graduate role but if i get that confirmation i can scale up anytime later

Project wise i got but not real work experience

Did an internship but its not heavy related to cyber although the project we did was related to it

share please 👀

Internships for students are a good way to get a little experience, aye. If you're offering internships then it should be strictly on the assumption that the candidates are there to learn and get experience. i.e., you don't expect them to be functioning at the level of an employee.

24x7 linkedin camping

Good. Are you pushing that in your CV?

True

Yep yep

Did quite a lot of projects during my college that actually sticks with cyber

Like firewalls, vulnerabilities scanner and authentication system we built

All else fails, that's how most people get into cyber. Through something like help desk / software engineering / systems administration, etc

Infosec course saved me in prefinal year

I am an undergraduate now and not in computer science.
Feels like this is putting me at disadvantage lately

Thing is getting into helpdesk or IT support does require more experience too(in india)

Idk elsewhere

wait, you could get into support but the working culture is quite toxic.

Not in computer science won't be helping.
My undergrad was a specialist security degree. I had a part time pentest job with a bank by the end of third year, went full time after uni.
Don't let being a student get in the way.

Rip

Almost all companies liek that

Cope

This path I don't know that particularly but yes as @whole frigate pointed out sucks in India, I have had experience, not work but shortlisting and interviews

Are you btech cs?

yup

B.Sc. CS

Ouu nice

Might i ask which college?

DU (sorry not sharing college)

Ah np

So you are looking for cyber roles right?

do you have a specialisation?

yes

No specs

Just core cs

core is gold

Nice atb for all of us ig

salute

Linkedin pushing new roles

I am literally camping 24/7

lmao not 24/7 but yes, there. looking quite frequently i would say

No i am actually doing it lol

I got your part, I meant me XD

I have completed actually 🙂 and quite on the edge right now, getting hit by extreme reality but coping up, so will get by

Within the one hour i missed scb, zerofox and kpmg pushing their posts

goodluck though, I hope you get a good role soon.

Fr

damn, that's fast T_T why are they in such a hurry

Mone

Nice

@undone shore you look cracked kind sir🙏🏻

Thanks for giving insights

I meant this in a good way

gotta be sure lol while giving compliments but yup, that pentesting job is noice

I should give pentest a try after completing the soc path on thm

hmm go for it

Hi to everyone ,

Does anyone know what’s the situation on the market for entry level jobs ?

country?

United Kingdom 🇬🇧

Try to check #jobs-board 🙂

Thanks

Gave +1 Rep to @keen tundra (current: #2 - 2280)

What months would you guys say are the best in terms of jobs becoming available ?

That would more than likely revolve around the market you're in, but without a study in your region not sure that can be answered

If you don’t mind me asking, have you finished your degree at WGU and if so do you think it made a positive impact career wise? Just asking since I’m planning on starting there soon and wanted to get some more insight on the school itself. I was not aware about the networking opportunities that you mentioned

No im over halfway done though. At this point ive earned A+, Net+, Sec+ though and could already make a career change (which im trying to do by applying to various roles). Theres a best way to do it that involves doing research on your courses and studying them for free before enrolling. If I could go back perhaps I’d really exhaust my free resources before hitting the ground running. People have earned a bachelors thru WGU in 6 months doing that.

Yeah so at the moment I’m waiting on my transcript evaluation to be completed and certs as well and then was going to do as much as I could on Sophia/ study.com. Are u also in the bscsia?

Okay I see thank you. I’m in the Los Angeles area so Im just trying to stay on top of applying to roles before the market dries and I spend more time in my current role lol

Gave +1 Rep to @stoic cave (current: #20 - 490)

Yes thats what program I’m in. I highly recommend Prof Messer A+, Net+, and Sec+ videos to get familiarized with the competencies you’ll be tested on. But tbh I’d spend like an entire 6 months learning all 3 of those exams, scoring well on practice tests, then jumping into your first semester. Will save you thousands

Thank you for the tip. Fortunately I’m transferring in my A+ and Sec+ and my ccna will take care of the net+. But yes professor messer is a gold mine and I highly recommend his practice exams

Not sure what you mean by the market drying, cybersecurity is heavily understaffed

Oh dude you already have those? You’re way ahead of the curve

I’ve just always seen that ppl usually say there’s a period when hiring really slows down

If you’ve already got those certs you really only have a few more to get thru the program mixed with some essays

Just a question? Do you pay full price for these certs or your uni sponsors it for you?

Coz these certs are mad expensive if i was to take it without any vouchers

If you're talking about October-December, that's more than likely due to the holidays with people not being in office and the US Government fiscal year rolling over can also factor in.

Wgu provides you 2 vouchers/attempts I believe for each cert

Ohh

Thats cool

Yes

You also mentioned the career and development center they have there. Have you used it? I wasn’t aware of that and I feel like it’s something super helpful

The overall market can also play a role, but I don't know that I've noticed a difference with the sector I'm in. We'll see over the next 6 months though.

Hopefully I’m able to move up this year. Im currently working in helpdesk so I’ve just been grinding apps

If by grinding apps you mean the shotgun approach, I don't recommend that. You should be tailoring each application to the role you're applying for. You have to remember that job hunting is a full time job in itself and you need to produce quality and not quantity.

I didn’t use it until the day I passed my Sec+, which was on Thursday XD. I only attended a webinar about careers but you can get someone 1 on 1 to help you network and find events, work on your resume, interviews, etc.

Yea I’m tailoring each one and refining all my points to best hit each point for the job. Quick question just want some insight. This is my first IT role but previously, I did work in food service for 4 years. Does it still benefit me to keep that role on there or should I get rid of that and make room for some more points in my current role or just another section? Reason being is that I’ve seen it emphasized a few times that customer service and soft skills are important in this field that’s why I’ve kept it on there.

Definitely will take advantage of this thank you

Gave +1 Rep to @tall frigate (current: #440 - 13)

Damn it i should've gone to wgu

Dont even stress man. You have a great gpa and are almost done with your degree, which is one of the biggest factors employers are looking for.

Does anyone recommend completing the Google Cybersecurity Certification and moving onto CompTIA Security+ After?

Is your goal to land an entry level cyber job?

Yeah to begin with, I'll continue doing courses as I work my way up the ladder

I have a basic understanding on general IT, I just need to get my foot through the door tbf

alongside the knowledge and learning as I go

Thanks rev

I really hope i hear back from this IT intern position I applied to. There were only 2 applicants and the pay was pretty nice too. I was honestly suspicious at how low the applicant count was so I did a little research and found out they are a legit company in Michigan, but they're just small and not explicitly IT

Gave +1 Rep to @tall frigate (current: #405 - 14)

Try to find the right person to email & send them an email expressing your interest

Attach your resume/CV/LOI

A recruiter associated with their company connected with me on LinkedIn. Should I reach out to them?

Yes

Will do

In general it's always better to liase directly with companies

Recruiters will just be the middle man and realistically their looking to claim their COMM from placing you sometimes reducing your pay rate etc

I think having google cyber cert + sec+ gives you a chance at an interview. Beyond that your employment depends on how well you interview/demonstrate to the employer you will provide value to their organization. You have to be able to apply those certs & talk about the concepts or the interviewer will not be inclined to hire you.

@storm geyser this is best. If you could find whoever their IT manager is or whoever correlates to the internship thats best.

Taking a look rn, I'll have to check their company page

Absolutely.

Go through the company page on LinkedIn

Easiest way to find them, this is what I used when I was previously applying for roles in a different industry

Appreciate it, is there anything in specific you would recommend I engage/touch on away from these certifications? Especially when it comes to starting off.

My pleasure “) I would advise diving into the tools, processes, and applications that the role you’re applying for uses. For example, if you’re applying to be a SOC analyst be familiar with the tools they use, a SIEM being one of them. Practice using a SIEM like Wazuh or Splunk or something. Know what your duties and responsibilities will be and how you can carry those out.

Got it, that makes complete sense. I think the issue is just knowing where to start out. There's so much to learn!

It's always been of interest to me however, I just never managed to study Computer Science or go University

I appreciate the help and advise

There is a lot to learn indeed. Feel free to add me if you have any other questions. Also there are other roles that translate to Cyber that you have a better chance of getting, like in Networking for example.

Someones gotta run the cables, replace the cables, install the switches & server racks… install the WAPs/manage the vlans, etc 🤣

Help desk too. There’s a few pathways that merge well with Cyber. There’s an analogy for cybersecurity like a homebuilder whose been an electrician or a plumber has more insight into how a home is built/best practices building a home versus a homebuilder whose only focused on laying foundations, or roofing, or drywalling or something.

@dense vigil ima also throw in my little bit of advice. If you have a public library or access to one, you can get a library card and it may give you access to udemy for free and there’s so much security related content on there. From certs to tools to scripting all in one place it’s great

Its also solid to learn the basics of languages like Python/C.

Absolutely man. Youtube videos too!

Yeah I used YouTube for my certs. Have you learned splunk ?

Nope just a little Wazuh

There’s so much I want & need to learn I just cant learn it all at once. Paired with the courses I have to complete I’m just taking it day by day, trying to focus on whats included in the WGU program.

Yeah that’s good. That’s a problem I had/have. Just narrowing my scope. I’d wanna do like python / Linux / splunk so I’m just learning to focus on a few at a Time

Dropped you an add bro, thanks. It all makes complete sense tbh. I've always been procrasinating about starting, but started off the year telling myself it's better to start now than later.

Gave +1 Rep to @tall frigate (current: #381 - 15)

Oh, I didn't know this, is this for UK?

Yeah, I planned on including this into my study schedule. Do you have any recs for places or courses/certs?

Hmmm not sure about UK you can give it a try

Yeah, I'll check it out for sure

Thanks for the help!

Yes you can study for the CompTIA Trifecta of A+, Net+, Sec+ all through YouTube playlists. I would couple this with practice tests that can be found in various places. Theres a great one on iOS thats just called the name of each exam. There’s a few in particular that I used but the golden sheet is the competencies that CompTIA lists on their website. Find a resource that includes those. Read it and know the acronyms. Use Cisco’s free simulations, those will be very helpful for the actual exams. Find and study as many PBQ based questions as you can on YouTube, even the ones with only a couple thousand views.

Rev out here dropping free game

Perfect. I'll be sure to follow these steps. Thanks bro!

Gave +1 Rep to @tall frigate (current: #365 - 16)

Thanks. It’s a privilege to share information that helps someone else “)

Thanks “)

Gave +1 Rep to @storm geyser (current: #472 - 12)

Future mentor fr fr

Thanks man I appreciate your kind words a lot “) Some guys who mentored me are like Josh Madakor, UnixGuy, CyberKraft, Grant Collins, Jack Rhysider, John Hammond, Ryan Montgomery, Network Chuck, Low Level and more! Here is a playlist I have on YouTube of a bunch of helpful Cyber videos you should check it out and save it! https://youtube.com/playlist?list=PLfKVVOPWx3rVHpG14pLtOJ_ITVMU7dM_B&si=-6mb3df71aXFQNkP

Gave +1 Rep to @fleet breach (current: #1710 - 2)

Hello folks, i was wondering if there are any resources/guides to transition into a pentest/appSec role from software engineering. Almost a decade of experience with backend/fullstack development, cloud, etc.
Thanks.

Hi guys! I am learning bug bounty and also following the SOC path in try hackme, I would like to know if anyone would like to make a studying group and try to find some bugs!

You can check out #bug-bounty channel 🙂

thank you 🙂

I am trying to start my career in cybersecurity currently I’m using free sites like try hack me and free code camp to learn because by June 2025 I want to enter a bootcamp. but I feel like I could be doing more? Any advice or am I on the right track?

do you have technical experience already?

Not a lot I took a computer science class back in collage a couple years back but that’s as far as it goes in terms of experience for me

So in terms of experience I’m just a baby 😅

Learn the fundamentals of IT first

Holdup

https://youtu.be/v7BNtpw53AA?si=I83O81Icm_vEvmtE

Mosh also teaches python which is insanely good for beginners

Check it out

This

Ooo so this is a good way to start?

Dyor but this is just from what I’ve seen as well but people tend to be wary about bootcamp

Yeah definitely follow the THM learning roadmap. Especially pre security as you need to have an understanding of OS, networks, etc

I’ve seen that as well but honestly college is bit too much one my plate right now that’s why I’m considering the bootcamp

Bootcamps are cash grabs

I have seen some that charge like hefty only to teach nothing

Understandable. Just really do your research and don’t rush into it

https://youtube.com/@powercertanimatedvideos?si=LjeG8Pml93Nm_eEZ

I found this really helpful for visual learning

For all IT networking concepts

Thank you guys I’m still fresh but I hope I’m a year my skills will be up I don’t expect a career right off the bat but I still want to give something others can really see and acknowledge ya know?

Yes

Do some basic projects as you go

^

To demonstrate your efforts taken so the recruiters would know

I just did a project rn my brain is fried lol

You want to learn

Which

Josh Madakor’s cloud SIEM. Setup a VM in the cloud as a honeypot and then collected logs from it to display on a map showing login attempts

Where do you guys do these projects? Like what programs do you use?

Yooo thats fire

I was gonna try to do that

Since i have way less experience with SIEMs might as well do it

Azure has changed a lot since he put up the video so it was slightly more difficult but comments do a good job of explaining it

Depends

I had someone on reddit suggest to me searching cybersecurity projects on YouTube

If you want to build a system lets say password checker or authentication system, python is the way to go atleast for me. Setting up a web app through flask is easier but you can use any programming language like javascript(html, css for style and visuals) and connect it to backend

Other projects like firewall can be done with basic setup requires minimal coding

Youtube has so many project ideas you can take notes from and do

Oooo these are all good ideas thank y’all because for a sec I was so confused 😭I mean I would go on freecode camps everyday and I just started thm but I felt like I needed more to learn

Freecodecamp is a good place to start

But its just that thm gives good practical knowledge

Plus thm’s gamified approach makes learning fun:3

There’s a lot to learn in this field lol

Constant learning

TIL vpns are not secure 😭😭

All that incognito browsing gonna be my downfall

Question for all, is being a pentester a good option, from everything i see in the hacking community it seems like such a saturated title, so I simply am unaware if jobs are actually often available to them?
?

yea but pentester as a beginner is akin to someone without their drivers license trying to become an F1 Driver and start racing against other F1 drivers. Better to start at help desk, networking, hardware, SOC, Sysadmin, etc.

So if you wanna break into the IT field and don’t really have a lot of IT experience is the SOC analyst the right way to go or is there something else to get started?

that's a good path, so is GRC if you have limited IT experience

Any paths for general Appsec if you have development experience?

actually yeah

so you can do strait appsec (dast, sast) - I so app sec reviews for my org

you can help with SDL training, and also DevSecOps, depending on the type of dev you did

Knowing the OWASPS for web, api, and mobile would go far

the SOC analyst is typically not a beginner role unless you have practiced and studied the tools/processes a SOC analyst uses. if you want to break in to that role specifically, you need to be very familiar with what they do and how they do it. if you really want to increase your chances at breaking into the field, consider studying for certs/joining a college program like WGU.

SOC and blue team are generally what people fall into to begin with

lots of people call it the "beginner role"

since you're just using a lot of GUI, and mainly performing high level analysis and maintaining systems

lots of splunk

Question: School vs. Self-Study/Certifications

Hi, I live in Norway. A couple of questions and some info: I’m looking for a way to enter IT. If you have time, take a quick read:
1. I can’t join a regular college because of work, family, etc. I also can’t sell my apartment.
2. I don’t mind spending money on certifications, TryHackMe, etc.
3. I can attend an online college for $37,000 over 3-4 years to get a bachelor’s degree. The program I can enroll in offers this Bachelor’s course: Digital Assurance and Security Management.

I can provide more details, but in short, the focus is on jobs within these roles:
Career Opportunities
After completing the program in Digital Security Management and Supervision, you can work in roles such as:
• Cyber Risk Manager
• Regulatory Compliance Manager
• Security Specialist
• Internal Auditor
• Information Security Manager
• Privacy and Compliance Officer

4.    Alternatively, I could use TryHackMe and earn certifications that are valued in Norway. Based on job openings, it seems Microsoft and Cisco certifications are the most in-demand. I’ve looked at around 40 different cybersecurity job listings. Only two mentioned CompTIA, while the rest prioritized Microsoft and Cisco certifications.

I could also try to find a first-line IT support job that requires minimal knowledge as a starting point.

The problem: 90% of jobs want a college degree or lots of work experience.

Goal/Plan:
I want to get into cybersecurity, specifically a SOC or blue team role.

I talked to a cybersecurity professional here in Norway, and they recommended starting with these certifications:
• AZ-900
• MS-900
• AZ-104
• SC-300

Thanks for reading! If you have any tips, I’d love to hear them.

• Edit, spell check ++*

Hello

Hello forest demon 🙂

What job or position in cybersecurity does the Cybersecurity 101 certificate make you competent for?

sort of all around entry level digital security

it gives you a little bit of everything, but getting a job will usually require an industry recognized certifciation like CompTIA Security+ or similar, and/or work experience

The CompTIA certificate is expensive though🥲

they can be, but it gets you through thte door

Well, in that case, what about SOC 1 and SOC 2?
Is SOC 1 enough to get you a job? Or do you still need to complete SOC 2 to be competent to become a security analyst?

Gave +1 Rep to @wheat quarry (current: #510 - 11)

WIth Soc you want to know your tools, interfaces, and how to do reports

a lot of soc jobs are considered entry level from what ive seen so id assume some dont require you to be super certified right out of the gate

at least the jobs i have seen arent like that

yeah A Sec+ or ISC2 CC is usually enough to get past HR

then the hiring manager is gonna want to know what experience and knowledge you have

yea, depending on the job, some ive seen just require bare bones knowledge

That's good to know! I know a few entry level that will be happy to hear that

Starting to wonder if I should just start applying to jobs instead of these damn internships

@jake or both

100%, ive been looking for jobs in the entry, remote position for soc analyst and most of them require what youll learn in the pre security, security 101 and soc lvl 1

at least for entry level positions, im sure the requirements will change depending on experience level they want

for sure

Thats good to know, really

I've been getting discouraged by the job market because I feel as though I have a good resume and lots of experience through school and I can't seem to get calls back

I've seen a lot of need for like Linux Sysadmins and DBA's with little to no experience, basic idea of SQL or CLI 😄

These internships are so competitive there's 100+ applicants within 24 hours of a job being posted

try with soc, theyre more beginner friendly in terms of having 0 work experience

ive applied to a few and 1 contacted back but i declined for the programs they wanted me to download

How many is a few if you don't mind me asking

I'm just trying to get an idea

Wait, doesn’t all that also depend on which country you in?

i think i applied to 10-15 jobs, i was just going through ziprecruited and indeed and applied

i delete the ones that decline from my applied tho, but most likely around 15

I worked through Teksystems, contract to hire, worked well for me

granted they were the remote ones so the selection was a little more limited than in person

Indeed, I only look for remote as well

i dont live near a city all the ones that pop up for in person is 45+ minutes away

that was the same when I started out

the only job that responded back wanted me to install a program where they can anyviewer as a manatory thing

on my personal device, like nah im good

yeah, nah, I agree man

i could care less if they provided me a device but not my personal

no exactly

we're doing a big BYOD push and in a very stubborn market 😄

some don't even have smart phones 😄

and yet they want us to use their programs on our personal devices

job listings are funny too, seen one that wanted you to be clean cut, suit and tie, completely virtual job 😭

to be fair I'm completely remote but have that same dress code

If you don't have any experience or background in IT, you are much better served going for a role like Help Desk

Ok thanks I will look into that it is just hard to find them. Any special places I should look?

Gave +1 Rep to @flat sedge (current: #11 - 797)

Any jobs board or job seeking website is going to be a decent enough place to start looking at what is expected for those kinds of roles

Subject Network+/: Anyone here purchased the MastersCert from CompTIA for the hands on labs and performance based questions (PBQ), if so, was it worth it??? Or is there a better way. Already have Security+. Completed Pre-Security and 50% Cyber Security 101 labs on tryhackme. I think I almost talked my Boss into cross training me for Cyber Security and pivot off the factory floor, to which I was stuck in for 10 years, without any IT experience.

🇮🇳👍

If someone else is buying, then yes they are worth it. But I believe @tall frigate has quite a few sources for the pbq’s that are much more economical. If you scroll up a bit, or search this channel you should be able to find it

Alternatively, you can utilize ciscos’s netacademy for some free networking knowledge. Just keep in mind they really gear it towards their specific products but the base networking knowledge transfers really well. Especially if you combine with professor messier and others for net+ specific terms

I used certmaster but only bc it came w my school program. Use Ciscos packet tracer or GNS3 to prep for PBQ’s and watch all the YouTube videos you can find about Net+ PBQ example. There was an indian fellow who would always start his videos like “Hello Frens!” His were helpful. Please please use the free cisco simulations and trainings tho it will help the most. There is also a great app on iOS called CompTIA Network+ exam prep or something, has tens of thousands of positive reviews, use that to study for multiple choice & familiarize yourself with terminologies

Yes this playlist is the videos that have been most useful to me since starting school some really great sources in here

https://youtube.com/playlist?list=PLfKVVOPWx3rVHpG14pLtOJ_ITVMU7dM_B&si=MvZIHabgrDHEcADb

Hello everyone, I hope my question is not too off-topic for this channel. I recently had a first-round interview for a specialist information security position as a student. I have the second round coming up in a few days, and the interviewer mentioned that I should have a browser ready for some scanning tasks.
I have no idea what kind of questions might come up in the second interview. Has anyone experienced a similar practical test before? The interviewer didn't provide any more details about the practical part, and since it will be a live test, I'm feeling a bit stressed.

Yoo thats fire

Atb for your interview

appreciate that dude.

Ok. Thanks. Will do.

Gave +1 Rep to @tall frigate (current: #294 - 21)

Hey there, hope everyone is doing good. I just want to ask something, I'm gonna start my internship in February as a soc analyst, and I want to be the best prepare possible. I know the company work with google cloud so im getting a core fundamentals cert in coursera, the interview was full about networks and it went well so good in that way, I'm just open to advices of things I should know to go there and star my career the best way possible.

Hello all ! I was wondering if any of you lovely people could help me out. I'm very new round here and I'm in search of a major career change. Does anyone know of any courses i can enroll in to get a job on help desk ? or even a route into being on the blue team or in this area? Any help would be amazing. Thanks guys and hope you're all having a lovely day! 😄

If you have no experience, the unofficial gold standard is kinda the A+. It’ll really help learning the basics.

does anyone have any suggestions on where to take CompTIA exams? Either in person or online? I've heard mixed things regarding taking it remotely

I don't have CompTIA certs , but I took few cert exams online , never had any major issues 🙂

If you take it online, you have to download and use their software(unless this has changed since I did them online)

thanks guys

If you can do it in person, I would go for that....doing it remote I feel they ask a lot of you and then you have to make sure your web cam is working...nothing on the desk, etc.

In person, you just show up and everything is all setup for you.

yea thats what I was thinking. since Covid my brain has been trained to just do everything remotely. But I already have enough stress with taking the exam itself. Not really trying to deal with any other circumstances

If pearsonvue messes up, which it has for me on multiple exams.. there is a possibility you have to reschedule and retake. Thankfully I’ve never experienced this. Unfortunately since both in person & remote testing uses Pearsons proprietary software it doesn’t really help to go in -as long as- your system meets all requirements and you have no issues with peripherals like webcam or anything. I’ve been in the middle of an exam when ATT was having major outages & it cut my webcam feed. Thankfully I did not have to retake because eventually it corrected but it can be a very stressful experience if something goes wrong..

So i get the whole desk measures they put in place. But say I have a PS5 sitting on the right side of my L shaped desk, will they want me to remove it?

Probably.

Not likely. But they might. They allow my printer next to my desk just no paper inside

As you can access a web browser on it.

@broken idol do you have any suggestions/preferences for online vs in person

I prefer my exams in person.

I've seen some horror stories about people having their exams revoked for stupid reasons.

That's true. I almost pissed on the floor taking sec+ exam online.

I thought about doing this before I sat for the exam. On my floor is not an ideal pissing location but I told myself I totally would if I needed to. I just used the bathroom before the exam tho and was good.

I’ve always taken mine in person. People have always recommended in person. I’ve never had any issues

@tall frigate I had a wgu question. Not sure if you’ve taken one yet but those assessments they do, the ones that aren’t cert exams, do they proctor those?

yes they do

Is there only specific times where you’re able to do this? Just asking cuz I work full time and was wondering how that worked

You do have to schedule the exams, I believe they're schedulable any day during the week. I'm sure you would be able to find a time that fits within your work schedule. ")

It's been months since I've scheduled a WGU proctored exam so I don't know the exact dates and times they're available but I've never had any issues with them.

preciate you guys

Thoughts on how comptia certs won't carry the same weight because of certs like the ones given by THM, TCM, and HTB that demonstrate practical skill?

I've seen multiple cyber recruiters post on linkedin about how these other platforms make much better candidates

Depends what role you’re trying to get into. The certs you named like THM & HTB are relevant to specific industry roles like pentesters, soc analysts, and other higher level positions like that. Those can best be compared to CompTIA’s Sec+. However, if you are trying to get into something more hardware/network oriented then the A+ and Net+ are good. Cisco also has great, nay, the best certifications when it comes to Networks. Their hardware is used in a ton of workplaces. If you’re going for a SOC or pentest position then your THM/HTB certs are more valuable than A+ or Net+ “)

yeah it seems theres more clear paths popping up for soc analysts which im excited for

and pentesters

Im glad these platforms are coming out with so much material but I wish they had done it sooner lol

I've worked in IT for a couple years now following the path to work up to cybersecurity

but if I could've used these platforms years ago i feel like it would have been a way better use of time but hindsight is 20/20

To give CompTIA credit regarding Sec+ and what I know about SOC related positions, their certmaster has like 40 labs, some extremely useful for learning bare bones Windows security practices. (They have many labs using a Kali VM too) I’d say it would help more applying for a SysAdmin role where the org uses Windows workstations. There’s a little bit of vulnerability management in Sec+ but they have completely different certifications for that kind of specific stuff. Also something to consider about the A+, some people are just looking for a job at Best Buy on the geeksquad installing/repairing hardware. That cert will certainly (no pun intended) help you land a role doing something like that. “)

Where can these labs be found? I have CertMaster for Sec+ and all Ive seen are modules of questions.

Wait perhaps thats not a part of certmaster.. 🤦‍♂️ its from WGU I guess

Sorry about that

see you got my hopes up that I missed somethings lol

its all good

I really thought it was a part of CertMaster & CompTIA 😭

So you got labs to help with Sec+, im jelly

Yes but I dont feel they helped with Sec+ but rather prepare you to do practical tasks. They’re completely optional

The PBQ’s on CompTIA exams are always so mundane

If you’re gonna be taking Sec+ do the Cisco free stuff

Learn packet tracer

I didnt like my practice test scores and I thought labs would help, but oh well...

Trust

oh definitly I have the CEH going over there.

Some labs might help but I didnt feel like they did for what I got

The labs are very real world scenario oriented & honestly every PBQ is too

Im going to have to work my way through the certmaster again. My problem is THM and Cysco hold my attention better and are more interesting to me

But still extremely unrelated. Funny enough the CompTIA exams grading rubric is confidential, so we don’t know exactly how much the PBQs weigh.

Totally understandable

Ive heard sugjestions to do them last, not sure if that means anything as far as scoreing

Yea thats the best thing to do absolutely

Ive been studing for Sec+ for a while I feel like I should have more understanding. practice exam score was 68% smh

PBQ take me between five and 15 minutes that’s one reason to save them for after the multiple-choice another is that you may pick something up from a multiple-choice question that helps you on the PBQ

If you have an iOS device, I suggest downloading the security plus app

Diversifying your training methods is the best way to prepare for the multiple-choice

Which practice test was it?

Have you done domain review for each chapter?

Not entirely sure if this is the best place to ask the question but wanted to get the nudge and make sure im looking in the right direction.

Currently studying for the Pentest+ after getting my CySA+ and ISC²:CC this past fall. Doing the Masters in Cybersecurity and Information Assurance at WGU. Wanting to use more hands on with TryHackMe in addition to some other platforms like Udemy, Certmaster, Practice Quizzes/Exams. Especially when listening to videos is more challenging during the day while logged in to work.

My question is would the Jr. Penetration Tester be a good pathway to start with? I have 0 experience in regards to the Pentest+ minus what I've done so far with Udemy and some Certmaster. I'm also curious if there are others who have been in a similar to place as me and what they found useful specifically with TryHackMe.

They have a CompTIA Pentest+ path on THM. I did that and the whole penetration tester roadmap

https://tryhackme.com/r/path/outline/pentestplus

This helps me a bunch

I just added it to start tonight

I know it might be tough but my goal is to certify within the next 1-2 months. Life been getting tough with time in the day and in the way to get started sooner and really dig in.

I'm also trying hard this go around with THM and utilize this discord more.

Sweet, also they have a voucher so you’ll be able to save some money on it

I’m sure you’ll do great

WGU provides "paid for" vouchers since the cert/exam is part of passing the course

Thanks man

I appreciate it

Oh nice! That’s awesome

Also wanting to start networking on here, more just meet others out there

Since you have CC take advantage of the ISC2 meetups

You’ll find some like minded people in your area

Help land a job around you

Yeah, I need to do that. I read about it recently but havent taken the time with it

I'm pretty happy with my current job as a wfh system admin but the goal is to add certs to my "toolbox". Switched careers last summer from Teaching (retired after 10 years) and jumped right into my current job and has been a great job, experience, learning, etc.

I appreciate you taking the time @merry axle

Thanks @merry axle

Gave +1 Rep to @merry axle (current: #408 - 14)

No problem. See you around in the chat :) take care

Appreciate you brother

Anyone here in Web App pentesting/App Sec that I could ask some questions about pathways etc?

Do you mean about THM pathways or 🙂 ?

Inclusive of THM pathways yeah, looking to seek advice on entering the industry and whether my approach is appropriate, e.g. platforms, certs I want to tackle

i'm currently a security engineer, but started as a security analyst intern. if I had to start over I would've setup a home lab sooner.

For a home lab I would do the following (if resources allow), i'd suggest setting up three VMs one running a Wazuh server, one running a domain controller, and another running a windows workstation (and add in a Linux server if you want some more experience). I'd install the Wazuh agent on the domain controller and windows workstation, then work through this course https://www.youtube.com/watch?v=VXxH4n684HE. When you're going through different attacks, observe how they are logged in the SIEM, then create your own Wazuh rules to try to detect those attacks. Also, the MITRE ATTACK framework is your friend, it's basically a database of different tactics and techniques that adversaries use as well as how to detect (this is very useful for creating SIEM rules) and mitigate them.

Some might argue that this is overkill, but doing all this will more than prepare you for an internship and should prepare you for a soc analyst position. Also, don't worry if the company you're interning for uses a different SIEM than Wazuh, the skills you learn will be transferrable.

good luck at your internship!

Well I completed those paths on THM , maybe I can help you with somehing 😄

Just thank you, mate. Really appreciate it!

Gave +1 Rep to @torn quest (current: #2617 - 1)

you're welcome!

I'm literally a script-kiddie listening of Wazuh for the first time, Wazuh is a consider a tool, right? Just to make sure cause looks pretty similar like a Cybersecurity framework

Wazuh is a SIEM (so think of it like Splunk), i think tryhackme has a module covering it. if not it's pretty easy to setup, seems that John Hammond has a video on it https://www.youtube.com/watch?v=i68atPbB8uQ.

but basically here are the steps:

1. Setup a Linux VM meeting these hardware requirements: https://documentation.wazuh.com/current/quickstart.html#installing-wazuh
2. Run these commands: https://documentation.wazuh.com/current/quickstart.html#installing-wazuh

Yeh, more clear.
Thx again I was reading about your advice and I can only say thank you, thank you, thank you. I'm gonna try to make the home lab. Actually pretty cool because in my course of networks in the university we had to do a DC with a load balancer with dns so I think it's gonna be fun

Gave +1 Rep to @torn quest (current: #1714 - 2)

Also thank you for mention the MITRE Attack framework, I'm gonna start to read it.

I can't speak to the market in Norway (I don't know enough about the employers, their hiring requirements, what they're looking for, etc), but in the US I broke into cybersecurity two years ago by doing the TryHackMe paths, getting certifications, and setting up a homelab. I then got an online bachelor's degree which helped me advance my career. I suggest following a similar pathway, but would speak to professionals/hiring managers in Norway to see if this would be a good strategy for you.

I started out as a security intern. At that point I had no prior IT experience and only had a high school diploma. However, I was going through community college (2 year college) for an associate's degree in cybersecurity, had completed various TryHackMe pathways, and had the CCNA (I highly suggest getting this certification) and eJPT certifications. I also had a strong Linux foundation (I run it as my main operating system) and decent python knowledge (You can learn both of these through an online course or a community college).

A year later I got my bachelor's degree in Network Engineering and Security at WGU, which helped me switch jobs.

At my old company, I interviewed many candidates for cybersecurity internship positions and often found that people who only had college degrees were less likely to be able to answer technical interview questions and more likely to struggle on the foundational questions. I did notice that those who did TryHackMe pathways and had a home lab did considerably better at answering the interview questions and had a much better grasp on cybersecurity in general. As for certifications, it was a mixed bag, sometimes the candidates knew what they were talking about.

This is the pathway I followed: High School (Linux & Python) > TryHackMe > Community College & Certifications & Homelab > First job > Online Bachelor's Degree > Job Switch

you're welcome, it's a very useful reference for when you're doing threat hunting

I'm not sure if you have something like this in Norway (or even if you would get the same experience), so this advice may be invalid but it could be useful to people in the US. I'd look into community colleges as a serious option, I am so glad I went to a community college and then did an online degree instead of doing a regular university. The professors for my classes were active in the field and had a lot more experience (20+ year veterans) than professors at regular colleges/universities. the quality of my education was great and I saved a lot more money too

ALSO, don't sleep on internships at small companies. I gained a lot of experience really quickly by working at a small company. I'd prioritize searching for cybersecurity internships over doing something like help desk if your goal is cyber.

Why are alerts from the same incident not related in the queue?

in SOC simulator

Try to ask in #site-support 🙂

I don't think it's a platform problem

The CertMaster practice test. I use Prof Messors Videos as well.

Hello everyone. Any freelancers here? If so, how goes it. Care to explain what you typically offer and how g ya make?

Awesome man. Do you have an iOS device you could download a study app on? Also consider practice question videos on YouTube “) I was surprised how much they helped on my Net+ especially.

Good morning. Anyone here has any tips after getting a CompTIA Sec+ ?

It depends on what you want to do. Do you have IT experience? Do you know the skills needed to be a SOC analyst? Do you enjoy hacking?

At moment I’m focusing on my soc analyst skills and hacking.

Appreciate this info

I'm probably going to keep studying no matter what, but as someone who once aspired to get into cybersecurity, I often feel like I'll never really be "ready" to get a job. It feels like the bar just keeps rising to be effective/knowledgeable/etc. Does anyone else ever just feel like it's always going to be out of grasp?