#cyber-and-careers

Is it overkill to have all these certs?

its covered in the tuition

but nothings overkill in security

Oh then cool

Thanks for the info man. Really appreciate it. I’ve been thinking of a career in cyber but the job market is quite bad now.

Gave +1 Rep to @vapid kiln (current: #2628 - 1)

Overkill on the wallet lol

How much is the tuition?

oh lol yea thats why i reccomend schools that include the certs

If you dont mind can you send a link?

I might try for a masters

https://www.wgu.edu/online-it-degrees/cybersecurity-information-assurance-bachelors-program.html

Oh its from wgu

I dont really know about this but can i ask? Are these online unis valid?

yes

I know a few people irl who have gotten a BS and MS in Cyber from WGU. They have all landed a great job that pays VERY well. Some are even Directors and Managers!

Like accreditation wise and industry recognition

yes

You would recommend even for people outside US too?

Western Governors University (WGU) is accredited by the Northwest Commission on Colleges and Universities (NWCCU). WGU's programs are also accredited by other organizations, including the Council for the Accreditation of Educator Preparation (CAEP), the Association for Advancing Quality in Educator Preparation (AAQEP), the Accreditation Council for Business Schools and Programs (ACBSP), and the Commission on Collegiate Nursing Education (CCNE).

Coz i dont really wanna break bank for masters

i cant speak for outside the u.s.

im not sure

Hmm

do internships pay or is it just for experience?

Still better than physical full time degree ig

mine have all been payed?

idek if they accept international students

Some wont

Unpaid is there too

thats a scam

good to know

🥲🥲🥲

dont ever take an unpaid internship

Unfortunately i did

Only for the experience

how long are internships supposed to be

2 months for summer

usually 3 months

i had one that lasted a year

6 months internships for graduate

but they wanted to keep me there

Ouu

Ig those were early career programs?

The one year ones?

I have a year in IT support internship and a year coming up in a cyber security internship

Nice

nope, my bosses just wanted to keep me on the team

Thts great

so they asked me to stay until theres a ft position

and i finish school

this is my experience if you wanted to see

Thats so neat

You got something to put on your resume

I got nothing 💀

I do want to put personal projects and make it two pages but having it short and concise in one page is just a different level of satisfaction

yea not sure if i should stick to one page or not

going to be spam applying starting today so ig we will find out

all my past experience has been through networking rather than applying...so this is a first for me

Atb

I have been firing my resume at entry level positions only so far nothing yet

Even IT support nothing so far

Cant give up at this stage

Have you looked into contract agencies

Allot of my old coworkers started with that

And it led to ft positions

Damn dude I would kill to have a resume like this

Three years of grinding

I was originally going to school for psychology and made a major change

Yeah you deserve something good for that

I'm getting a Bachelors rn but I've only been doing cyber stuff for a year. Very tough out here for internships, can't seem to get an offer

I started at with an it support internship

And worked on certs

And tech experience is good

Any*

Thats crazy man I'm gonna make that happen this year

I'm applying for a masters scholarship program at my school and if I get in that will make finding internships and paying for certs so much easier

Have you considered full time positions yet? I honestly feel like the amount of experience you have on there should be enough to get you a soc analyst role

Yea I got lucky tho I got an internship my freshman year at a community college with no exp

Yes I’m just starting to apply now

I go to school online and it’s my last year

That definitely helps. Currently a senior and still looking for my first one lol

Apply for anything and everything

But networking is still the best option

Yeah I have about 100 apps out rn

I recommend to attend any local conferences

For security

There’s always a ton of you live in a state with a city

Bring a resume and a laptop with you to show off some stuff to people

I live off the gulf coast, it's a pretty tough market

That’s what I did

That’s rough

Should've just stayed in Rochester lol

I’ve interviewed for internships at some top comps earlier this year

And most of the applicants who interviewed with me

All had the entry certs

Network, sec, etc

Comp Tia

So work on those if you haven’t

Jesus, yeah i guess getting sec+ isn't an option at this point

Does your resume get you a lot of calls?

For internships I did

Capital one , Bank of America, Dr Pepper, liberty mutual, GEICO, etc

A lot of comps but I turned them down to stay at my current one for an extra 6 months

So if you need a baseline for internships maybe try to match some of what’s in mine but fit it to one page

My internship resume is one page

Thanks for putting me on game man

Might need to reformat mine too

This is what I'm currently working with

Resume.lol

Use that^

Free

I gatekeep that usually but it’s good

You're a real one man

A lot of templates

Will help you a ton

I use the John Doe one but switched things around and added stuff

Like i said, not from US

So got no clue if something like that is here

Nice

Looks great tbh

Is it fine to share resumes here?

Thanks dude, I definitely got a lot to work on though

Sure, I just recommend crossing out personal info that you aren't comfortable sharing

Yes

Thats actually great

I applied to quite a lot of companies but i am hella paranoid when i dont get responses from them, got zero referrals so i try my best to reach out to hiring managers on Linkedin

Hopefully i get something just by cold applying or if a recruiter notices my profile from linkedin

I've seen people with similar resumes land internships

i think it might just be the way your's is formatted

you can improve your resume alot, try using what i sent and see how it goes

you can send in here and ill give you some advice

@vapid kiln what if you're not in college? it feels a lot harder to find a opportunities that will lead somewhere...

Cyber Security is not entry level, you can get a job...but its most likely going to come from networking or getting super super lucky somehow

If you are starting from 0 with no certs or education

Get your A+ and Network+

You have to start where most people have to start. Learn about computers, operating systems, networks, a little coding, about how cybersecurity actually works. Get a job in a helpddesk or tech support, or IT (Anything that gets you on the ladder) and make gradual progress... Learn how to work in the SOC (Soc 1 and Soc 2 paths), pursue certifications like Sec+, BTL1, OSCP, or whatever recruiters in your area are looking for. Give the Tribe of Hackers books a read. Check out the cybersecurity books from No Starch, O'Reilly, Wiley, etc. Practice, practice practice, consider doing writeups/blogs, make a home lab (some VMs or old computers will do) CTFs. Try to find meetups or conferences nearby. These will open up networking opportunities. Post your achievements on your LinkedIn

I was ab to test for Sec+

your fine

I would shoot out resumes after you obtain it, if your in the u.s. try to look for some government postitions

security+ has alot of leverage for those kind of jobs

If you have no luck there...follow this

apply to some it support/help desk jobs and try to work your way into a sys admin position

if you can get some experience in those kind of roles, it will 100% increase your chances, most companies that are hiring those roles are also companies that have security departments

unless there outsourcing

but anyways try your luck that way

and if it support/help desk jobs are hard to find...look into a contracting agency

I started out in an it support internship...but alot of my co-workers didnt go to school like i did

they started out doing IT contracting

and got hired on for doing a super good job at the companies they were contracting for

so to summarize...substitute the education by starting out in IT roles that are quote on quote easier to obtain and do that for a bit instead of going to school

thank you guys so much

do you apply for these on government websites

yes, the security+ is approved by the U.S. Department of Defense (DoD) to meet Directive 8570/8140 requirements

https://www.usajobs.gov

or State and Local Government Job Boards

theres also Defense and Military Contractor Companies

look into all of those

you might need to pass a security clearence for alot of those

but most dont do polygraph

also you can do this

"DoD 8570 jobs" on LinkedIn.

what is that is that like a backgroud check

yea, but more in depth

investigators basically just figure out if your trying to commit an act of terrorism or if you have a drug problem etc

things like that

but they can only go off whats public knowledge liek your insta or twitter posts

stuff like that or interview your family

oh I should be perfectly fine

I literally don't do anything 💀

yea most people should be fine

unless your a felon or a pedo 💀

I stay at home most days thats an easy pass

but alr thank you seriously

I'm going to keep preparing for the test but I'll research what you told me some more

gl

thank you 🙏🏿

i need some job advice, there is devops internship that i applied for 3 months ago but got ghosted, can anyone with experience tell me on what should i focus in terms of resume and projects and all that

after i sent resume they had 3 tests about git, english and general devops and linux knowledge where i did fairly well

Apply to more companies??

i am looking for interships and there are not many of them right now

and i also want to apply for devops

Sooo

Hi guys looking for a new role

2 years experience as a soc analyst

Hit me up if you have something

Check out #jobs-board 🙂

Don't just apply for internships, and don't just apply for devops. Go for tech support, if you can code, go for QA, apply as a Windows/Linux admin. Can you do Cloud? Do you know networks/firewalls/exchange server admin? Don't limit yourself to exactly what you want. Find something that uses and develops your ability, gives you opportunities and opens doors. You could end up in a company that will need those other skills, or gets you into another role, or opens opportunities elsewhere

thanks for the advice, i worded my question poorly, i would want anything that i can apply my skills to, but considering that are internships for anything that is not software development very rare, i am aiming for devops currently

Gave +1 Rep to @rugged delta (current: #21 - 453)

there are not many entry level job offers currently, most of them require at least 2+ years of experience

If a job asks for 2 years of experience, it's not entry level. And the years of experience only really matters for higher level roles. And that's flexible too... It's about your ability. Apply to anything that interests you, not just your perfect job

i dont have perfect job i would just search for jobs from this field, if nothing i can find some full time tech support and start from there

but since i am in college right now i would like to get internship

i think i lack resume making skills more than technical skills or ability to learn

i need to figure out how to make that piece of paper say "hey i am the one you are looking for"

Keep it simple, highlight your relevant skills, I’ve heard recruiters read for like 10 seconds then move on

This is a lot of great advice. Thanks for sharing.

Gave +1 Rep to @rugged delta (current: #21 - 454)

thank you a lot, both of you

Sm1 should teach me code

Check out freeCodeCamp on YT 🙂

Okay king

hey guys try hack me paid version will be good to start?

Hey @zealous ice , i use the paid version since 2021 and i think it's a good start yes.
But you can test many excellent free rooms if you wanna a good preview

Yeah , why not 🙂 ? It's by far one of the cheapest options anyway in terms of cysec education 🙂

Currently, cant enter soc or any cybersecurity role unless experience, so check out IT helpdesk support and voilaa, 2 years of helpdesk experience needed😭😭

I am going insane

To get experience i need to find a job but that job requires experience.

One serious question guys, like do they really look overlook the 2 years experience if your just starting out and you just got practical knowledge?

Even for helpdesk/support rolev

reminds shadow of an instance where the original dev and creator of a specific software could not get a job for a company using said software as they asked for 20 years experience in it when the project was only 9 years old

I remember that lol

the numbers might be wrong but the story hold still

😭😭😭

i am searching entry level jobs

i am appliying 309 companies, but everyone didn't response

Try to check out #jobs-board channel 🙂

Great advice.
I find that it’s useful to frame getting a job as a social engineering pentest

Potentially something in your resume

Mornin all. Does anyone have opinions on udemy or coursera? Specifically for cyber security learning & Security+ exam

Many people recommend Professor Messer's YT course for Sec+ 🙂

professor messer

OoOOoOOoOooo. Ok. Coursera looked good but then I started looking through their reviews, but I have heard quite a few folks recommend udemy. I shall def add Prof Messer to my list. Thanks much!

You can check it out here 🙂

https://www.youtube.com/playlist?list=PLG49S3nxzAnl4QDVqK-hOnoqcSKEIDDuv

You're the best😄

At the risk of sounding, "old" I just bought the Sec 701+ Study book from barnes and noble, and wrote my answers down on paper, checked my answers on paper. I think there was an 'online testing' bit that helped me do some practice testing before the cert, but I wouldn't spend money on anything other than a book.

Which is actually how I've done all my certs >.<: I've passed them all first try so far! A+, Net+, Sec+, and Certified in Cybersecurity by ISC2

You don't sound old lol. I also prefer books, but there are times when having someone explain it helps, or some of these online classes also have lab simulations which help me a lot.
I guess I immediately asked about websites cause, at my current job, I have a lot of downtime in front of a computer, + doing stuff on a computer would make it look like I'm actually working on something job-related😅

Oh to be clear, I don't judge anyone. I put on some youtube videos in the back ground. I just also try to look out for people in ways i"d hope they would look out for me. I know there are some expensive courses out there >.<;

Oh! But if you go to the library, they might have online resources! Mine offers free classes of varying types. I think Linux+ is one of the courses I don't remember about sec+

Yes there are. It's nuts how much some of those places wanna charge you.
Aaahhhh, the good ol' library! Yes, I shall check!

Yeah at least for entry level certs, I don't think the information should cost more than the cert.

IDK about mid range/high end because that's a whole different can of worms and expectations.

Ur library might be partnered with udemy so u could get a whole lot of courses for free

OOoOOoOOOoooo. Wouldn't that be awesome. Thanks!

https://www.gale.com/elearning/udemy

I didn’t have a library card when I signed up but I was able to do it online and I had it within like 5 min

You're fantastic. Thanks much!

Can someone recommend some CV score analyzers and templates?

Servus!
What do you think (especially people from Germany) is a reasonable hourly wage for a student who is studying cybersecurity and has already completed training as an IT specialist?
I am currently abroad, but will be back in a few weeks and will then start my distance learning programme as soon as I have found a new employer. Does anyone here have any experience or know of any good sites where you can get comparative values on the subject?

For CV score analysing https://resumeworded.com
Youre getting templates pretty much everywhere. Depends on what you want.

More of a marketing strat to make you pay for insights

One site shows me 80 another shows 60

Thanks.

Gave +1 Rep to @fringe tide (current: #1720 - 2)

Do you guys have any good ideas how to document your skills like using wireshark , active directory etc. ?
I don't wanna just show my links for THM and lets defend accounts , rather something that can say (oh he might know some stuff) 😜

is the a+ worth it to take

LinkedIn can probably be your main place other than your resume though for resumes you have to send them out. LinkedIn is probably the best place and you get exposed to recruiters and potentially people you can network with.

Hello how are you?
I would like to know what your opinion is about the cybersec market, do you think it tends to grow more?
I'm from Brazil and here the cybersec market ends up being very small

It depends on your ultimate goal in my opinion. If you have no IT experience, I think it's worth taking it. Even if you're just trying to skip any IT experience and go straight into Security, it wouldn't hurt to take it to gain some fundamental knowledge. but it all depends on what's the best way for you to learn because most of it you can def teach yourself.

It can also help you if for whatever reason you're having a hard time finding a Security role....you can then at least apply at Help Desk/Desktop support roles which that's not a bad thing in the long run.

That's not bad idea , thought I post mostly my milestones like finishing certain learning paths or getting certs . Should I go more into detail regarding rooms or those sections with few walkthroughs/ challanges ?

I think on your LinkedIn profile, you can probably list the skills and then if you want to go more into detail....maybe you can do posts about it. That can also strike some conversations with other people as well.

My thoughts

Awesome 👍
Thanks for advice 😃

Gave +1 Rep to @humble cosmos (current: #333 - 18)

mais um pra gangue

IAEEE!!!

Br tá em todo lugar

n sabia que o mercado aqui era tao pequeno

mas faz sentido do jeito que nada tem segurança

Pior que não sei dizer, quero começar a estudar pgm e hacking,
se não vou pra psico (não me garanto)
pior que aqui ainda é pouco conhecida a área de cybersec, comparada a área de proramação que explodiu a algum tempo

English

@loud breach can i dm you?

Yes.

sent u a friend reuest

Hi, we speak English in this server.

sorry

Hey guys, a+ is getting the new tests in spring, how different should i expect material to be from the current test?

If a new exam is coming this spring, the updated syllabus should be available on CompTIA's website. I believe they also do "what's changed" posts

Next topic. With no experience I asked my boss to see if I can pivot from the floor, to which I have been 10 years to let me cross train 1 day out of the week for cybersecurity. He said he would talk to the right people. Then asked for resume. Since earlier Jan, after I passed security+, I have been putting in 2 to 6 hours a day for labs. I was told not to list all tools that I worked with on resume by some Youtubers. See only how I will only train one day out of the week, I can slowly transition form floor to IT department. I have no idea on what to put on the resume. I will find out what task they train me in and pursue labs to learn it faster. Goal is within 6 months to leave floor and be full time IT department. Any ideas on resume?

Put all of the topics you know and some tools related to those topics

Like, "Experienced with many cybersecurity platforms and have completed training on blah blah blah. My skill set includes researching and administration in multiple OS's with great familiarity of the command line and related tools, working with EDR" for example

It depends on the role you're trying to get

Yes, I will do that. Not exactly sure about the role of what I am going for because I am not sure what they are offering. I just want off the floor and can pivot from what they need just to get a foot hold and transition from there for my reputation there is already established. I then will continue to work towards pentesting route. Basically, I am just escaping the floor without relocation of my residence. They might have remote work as well.... not sure. I do know they take cybersecurity very serious now.

its worth asking the person who would likely be your new direct supervisor, what skills or things are they in need of or use on a daily basis as a way to carve out your value within this part of they company that you are seeking

then, either create a lab env, do some writeups, or some project you can use to show them you have some level of understanding in the domain

Great idea!! And with my schedule, I work 2 weeks out of the month with full time pay, I can really dedicate some real time into learning those specific skills. I shall talk to them and immediately start learning that technology. I can dedicate 2 weeks out of the month to learn.

You gain a foothold by offering something they want. You can leverage this by providing the right help at the right time.
I would do research on your company to see what they prioritize in their IT industry

I hear one of their tech guys just left. I was trying to catch him before he left to get intel. Didn't get to chat with him before he left. I will research it as well. I will find out. Thanks for the help!!

Gave +1 Rep to @grand plume (current: #650 - 8)

Not a bad play. Now you know they are looking for someone to fill that person's position.
Inquire with the employers or colleagues within the company to understand what position that was and if you would be a right fit

If you're worth it.. Some companies will pay for your studies in order for you have the right skills for the job

Good luck though

Ok serious question. Where to find entry leve aka junior cybersecurity remote work positions? I have checked local market, global market and there is nothing. Everyone want mid or senior level workers :/

Maybe you can check out #jobs-board channel 🙂

If you do Javascript, I'd have a startup position with minor overlaps into cybsec. I emphasize minor. Send DM if need to know more.

Guten tag, anyone from germany

Former Holy Roman Empire. Not Germnay though 😄

great

nice to meet you brother

hlo everyon , I learned a ruby lanaguge . and i want make exploit in ruby but i am not able to make exploit in ruby .Can someone tell me how I can learn to create my own exploits in Ruby? I have checked the metasploit documentation, but I didn’t understand it properly. Can someone help me by explaining where I can learn exploit development in Ruby, providing some resources or guidance?

Questions, I have no cyber experience, but I am working on my bachelor's and have A+, will soon have Net+ and Sec+ as well. I am pretty knowledgeable in the field through previous work but have never actually worked directly in the IT sector. Do I have a chance of getting a cyber sec job before completing my bachelors or do I have a snowball's chance in hell? I considered going the help desk route to at least pivot into the IT sector but I am getting zero bites. I know the field of cyber sec is going through some pains right now but it kind of seems impossible to actually break through.

I have another idea but I dont know if its realistic. The new company that I am starting at for my current field also has cybersecurity jobs so I am wondering if a lateral move may be the way to go. Trying to use the "bro network" once I am established essentially.

Can I add TryHackMe and HackTheBox challenge solving in LinkedIn experience? If yes, how do I add it to improve my profile ?

With the compTIA trifecta you can absolutely get a job before finishing your bachelors, however it’s going to be an entry to junior level role and you will have to leverage those certifications and prove to the employer that you actually know what you’re doing and can complete the job so you will have to do extra studies, complete projects, etc. and then you have a chance. Entry level jobs are not usually specifically Cybersecurity available, meaning blue team/red team jobs. What you will likely find is hardware, networking, help desk, and maybe a SOC role if you can really prove you know your stuff

Yeah that's about what i figured. Just hard to justify going to a entry level role from a salary standpoint. Kind of why I was trying to build the educational and certification background to give me a fighting chance at a lateral move

Also why i found tryhackme, trying to build as solid of a knowledge base as well.

plus its neat so there is that

you're on the right path! Getting a job in IT to then pivot is always a great choice in my humble opinion. You get to learn a lot about infrastructure and how computers communicate with each other which will benefit you once you pivot onto Security.

I also mentioned this in the past in other replies, if you're still in school, try and look for Internships....sometimes internships are apart of your "projects' and that can help you land a role within the company.

The "bro network" I always recommend as well. Within your company, reach out to folks in the Security team and basically "start showing up". The more interest you show, the more you'll gain reputation and hiring within the company is always a plus. Also, hold on to those members that are willing to teach you and mentor you within the company.

Hello 👋, just wanted to post that I’m looking for entry level pen testing. Remote work. Part time ok. Shadow/learn/grow, I’m new to the space just want to get a little experience in the field.

Hey everyone! I'm currently looking for job opportunities in cyber security in the UK. I have experience in bug hunting. If anyone knows of any openings or has any advice, I'd really appreciate it. Feel free to DM me. Thanks!

Why not it probably won't hurt anything 🙂

Try to check out #jobs-board 🙂

What should be the position ?

Awesome!! 💯 @cunning blade
You've got my vote! Cheers to prosperity.

Thats really great 👍🏼

@cunning blade Please don't advertise positions until you've spoken with our admin team. 🙂

Guys, does anyone have the skills to punish scammers?

@cobalt escarp

Hey that would be illegal and against our community rules.

How is it allowed for scammer payback?

He does it?

They are usually authorised by the local authorities. They often work with the police and have legal contracts:)

Oh

The reason i asked is bcs im concerned the scammer might scam someone

You need to inform the authorities:)

I want to get the certs but they are extremely expensive in my country 😭

So i was thinking of getting a masters degree since its free on my country(and sometimes you get paid for doing it)

Would a masters be enough or would i still need the certs

Masters degree wont replace the certs

But some programs do give comptia vouchers

Or you get student discounts?

Certs arent the only route to prove your technical expertise, you can always do projects.

in general, a master’s degree doesn’t matter much in the private sector unless you want to enter teaching/academics/research

if it’s free in your country though, then go for it; it wouldn’t hurt, and it’s a free master’s degree

i am a student who is seeking to have a full time job in it field (14y/o). but idk how to start and which field to pick. at some time i wanted to join cyber security but i failed learning in it ( more specifically didnt find a learning path ) and then i went into cs50 and enjoyed programming but i got pissed off really quick since it is very boring. what should i do ?

What does a project entail? Developing a tool or something?

that, or home lab

Yes

Or this

If you dont have money for certs , projects and coursework can help complement it

Besides some roles do require a masters degree, so its a win win

Yea last time i searched a comptia was almost twice our months minimum wage ☠️

I’m interning any tips or tricks that can help me first day on site

Is this a good channel to learn cybersecurity?

I would say it is 🙂

Do you think AI can make getting a career in cybersecurity obsolete?

No , at least we're far away from that point 🙂

At least it can help I would imagine

Do you have any certifications?

Have a few from CISCO,AWS and ForiGate 🙂

I should change my username to CIA 🤣

Are you from malaysia?

Would this be a good resume to take to the SFS scholarship application in March?

I left my job off of there since I've only worked retail/service jobs that don't directly relate to cyber, I planned on adding that to a second page to apply for the scholarship since they do ask for it in a federal resume format

I would get the free masters anyways. Dosent hurt. Will make you stand out a lil bit and of you get bored you can teach

Whats the sfs?

Dm me

Scholarship for Service. It's a program funded by the government that pays off your tuition plus an additional stipend to get your masters in security. They have a 2 yr or 3 yr (1 yr undergrad, 2 grad) option, and after getting your masters you are obligated to serve the US gov in a role for a duration equal to that of the scholarship. I'm considering it because my university's cybersecurity masters ranks in the top 10 in the nation

Oh nice

Go get some certs then lowk

Also throw statistics in their

And bold the numbas

hello guys, a question from a newbie, after i finish the basic learning do i need to get official certificates or i can start looking for entry jobs? if i dont need any official certificates what roles can i apply for?

How can AI like Chatgpt will help the hacker?

hello everyone i am new to discord as well i just started my cyber security journey i hope i can find good friends with whom can i grow along the way and help me

Hello , welcome 🙂

thank you very much

you arent going to get anything without some proof you actually know how to apply it

You have PentestGPT , LLM geared towards cysec 🙂
https://pentestgpt.ai/

What do you mean by basic learning 🙂 ?

Projects projects and projects

did you use some template for this or how did you make it

Hello hackers...
May I gain some career advice from you??
am from Sri Lanka ♥️
University Student
(Mathematics and computer science combined degree follower)

so do i need a degree in comp sci to get a job? or would a huge portfolio with major accomplishments make a bigger impact?

lol there are proffesional hackers who don't even have one cert , your skills are what really matters, but it's still good to have a recognized cert by the way 😉

weird question for any australian cyber people but im working in a help desk and im trying to find something that will be a better step toward cyber security does anyone have any recommendations for the australian job market? i find that talking to real people is better then listening to a "HEY PAY ME MONEY FOR MY TIPS AND TRICK" dickheads

if there are also recommended projects as @warm hinge pointed out that would be awesome too 🙂

Depends on if you're after certifications and for red team or blue team.
Off the top of my red blue team/soc jobs ask a lot for security+, cySA+ sc-220. Red team OSCP, HTB CPTS.

is there a lot of work for red teaming atm?

i see a lot of blue teams when i worked in bars but just curiose on what has the most avaliabilty lol

Theres a lot less penetration testing gigs publically advertised. But a lot of places after SOC workers still like the OSCP. In case you like studying offensive sec in your free time

I believe some states like NSW and VIC are also offering free TAFE courses for Cyber Security, or government subsidies for university degress

thanks @warm hinge are you currently working in the field in vic id love to hear about SOC work if you have the time lol

Gave +1 Rep to @bright quiver (current: #1302 - 3)

Not currently doing SOC were but working as a sys admin. So I get to work closely with our SOC, interested in pivoting though

Try to check out #jobs-board , LinkedIn could also be a great resource 🙂

@keen tundra thats awesome thanks dude !

Gave +1 Rep to @keen tundra (current: #2 - 2693)

Yea but you gotta have a proof of those skills, be it a cert, a tool in your name or having hacked something important in the past

is there a place where projects can be completed to showcase these skills so youd have certs and the projects to back it up?

Bughunt and github

exactly 🙂

do i need a degree in comp sci to get a job? or would a huge portfolio with major accomplishments make a bigger impact?

Recommended Path for Beginners in Cybersecurity While Living at Home:

1. Freshman Year:

• Enroll in a Computer Science program and focus on achieving strong grades (CompTIA A+).
• Begin exploring entry-level IT roles, such as Help Desk or IT Support (full-time or internships), starting in the second semester.

2. Sophomore Year:

• Pursue Network+ certification to build a strong foundation in networking.
• Enhance your cybersecurity skills through hands-on learning with tools like Hack The Box or TryHackMe.
• Take the ISC2 Certified in Cybersecurity (CC) exam — it’s free and easier to pass while offering valuable experience with testing environments.

3. Summer After Sophomore Year:

• Earn the Security+ certification to strengthen your credentials.

• Build your network by attending conferences, engaging on LinkedIn, and connecting with professionals in the field.

4. Junior Year:

• Apply for cybersecurity-related internships or entry-level security roles to gain hands-on experience.

Alternative to Computer Science:

If Computer Science feels overwhelming, consider pursuing an IT degree through an online program, such as Western Governors University (WGU), which often includes certifications in the curriculum and integrates tuition costs.

This is what i did

but i skipped a+/network+ and got lucky landing a it internship

you could even go faster than the pathway i listed up to how hard you work

if you get cysa+ before junior year

youll be light years ahead of alot of people applying for internships tbh

rn im internviewing at FAANG and other comps for cyber internships so it works

This is a pretty helpful roadmap, thanks Jay

Gave +1 Rep to @vapid kiln (current: #1726 - 2)

No idea whether I should apply for an apprenticeship now or spend time upskilling and apply next year. Another option is attending university, where the available course near me is a BS in Computer Science.

Interested in Digital Forensics and Exploitation, specifically in a role where I can identify vulnerabilities or pinpoint root causes without having to write 1000s of words explaining how to fix them.

That may sound kinda naive since identifying vulnerabilities without suggesting a remediation wouldn’t be very effective.

Hello guys, do you guys recommended any cert for beginner at cyber security??? why i heard so many bad reviews about the CEH cert?? can someone plz help me?

I heard that CEH is very popular and recognized in 🇮🇳 but I also heard that it has bad reputation outside of it 🙂

I guess you're right. I have heard from many that it is too theoretical so not recommended to go for while searching for a job but the HR guys cling on to it anyways

HR leans into CEH pretty heavy

but imo OSCP is probally the best cert based off marketability in the job market and what it teaches you

if your end goal is red teaming/penetration testing

but pricing is pretty heavy

its like 1800 for the course and exam

Again - disclaimer 😄 . I don't have CEH cert. , this is just my experience of what I heard here on server + LinkedIn 🙂

CEH is good for DoD positions

if you want to get into government jobs

CEH is probs better for a broad security role in red teaming

but for specifically penetration testing..OSCP is better

CEH - Government agencies, DoD contractors, general IT security roles

OSCP - Cybersecurity consultancies, Red Team firms, Fortune 500 companies

I too have received some similar feedback from people

Thanks for info 🙂

Gave +1 Rep to @vapid kiln (current: #1302 - 3)

Just got here...asked nothing...Jay immediately answers a question I was gonna ask

I’m looking to go from a Systems Engineer to cyber security (SOC analyst, cycber security analyst) anyone have any tips on finding a job? I’ve been just applying to stuff with a shitty resume on LinkedIn

there are better certs that check the same box as CEH for 8140. In all reality, the only place I can think of that prefers CEH is India. If you are in the US or UK and have CEH, you will get side eye from the pentesting hiring manager at minimum

Got an interview with the city I live in for a CyberSecurity internship. Other than brushing up my skills and knowledge, does anyone have any advice?

Read what the interview process is like on indeed & prepare accordingly

Jay is always spitting fire in here

yea, im just going off of what my CISO told me

it really depends on also whos actually reading ur resume as well

your CISO's info is out of date. 8570 has been replaced with 8140, and a number of certs have been added. CEH only had the DoD foothold it did because there weren't other options. Now they are, and anyone who doesn't recognize that CEH is bad is behind the curve.

yea hes been doing security for like 50 years now

lol

thats also why i said its more for general security or compliaance heavy roles as well tho

Yeah, I would not hire someone relying on CEH for a compliance role...

well obviously

Chances of their definition of "compliance" diverging spectacularly from the industry definition are, uh, quite high

OSCP, GPEN, or PNPT are the certs i have heard reccomended for read teaming

ceh just holds weight with hr when combined with other certs like cism, cisa, or cissp

None of those are relevant to red teaming. Good basis for pentesting though, with the possible exception of PNPT which doesn't have a lot of weight behind it yet. OSCP is currently the industry standard in most countries.

Well. "Relevant" insofar as they wouldn't really influence a hiring decision. The AD knowledge would come in handy.

CRTO is pretty good

It is, yes

from what i heard from a friend

ZPS makes decent material

CRTL is my current background cert

I sede im trying to get into AI security

And again, by all accounts this isn't really the case outside of India now that DoD have stopped exclusively backing it.

I see CEH everywhere on linkedin where i live for some reason

I would certainly think twice about applying for a role which had CEH in the list of desires certs

i live in a big tech city

Bit different if it's all around you. That's the only reason to get it -- if you can't get a job without it

yea im not getting it, im aiming to get cysa+ and then oscp

mainly because they interest me

theres honestly no other reason

Good a reason as any 🤷‍♂️

Can't really go wrong with CompTIA, and OSCP is a good bet (for the time being at least)

yea and my internship is paying for it

so might as well abuse it while i can

There we go then 😆

Congrats

What is your internship related to

Try2

No idea whether I should apply for an apprenticeship now or spend time upskilling and apply next year. Another option is attending university, where the nearest available course is a BS in Computer Science.

Interested in Digital Forensics and Exploitation, specifically in a role where I can identify vulnerabilities or pinpoint root causes without having to write 1000s of words explaining how to fix them.

That may sound kinda naive since identifying vulnerabilities without suggesting a remediation wouldn’t be very effective.

The HR list probably just gets added to and at least in the US could still be a requirement, or a way to meet requirements, in contracts until those contracts expire.

It kind of seems like you're meshing a few roles together, at least imo with how it's written. I think you may also have the "TV" view of cybersecurity. Cybersecurity is heavily based on documentation, and if you're not wanting to do that, I am not sure cybersecurity would be a good choice of profession.

Tagging this so I remember to write a response tomorrow

It depends on the job market you're in and the types of roles you're interested in. Will a degree hurt? No. Will it open more opportunities? More than likely given schools come with Alumni networks and jobs can come with degree requirements (at the company level or due to requirements in the contract the org is working). Degree holders also make more than their non-degree counterparts. If you're not interested in or willing to do a degree, you're going to need to build professional experience. A lot of people start in IT and then progress up the "ladder" so to say. IT Helpdesk is a common starting point.

Certifications are used to quantify professional experience, as you said, but projects aren't an equivalent. Projects are used to show continued learning outside of the job. However, that being said, neither really stands on their own.

lets say i had like the top baller certs instead of a cybersecurity degree, and like a lot of tests and highscore on hack the box, would i have a hard time?

Finish school and go be a kid. Don't worry about that now as you're too young, literally. You have no ability to be legally held to a contract

That doesn't really mean anything as it doesn't tell the hiring manager much, all that shows is you can sit for a test. Cert hunting is also a waste of money and seen as a negative in the industry.

dang so i do gotta go to school

You don't have to, you could start somewhere like IT Helpdesk and work up.

ok good cuz i didnt wanna be 20k in debt ty boss you motivated me

Just remember it's not a sprint, it's an ultra distance marathon

Debt isn't necessarily a bad thing. Depending on your goals and what you want to do, a degree may open doors that would ordinarily require 5-15 years of experience.

To add on, in the US, Federal Student Loans are repaid over a 10 year span with multiple options for repayment. There are also plenty of scholarships that you can apply for at the city/town, county, state, and federal levels.

Yes

guys im stupid but in general chat tryina learn

please mentor me

You can start here 🙂
https://tryhackme.com/r/path/outline/presecurity

im in voicechat tho

lets go

lets get a group and do something

IT is more fun being a kid

thankyou

The first part might be true, but about not wanting to document—what i actually meant was my choice in what i document. The kind of information i really roll my eyes upon is when it comes to providing remediation steps.

Now that i think about it, that’s kind of silly, because it’s literally ** cyber security**.

In digital forensics, afaik the role analyses the root cause, discovering the why, how and who behind the incident. All technical, nothing about how to solve it. I of course don’t mind adding a bit of “how to fix this” here and there, or even writing a remediation page—but analysing & explaining the root cause is what’s exciting.

Yeah, it's never "all technical". Think about it this way: whether you are internal or a consultant, businesses work on products. Your client doesn't care about the technical work that you do -- they only care about how that affects their business interests.

Same as with pentesting, the "product" of a DFIR role is the report. The communication back to the customer. If you don't have that then there's no point in doing the technical stuff.

If you're providing a service to said client (again, be that internal or external to the company), your role is to help them improve their security. i.e., your report is useless if it doesn't actually help them to improve.
The recommendations are, in many ways, the most critical aspect.

End of the day, the world is driven by money. Working for an enterprise will always mean you're focussing on the product. There's always "business" to consider.

This is why its important to have both an executive report and a technical report.

@cobalt escarp

That or at least an executive summary

Depending on what's in scope for the DFIR, an argument that the chain of custody document is the only thing that really matters 🙂

Eh, chain of custody is obviously vital, but it's ultimately pretty useless if there's nothing tying the evidence together.
No point in verifying the integrity of digital evidence if no one's bothered figuring out what said evidence actually is or means.

if chain is custody is broken, information and data that was gathered can't be trusted enough to meet court standards though. If it's something legal has to be involved in, the data is useless

useless for why legal has been involved, is what I mean

it's kind of an edge case, i'll admit

Yes, obviously, my point is that there's no point in having a chain of custody for evidence which is useless anyway.

And yes, legally speaking I know you do still need it lmao

Agreed - but I think it's an important enough edge to at least familiarize everyone with it

BROTHERS , WHAT SHOULD I KNOW THE SPECIFIC PROTOCOLS OF NETWORKS? ( I ONLY KNOW TCP/IP )

Why are you yelling

Not really sure why you needed an all caps, but if you want to learn about networking you can do the THM rooms focusing on networking fundamentals.

Work as a security analyst intern, First 6 months was rotational and i worked with the Risk Analyst, Cyber threat intelligence/SOC ,IAM, and engineering teams

Got extended 6 more months to work as a risk analyst intern

Sigh.

Thank you, I really appreciate your input.

But back to the main concern, acknowledging that I’ve understood the insights provided by few ppl here, what can i do? I really am not confident in my decision of wanting to go to university for a year or so - studying BsCS. What’s bothering me is if this course will help with my DFIR career or will i be well, not exactly wasting time, but it’s also not where my focus should be.

I feel like i could be taking a more direct route instead of this detour.

Gave +1 Rep to @undone shore (current: #10 - 828)

@trail rain please add me back

first year college trying to do cybersecurity and networking, also learning to get more certificates on the side

any advice

@keen tundra

i’m not really money hungry, i want to try to get the most knowledge , i know the money will come by

main things i’m worried about is

• how hard is it to find a job

• how hard is it to get certifications

• and if CS and networking is a good career option without being miserable and sad

and if it is hard what can i do to improve my chances of getting hired?

You don't necessarily need to pursue certificates especially if you're on the beginning of your journey 🙂

I see people on LinkedIn having #1, #2, #3 top in TryHackMe.. what are these ranks about?

Finding a job is hard right now especially since you’ll be competing with a lot of different people trying to get into entry level jobs.

Certifications aren’t “hard” per se. Certification bodies I know tend to have the knowledge needed to pass within their course. I’d like to think there’s a barrier of entry within certifications as they move to a more corporate model rather than consumer model.

CS and networking are good entries into cybersecurity definitely.

Networking with people in my opinion is one of the best ways to land a job and its not just having the technical people in your network but also non-technicals.

Probably the percentage they are within the TryHackMe customer base. Its not that concrete though as you can easily get 1% by doing tons of rooms.

it’s hard but

will i be okay?

DFIR is very hard to get into, not sure I've seen a DFIR role without a degree requirement. It's been a couple of years since I've specifically looked at DFIR though

FYI, CS is not a shorthand for cybersecurity, if that's the way you're using it. CS is Computer Science. To answer your questions:

It depends

It depends

It depends

Your three asks are subjective to the person asking the questions. For the jobs, it's going to depend on the market you're in, what you bring to the table, your interview performance, etc. For certifications, it depends on the intended audience of the certification, how well the person prepared for the certification, etc. For your last question, that's for you to decide, it's a very personal question.

scared of my future

wanna think it’s okay

Be confident in yourself. You’ll do great. Just put your mind to it and give it your best shot. It’s okay to fail it’s what makes us better

Hey all

👋🏻

I'm new to cyber security. How can i start my cyber security journey.

I'm very much interested in it

Welcome 😄 . You can start with this beginner friendly pathway 🙂
https://tryhackme.com/path/outline/presecurity

I want to become a cybersecurity analyst in the future, but I’m confused about which roadmap to follow. When I search for a cybersecurity analyst roadmap on Google, I mostly find general cybersecurity roadmaps. I don’t understand where to start. Also, are cybersecurity and cybersecurity analyst the same field, or is there a difference?

https://tryhackme.com/r/hacktivities

I am preparing for CEH exam. I need some help in studying for the exam. Can someone share me some study material or tutorials?

any info on ECIH is this a good cert to get...?

I see. That being said, is BsCS helpful to achieve that or do i take a more direct route? (like DFIR degree at university)

what are the must have certificates either on blue or red team ? (or not absolutely must have, just good ones)

You can see what you need by reviewing the syllabus and then procuring those materials from authorized sources. I am not sure, but i am assuming, that the use of shared study materials is prohibited under EC-Council ethics.

Unless you're in India, I would avoid anything from EC-Council

LoL what do you mean by that

isn't OSCP from EC-Cuncil aswell ? O just checked its not 😄

A Bachelors in Computer Science is a good degree. I'm not sure there is a quick way into DFIR.

CEH is from EC i know something very know was

EC-Council has done some things in the past, you can look it up, that has resulted in a loss of reputation. India, as far as we're aware here, still accepts/wants it in their job market. Other job markets globally are shifting, and have shifted, away from it.

hmm ok thank you for info

My boss insists our Cyber Security team to get a cert and most of them are from EC-Coucil funny enough firm that does curses is also a scam company...

The answer is, it depends. Different jobs and organizations require different certifications. If you have no professional experience and are looking to get a certification, I wouldn't. The recommendation would be to go and build your professional experience, IT Helpdesk is a common starting point, or obtain a 4 year accredited bachelors degree if you're able.

Is anyone here from australia/nz? I wanna know how is the cyber/tech market and is it possible to get a job as an international applicant

Can you confirm that you are not a bot? @broken thistle

Not AUS/NZ, but you'd first want to make sure you meet entrance requirements to the country. You also need to have the legal right to work there. You probably want to talk to the embassy in your country.

If you're not from India/China it's pretty hard to get work here as an international.

If you are from India or China the process for getting work within Australia is pretty easy. I'm unsure about NZ

Why is it easier for those two countries?

yep, how do you want to go about this? is this because of the job advice i gave?

^^ as in yep i am not a bot looll

Australia has governmental deals with India and China

Yes 😅
Your username is a common format for bots also

I would prefer that if you have a job posting, that you get verified and post in #jobs-board

will do Jabba 🙂

echo "Qk9GSAo" | base64 -d

I guess they appended some junk string on there when signing up for discord, i'm a fat bastard lol

https://tenor.com/view/austin-powers-get-in-my-belly-fat-hungry-threat-gif-4906944

Ah ic thanks

Gave +1 Rep to @bright quiver (current: #1057 - 4)

#1: Depends on your mindset. Dont go looking for "entry level" cybersecurity jobs bc its not entry level work. Start with anything IT related. Always keep applying. Do projects to stand out.

#2: Fairly hard. Takes a lot of time and effort. If you have good study habbits you should be okay.

#3: Do you enjoy it? If you enjoy it it will be way easier and it will be very hard for people to compete against you. If my idea of fun is doing someones idea of work then I am far more likely to do more work. You dont NEED to be passoinate but it helps A TON

Anything IT related?

and that will help me in cybersecurity in the future?

same ahahhaha

is it worth putting the certificates on your LinkedIn? Id assume it is, but what would the certificate ID be - the code in the top right corner of the cert?

THM cetrs or ?

thm certs yeah

You can make a post about them, but they aren't certifications if you're trying to add them in that category on LinkedIn

oh i see. do thm do certifications of that kind in more advanced courses? they are listed as an issuing organisation on linkedin

THM only offers Certifactes to my understanding, not certifications

For now , yes but they've announced that certification should come this year in March/April 🙂

Oooh thats interesting. Do we know what kind of certifications?

Not yet , they just announced that it is comming in spring in recent AMA on Reddit 🙂

My question is, where do I go about looking for entry level, part time work to get my feet wet and experience in the general industry? For reference, I have a full time job currently but am looking for a career shift due to the inherent danger/stress. So I’m looking for intern/no-experience/entry level jobs. Where do I start? Is it possible?

You can take a look on LinkedIn also try to check out #jobs-board channel maybe you can find something interesting 🙂

Very nice, Itll probably take a while for my country to recognise them. They've only just started acknowledging CPTS. But might be fun to do it anyway

anyone working in cyber security I can dm to ask something?

You could just ask in here.

Get an answer faster and from more people.

Hey guys, i am working on malware detector for a project of mine.
Now there are two types of malware detection: static and dynamic. Static simply compares the header fields using a ML model. Dynamic method sandboxes the file and execute it, checking for malicious system calls and then flags it.

Now i can not figure out how to sandbox and collect system logs and flag it, all automatically. If someone could help me with this, it would be really grateful

hey guys which role is a better starting point between it helpdesk or network admin? i have completed the ccna course from jeremys it lab and completed 2 projects. but i am still not able to get a job and tbh there aren't much available there. so should i focus on building my networking knowledge more or should go for tcm sec practical help desk course to shift towards it support?

Try to ask in #infosec-general channel 🙂

Hi guys, can someone suggest a free certification in network administration or in server administration or in IT support to update in my LinkedIn profile profile and to update knowledge? Also i would be happy to have you guys in my connections too.

I don't think that free certs. have any real value on the job market .

Yes true. Can you suggest some certificates that would cost low and have value ?

Hi i have been studying from last few months but I think i am getting no where I am confused trying to absorb many things at one time. My goal is “Web Application Pen testing” - can anyone plz help me with roadmap.

What's the problem 🙂 ?

Depends which field you're interested in but cert. aren't really that necessary especially if you are on beginning of your journey

I am interested in penetration testing

Do Portswigger labs

I am currently following learning path at tryhackme.com I was also practicing at portswigger but left after some time

You can pursue Web App Pentesting path on THM then , there's also dedicated channel for it #web-application-pentesting-path 🙂

I am doing that sir is that ok and enough for now to get started

Thanks a lot

Yes , it's a great starting point 🙂

Thank u so much guys need some support and motivation.

Okie lol, asked it there

Anyone here

I've seen some salary reports for various cybersecurity roles. How realistic are those? I'm looking more into the Penetration Tester role. According to LinkedIn:

• Entry-Level earns between 85-105k USD
• Mid-Level earns between 110-135k USD
• Senior-Level earns between 140-170k USD
  I myself have a background in network, services, virtualization and cloud and have switched to a Pentest role a bit over a year now. I make nowhere near those values. I do understand that the place where you live has a great deal of impact.

Salaries are heavily dependent on location, averages are typically skewed by FAANG and other high COL areas, and the industry the role is supporting. Time in industry also plays a factor.

Certificates aren't the same as certifications, FYI. Do you have a degree or prior professional experience in the computer industry? If not, getting certifications probably shouldn't be the first step.

Those are two very different roles with Network Admin roles typically requiring some level of previous experience. Apply for IT Helpdesk level 1 roles, those roles don't require any previous experience.

I'm currently working in IT as junior server support engineer. But i don't have much knowledge in this field. So I'm planning to upgrade my skills and resume and switch job.

Is this a school or work project?

Thanks for the suggestion

Gave +1 Rep to @stoic cave (current: #20 - 492)

Does anybody have some advice on how to get your 2nd job in security? I'm a security analyst with 3 years of experience and I've been working in multiple areas on my team from the SOC to IAM to Red Team to Operations. I'm starting to look for my next challenge

Red team is the area I have the least experience in so Ive been using tryhackme learning paths and rooms to grow my knowledge

Your next jump is probably engineering or similar. Engineering is a bit of a catch-all, so can't really define what you'd be doing as it's org dependent

Does CCNA cover most of the topic from comptia A+? I'm wondering if I should do comptia A+ first or CCNA

I'm currently trying to get an entry level job in cyber security such as soc analyst. Can you give me some suggestions?

Thanks!

Gave +1 Rep to @stoic cave (current: #20 - 493)

CCNA is geared more towards networking and CISCO devices 🙂

If you know what a computer is, and how the components interact, you don't need A+. CCNA is a different certification that focuses on networking.

I think the Security+ would be a good cert for you to get. @stoic cave is right, you probably don't need the A+. Security+ will help you land a sec job for sure

I would say it depends on their knowledge, Security+ is the obvious choice to move into security, but without prerequisite knowledge such as the fundamentals of networking they'd likely struggle.

Thank you all for your suggestions.

Shall I do CCNA first and then security+? Will it work?

I guess comptia A+ also covers network topics essential for moving forward. Am i right?

Just got offered to take an assessment for a job as a data center tech

i took the assessment and passed now im bout to do an info session

then an interview

hope i can land this gig

Good luck , fingers crossed 🙂 🤞

Got my Security+ 😄

Congrats 🙂 🥳

Thanks! Sure has been a while, but we're back now 😄

Gave +1 Rep to @keen tundra (current: #2 - 2810)

So glad to hear that 😄

I'm starting off my IT career in the US and I'm not gonna stay here forever. What are some countries with good job opportunities for aspiring sysadmins and security analysts?

Luxembourg 💰

scandanavia sounds tempting but i'm not good with cold weather

gonna see if there's something nice with better weather

humm Malta ?

In any case, don't go in Belgium for cyber Jobs ... I've very difficult to found a trainee in cyber xD

lmao thanks for the warning

i'll put malta on the list and do some more research

Btw what about china?

Most appealing thing about China is that I'd break free from all US influence

idk china hahaha

better ! you should take a look in Bahamas isles to apply as Cybersecurity personal guard for billionar

My opinion of China skyrocketed after they open sourced Deepseek lmao

it's a great idea no ?

Is there a cyber position that isn't somehow protecting billionaires?

yeah and idk if it's me but chatgtp is hardly laging since 2-3 days ago

I tried it last night and it didn't even give me a response

But it might be because of all the privacy addons i use

yeah you protect the billionaires in a cyber way

God why did I pick this path

but we can install Deep in local (if it's always possible)

I'm in IT because I have bills to pay but I really don't want a job that helps the rich get richer

what's your level in cyber ?

On my third year of help desk work with a+ and sec+

not sure what i'll do next now that i've decided fuck this country

it depend if you prefer blue, red or other

I notice that in Europe, we're looking for cyber engineer, cyber consultant

3-10k /monthly by country and xp

(gross)

are compTIA certs worth anything in europe?\

huuu ... good question. I think a most to have. But for exemple in Belgium they are looking for master / Bachelor (but the worst country for cyber) Generaly, in the

look : "Preferred Qualifications:

• Knowledge of AI or large language models is a plus.

• Certifications such as CISSP or CEH

• Previous experience in a similar role within the tech industry."

for analyst soc

i have a bachelor's but it's in electrical engineering lmao

hopefully that's worth something

on brussel : To be considered for this contract, you must have the following experience:

Minimum 3 years of experience working as a SOC Analyst or 1st Line Incident Responder
Previously worked in a heavy Splunk environment and consider yourself an expert with the tool
Ideally hold one of the following certifications: GPEN, GCED, GPPA, GCFE, GCFA, GNFA, CFCE, CCFP or SCMO

HI guys i am new here and i wanted to ask a question hoping someone help me . Is it worth to go premium instead of free account on the website. i am going through red team road, is the cert useful for my resume or it does not matter for them. or just learning this for my knowledge or will help me with another important cert ? to be specified at this point i started the cyber security 101 and i will continue on the red team road but i already knew the information they provide but i just read it and rememorize them again then i will go for the next path i want. so hope someone can help me 😊

hey everyone, looking for some advice, im someone (obviously) looking to go into a cyber security role, but i have no prior experience whatsoever within this field. I am a graduate at a decently ranked university but in a completely unrelated discipline (history) and have been working in the legal field for 4 years - now realising that it is possible for me to do something in tech. Ive been going through the THM stuff, and am going to work towards getting the Google certificate in a month or so, but just wondering what else i should be working towards? e.g. do i need to do the A+ cert given i have nothing tech related prior, or should i just go straight to sec+ and network+, etc. Any advice would be super appreciated!

If you want to work in a different country, you can look at multinational corporations with offices in the US. After working there for a few years, attempt a transfer to a different country. In order to emigrate to another country, you're going to need to do some research. Most "first world" countries you need to meet certain criteria and bring value to the country of immigration. You also need to have the legal right to work in those places.

Where could I start my journey in social engineering?

Is anyone know about free courses of this subject?

I believe social engineering would fall under a social science. It's not something that is widely taught. That said udemy may have something

yo 🙂 You should to pass the Security+ and some cert like thi : https://www.splunk.com/en_us/training.html splunk, blurp, ...

hey,

i was going through the cybersec 101 and jr pentester learning paths on THM and in some room there was some pentesting methodology/framework or whatever linked. the methodology's webpage had a whitepaper which described the whole process via flow diagrams (like the steps one should take in a pentesting engagement, from recon to post exploitation. i think it had like 17 stages in total.), it also compared itself to mitre att&ck and similar documents. in the webpage i'm pretty sure it said that it was created by either one person or by some small group of people, not some well known organization/institution.

the problem is i can't find that framework anymore, so maybe someone has a clue on what i'm talking about? i'd appreciate it!

edit: it wasn't cyber kill chain, mitre att&ck or ptes. i'm pretty sure, however, it referenced cbc and att&ck

This room maybe 🙂
https://tryhackme.com/room/cyberkillchainzmt

Hi I need to learn windows privelage escalation can anyone suggest some free rooms to get started

This one 🙂
https://tryhackme.com/room/windowsprivesc20

👍

yeah, found it! it was unified kill chain, referenced in the last, conclusions, task. thanks a bunch!!!

Gave +1 Rep to @keen tundra (current: #2 - 2830)

best course for social engineering is life 🙂 practice on your next unwarranted spam call

you were training when you got out of a ticket, when you got out of a jam, when you convinced someone you didn't do it. Perhaps a base course in the dark triad traits will get you going lolol

As a field tech, I once had a work order for a McDonalds, to swap out a network switch and some ap's. I had the wrong location, the manager was adamant. I thought I had the right location and didn't want to be late checking in with the remote engineers. I bashfully admitted to her, after learning from the remote engineers, that I was at the wrong switch, looks like I had to travel down the road a mile. This was after gaining access to the rack, right above the safe and the DVR. After 40 minutes on hold, the remote engineer told me he could still ping the switch after I had pulled the power. Lol I powered it back up and apologized to her, but I was golden if I wanted to be. If she checked the address on my work order, she could have called me out. If I wasn't a bonehead I would have checked before traveling there and not assuming I knew. Lessons learned on many fronts of the prism here

how relevant are THM certs in Europe can anyone comment on this ?

They don't really have any value on job market 😦 . Real thm certification should come this spring

you mean thm never offered certificates in general ?

certificate != certification 🙂

Current thm certs don't really have any value on job market since they don't require you to complete proctored exam in order to obtain it 🙂

i see now, so in the event of these real certifications coming around will they be paid ?

Probably will like any other but I can't confirm 100% 🙂

right we'll see

Thanks!

Gave +1 Rep to @teal garden (current: #2648 - 1)

who has a remote job where i can learn and they pay me?

Check out #jobs-board 🙂

💯

I was thinking about renting an office and starting a small tech business….DFIR, Network design, And Cybersecurity. I need funding. Any suggestions????

How do I land funding and who would be my clients?

If this is your first question, I don’t think its a good idea.

I won’t discourage you though from doing the things you want to do.

It’s A question not my first question

I don’t think there’s an order in which I need to ask questions …. You just need to give me the info I need….

I’m talking like a big boss already…lol

I won’t bother with semantics but I don’t think its a good idea to start a business on something you have no idea to get funding or clients.

You can’t discourage me from something that I know already might fail…..but you can’t stop what’s ment to be either…I’m already discouraged but I’ll do it anyway

I have an idea I want other people ideas

Just because I ask a question doesn’t mean I don’t have an idea

Then I think you should rephrase your question to say you have some idea but need other inputs.

Just tell me what I need to know

Not everyone will know until you specifically ask what you want to know.

People would be a lot more successful if it wasn’t so hard to ask a question

Its simple it ain’t rocket science

A start up needs start up monies

And a target market

Who needs my services ?

And where can I get the money to provide the service

Simple

This is a network of tech pros right?

Just point me in the right direction of who can help with a start up…..

What you’re asking is just Business 101…

If you don’t know just say so

There’s literally hundreds if not thousands of learning materials, references, and what not in the internet

Learning

I said funding

Learn what….??? Exactly…I need the connections …..

I can out source everything else

Finances and Legality

The connections only help when you actually know how to run the business

I have a person for that

I have people to run the business side

I’m on the front line

Then why don’t you ask them where you can get funding?

Cause they broke

They have skills

But they broke

Then why not you find funding?

This is just Business 101…

I can get a lawyer I can get an accountant I can get a HR person

You can get those but you don’t have funding?

Exactly

Those are all different parts of the business

But you as the main person in the business, you NEED to know how to run it

So you expect to go learn all parts of business???

I know how to run it…..my way

I did not say that. I told you to learn how to run a business

The way it needs to be run…..

Where to get funds, how to find clients, etc.

That’s what I was asking you

Do you have any rich friends?

Do you work with any pros

Then if you know that but you don’t know how to find funds nor clients, I doubt you really know how to run a business

Anyway, I don’t think this is scope of the channel. Correct me if I’m wrong @broken idol

Eh.

It's a career chat after all.

I would not suggest going freelance though

If you know how to run it then do it. I have two businesses

My only advice to you is: Go learn business before making your own. You will seriously fuck up your life if you don’t know what you are doing

What can one do to start some type of business services in cyber security. I am down to collaborate with people to work on some project or startup. Or if anyone is looking for people to work with.

Contracting is probably the way with cyber security

what do you mean

This is the first and worst mistake u can do, did u heard the term "The buyer is always right"? If u dont listen to the clients in some ways u gonna bleed out really fast...

Not sure why you're being hostile towards Mknukn, they're right in saying it's not advisable. Funding is also not a top priority, tbh. How much experience do you have in the industry already? If you have none, go work on that. Cybersecurity is a high risk industry. As such, companies are very wary. Do you have a business plan? Have you formed a legal business? Do you have business insurance lined up? Do you have a contracts lawyer on retainer? I can keep going....

Bro ain’t gonna get any clients with his attitude

I know this is off topic but I have to say your profile pic is fire 🔥

Big up David Goggins

STAY HARD

Every time I’m about to slack off, I think… who’s gonna carry the boats… the LOGS

😂😂😂😂😂

Hi everyone ! What is the best certification for beginners ? I almost finish "cyber-security 101" and after I want to start "Junior pentester path". So, do you think comptia security+ for exemple is the best certification after that ?

Sec+ is one of industry standard certificates 🙂

Ok thank you 😃 , Do you think is important to do "junior pentester path" before ? or I can start with the certification ?

Gave +1 Rep to @keen tundra (current: #2 - 2853)

Why not 🙂 ? Majority of jr.pentester path on THM is free 🙂

Best is objective and is going to depend on what jobs in your region require. The question(s) that should be asked first are whether or not you have a degree or prior professional experience in the computer before looking at certifications.

Many Thanks !

Gave +1 Rep to @keen tundra (current: #2 - 2854)

Will Ai replace cyber jobs like soc analysts and pen testers

yes, I've been working in security governance for over 10 years, and before that I worked in IT.
Now I want to focus more on the technical side, which is why I'm starting these pentest training courses.

Don't belive that will happen anytine soon 🙂 . We have Google Translate for 20 years now and it still hasn't replaced the job of translator 😉

No

You've been in industry for 10 years? You're a bit past Security+ then, unless it's required by contract. Tbh, not really sure how I would handle this because if you start applying for more junior positions you're either going to get passed on due to being overqualified or the org isn't going to be able to support your level of compensation for the slot.

Maybe Juun will have some wisdom if he's online

I understand what you're saying. In fact, I'm still in my current job and I was just hoping to be able to get some training because I'd be able to do this job in-house. You're probably right, I'll need other certifications to qualify as more than a junior.

I'm confused, you're already more than junior based on what you said. You're a senior level security professional.

is having chinese mandarin as a second language something employers particularly care about/value (i understand they might if its a chinese based company or they have dealings with chinese based firms), but from a general perspective?

Would probably only matter at a multinational/global corporation, if you're not in China, and if you were passing business level language exams. (ie C1 as defined in CEFR)

I see, thanks

Gave +1 Rep to @stoic cave (current: #20 - 495)

No problem

That's a tough one. So you're currently in a compliance/audit role and you'd like to move into technical? What is your ideal role on the ops side?

Hi everyone I'm new I just start learning with tryhackme, I'm into cyber security, I got stuck in cyber kill chain in the practical step. Someone should please help me out.

Try to ask in #room-help channel 🙂

Hi everyone! 👋

I’m a French student passionate about cybersecurity, and I’m currently looking for a 3-month internship. I’m highly motivated and open to traveling abroad for the right opportunity! 🌍

If you’re interested or know of any opportunities, feel free to DM me—I’d be happy to share my CV and discuss further.

Thanks in advance!

Buen día , no hablan español alguien ,

English only please

hello, what do you guys think of someone with a bachelor degree in Banking and Finance getting into cyber securtiy by learning it online? Note: yesterday i completed the intro to cyber secuirty by cisco

I don’t speak English

I’m using a translator but I can’t translate what they say everything is in English

I’ve known people from different fields transition into cybersecurity. I don’t think going directly to cybersecurity is the best option for you right now. It might be getting relevant IT experience. If you work in Banking & Finance, a data analyst can be a good entry point to pivot into IT.

yes ofc i still dont have the enough knowledge and experience to get a cyber security job atm, but my main question is do i need to re enroll into a university or not

It really depends on you and the job market where you live in. I would recommend asking an HR professional or an IT professional within your current area to know your chances of being hired hypothetically if you have IT experience but no higher education related to IT/CS.

I have a CISSP and a masters in cyber security and a pile of other certs. Currently doing GRC type of work as a Infosec security analyst. I don’t love it. I’m interested in passionate about AI and I’m trying to figure out how to leverage my CISSP but pivot my career towards AI which right now Seems to be more on the data than engineering side. Thanks.

I recommend you to take a look at the trainings and certs at Datacamp. They may complement and expand your needs with regards AI and data science

Are Cisco Networking Academy Certifications worth it?

It's free and has a wide variety of cyber security courses from beginner to expert levels

Like CCNA, CCNP, and CCIE?

Yes and also cyber threat, etc.

CISSP probably isn't the thing to leverage in this case. Maybe look at security roles at or around AI organizations and, if you're hired, express interest to your leadership and coworkers.

Well, those certifications aren't free. The exams cost money. They are industry recognized exams that focus on networking.

Yeah\

How did you land that job if you dont mind me asking?

By searching for the job title on LinkedIn and cold DM people asking for a referral. A nice guy put me in touch with a recruiter and the rest was history.

Please tell me if this is illegal

But can i like... Lie on my resume and say i worked on security before?

Like say my time at x company was doing security

I am having trouble breaking into the cybersecurity field and landing a job, I just recently earned my sec+ certificate through a hands on 3 month program, where I learned how to setup Microsoft Sentinel, Nessus and even configured a small network through Cisco. I have no prior experience related to cybersecurity or IT, I also have no diploma or ged . Any advice on what I can do to build around this cert?

its not illegal but its not recommended, if they ask what you did then youll have to lie or come clean, and if they contact the company you say then itll be known you lied, be honest and list what you have done that way they know what to expect from you

employers often verify work history through background checks or contacting previous employers

Theres no way for them to know what exactly you did at your job

but they would know who you worked for and what role it was

Yea but idk how detailed would be that analysis

It says im a software engineer, could be doing anything n

i would just be upfront with that you did, its easy to get caught up in a lie

usually it always comes back to haunt you

say youre familiar with the field instead

But all my experience is doing dashboards 😭

maybe mention secure coding practices

gives more lead way, if you know what youre doing but never officially done it on paper

you could easily make a transition into application security if you have swe exp?

Maybe

It's pretty easy to catch someone in a lie in an interview and you have to remember that the security industry is small. People talk. You'll more than likely get blacklisted from that organization and your reputation will take a massive hit.

Get your GED

That should be your primary focus

While it worked, I don't recommend doing this. It's a good way to get blocked, among other things. If you're looking for a role, utilize connections or public facing employees. Connections being fellow Alumni, former coworkers, family, etc. Public facing meaning the people listed on the job posting or people who have an online presence promoting the organization.

Hi everyone 👋🏽 I need some advice. I'm trying to land a role in cloud security/cyber security, my ultimate goal is cloud security engineer or cyber security engineer. I did google cybersecurity certification, Microsoft Cybersecurity Analyst Professional Certificate, Microsoft Certified: Security, Compliance, and Identity Fundamentals and studying for AZ500 exam. after I'm done with with AZ500, then I'm going for same AWS certificate. I want know if I'm on the right path towards my goal ?

Do you have a degree or prior professional experience in the computer industry? Obtaining a bunch of certifications without either of the former doesn't necessarily look good. It looks like your cert hunting.

If I was your hiring manager, and I saw that, it would be an instant blacklist forever. Trust is the a currency you can only spend but never buy.

Not to mention, certifications don't really stand on their own

Hi everyone im a Cybersecurity student in college with almost 2 years of experience in many fields from ethical hacking to programming and scripting languages artificial intelligence and many more . Im looking for an internship opportunity in canada with the chance of having a job afterward , im eager to push more and learn more. If anyone as links , referrals or any ideas where to apply it would be appreciated!

You should look out for opportunitys on Linkedin

They post really good internships

What do you mean when you say experience in this case? Are you talking about professional experience? As in, you've worked in a professional setting doing those things? Also, because we get a lot of people asking for remote internships, you are in Canada right?

watch out for the scam ones though cuz they have a few

Yeah just watch out for scams, but with some experience you can easily recognize those.

Experience has a specific meaning, so I am just trying to make sure we're on the same page

Sorry for the confusion but experience in a studying environment , my college is 90% hands-on and 10% theory. I also did some tryhackme and bunch of linkedin classes/certificate on dead time , but recently classes have been pretty charged up lol. I have never worked in a company yet since most of them ask for a diploma first and that’s understandable . And yes it would need to be remote since i live in a tiny city far from major companies.

It just seems hard to get an internship so far i was not able to land anything since December

OK, so I wouldn't say you have two years experience then. Experience means that you have been working in a professional setting. What year are you in school? You're a little late for Summer 2025 internships, but I would still apply, and i wouldn't limit your search to just Security internships or internships at large companies. An internship in something like IT is just as relevant. Remote internships don't really exist, just FYI. The main reason why I asked if you were in Canada due to people saying that they want remote internships in different countries.

Umm idk what to answer business and even the GC approves our 2 colleges years as "experience" that’s why after college we can enter IT 2 or cybersecurity jobs . An you’re saying remote jobs/internship don’t exist but most of us land remote jobs i just wasn’t lucky enough yet . I think the internship should be done between year 1 and 2 . In April its kind of dumb

I don't have a degree or prior experience but build my own PC I have a fundamental understanding of cyber security, linux, Azure and I'm teaching myself python

OK, so you're going to need to obtain a four year accredited bachelors degree or build professional experience. If you're not interested in doing a degree program, you're going to need to build that experience. A common starting point for a lot of people in security is IT Helpdesk.

Where are you located because here in Canada in NB . College diploma’s are 2 years and bachelor’s 2 years. 4 years seem long ?

The US. A four year degree is called a Bachelors, and a two year degree is an Associates here. We don't really differentiate between college and university here.

Looking at the Canadian Government's website, seems like bachelors degree is defined similarly A bachelor’s degree in Canada normally signifies completion of four years of full-time post-secondary education

I understand. Do I have enough credential to get the IT helpdesk job ?

Yes, you don't need anything for Tier 1 Helpdesk/Support. I would start applying

I see that’s why there’s confusion lol . Here in canada theres universities and colleges . Colleges are an official diploma as good as universities but are focused on hands-on experience . Universities are focused on theory teachings with little hands-on . College diploma’s count as "years of experience" since you work in a work environment . There’s many classes . Everything which is technical is teached in college . Cybersecurity, welding, electrician , nursing are all college courses . Universities is like , doctors , teachers and psychologists all that.

College or university diploma’s arent better than one another , universities just focus on 2+ year courses and college on 0-2 years . Both can land high paying jobs or high positions

Oh, so you're at what we in the US would call a vocational school if I am understanding you correctly

Mostly yeah but vocational school dont exist here its just colleges in other words lol

Its like a community college i believe youd call it in the states