#cyber-and-careers

Hmmm. Actually, I am not from the Americas. But this is very insightful. Thanks 🙂

Gave +1 Rep to @flat sedge (current: #11 - 806)

So I just received an email from a potential employer at a data center in my area telling that they have filled the position, but still wants me to attend a zoom meeting for any questions I might have. Only question I have is why you ain’t hire me?????

And another employer wants me to attend all these presentations without an offer for employment after we had a second interview. I thought the second interview was the offer letter but no

give me a screenshot to help you

Bro 💀 the audacity

This is your chance to ask about feedback for your interview(s).

If you choose to take part.

Hi

I am thinking of buying the 129 plan

750 job application submission per day I haven't even applied for 750 jobs in my life lol

Tf is that

It automates job application?

thats the most cursed thing i have ever seen.

your gonna need a call center to answer your jobs calling you back

thank you so much, I will get that corrected. Do my bullet points look alright to you?

Gave +1 Rep to @flat sedge (current: #11 - 807)

It looks fine enough - I didn't see anything that sticks out as being incorrect? Maybe include what language you used to script router configurations.

hey y'all i'm just curious if anyone knew how important python automation was to SOC and if you had any suggestions where to learn it

Hmmm, I wouldn’t say it is a very big requirement

There will be cases where you can use Python but its also doable with other scripting languages.

The commercial tools available to you should be able to do the things you need.

i think it mostly depends on company, where i currently work we use quite a bit of python for quite a bit of stuff. You can think of backends for local applications or just general thingys. during my application it wasnt a requirement

but its always nice to have

I have a quick question, I'm a newbie and at present I'm completing SOC level 1. Is this enough to apply for fresher SOC roles with 0-2 exp. ?

It will depend on the employer. A certificate of completion for a course isn't the same as passing a certification, but it might be a good indicator that you're interested. You should absolutely complete it, and then SOC level 2, but also consider things like the BTL1 cert as something to aspire to. Keep working at it, but yeah, absolutely apply to various places with what you already know. Use an ATS checker for your resume/cv which compares your resume with the job role to see if there's anything you can add/remove to improve your chances. You should be modifying your resume for each role, and also consider sharing your completed paths on LinkedIn if you use it

Hello guys,

Is it a good idea to bulk apply to jobs? I have always felt like I should know this much or have these certs before applying for jobs and I think this approach is wrong. What do you guys think? How did you land your first job in cybersecurity field?

I personall feel like that can expedite the denial letters to a massive lvl, this can take your morale away fast. So yes, but don' let it affect your mentality 🙂

"it doen't hurt to try", but being told no by 1000 companies does hurt

hi, im a beginner that’s starting out in penetration testing and have taken an interest in this field, was wondering if doing eJPT would be a good way to start? i’ve read about jumping straight to OSCP but am afraid it’ll be too difficult

Inquiry.. if I (back in 2020) was a manager for a small-business hydroponics lab and also had the responsibility of conducting and implementing physical and network security (which only happened on paper) for 3x separate sites. The business died cause of covid and we lost our investor. So the project itself never happened pass the plan & draft phase. Which I did and lead myself.

Could I use this as cybersecurity experience?

Also the world "ended" few days before the project construction start date

But, I'll save that story for another time.

Hi, I am currently pursuing a M.sc cybersecurity course in UK and I already have 6+ years of professional experience as an QA. I will graduate by sept 2025 can anyone suggest what certificates i should start with I am planning to get a job as penetration tester. Also, i am trying to find any work placement/internship in the field. Thanks in advance

Depends whether they can back it up lmao

If I'm wrong I'll admit it

If they're wrong, I know they're wrong, and they can't prove their point, then it's a big red flag

Hello, I need some help in an exercice in THM because i'm stuck and can't find the solution in google, can I share a photo with you ?

#room-help

ty

Take the ejpt or pentest+ before oscp

What certs u got

I was watching How to Be an Ethical Hacker in 2025 by Heath Adams, where he shared advice on how someone interested in becoming a penetration tester can get started and what knowledge they need to acquire. However, the video was more geared toward beginners.

I’m curious about a different path—what if someone has been working in IT for 5 to 10 years and wants to transition into a red team role? A refresher on the basics wouldn’t hurt, but where should they start? Do you have any specific recommendations for experienced IT professionals looking to make that shift?

Please who go burp suite professional

i am unable to connect openvpn with my kali linux I tried multiple things but still unable to use

Please help

Security + to make sure you've got you cyber sec fundamentals then hack the boxes penetration tester path. It teaches everything you need to know to pass your OSCP which is the big cert for pen testing

THM's junior pen tester path also shares great knowledge

i have not got any certificates yet i am planning to start with comptia a+ and security

Bear in mind that red team is usually an evolution from pentest.
That said, you're actually in a prime position there. Sec+ and OSCP are definitely a good bet, but you're already working for an org in IT. Speak to your higher ups about transitioning into security.
This is the traditional way of getting into security -- work in IT, then specialise -- so you're actually much better off than someone completely new who wants to get into pentesting from a standing start.

On which note, there's a bloody good reason why going into pentesting from a standing start is often a bad idea. If you don't understand infrastructure in an enterprise, or how the various IT depts function, then you're immediately way out of your depth walking into a pen test role. I found that out the hard way. I had most of a degree, plus OSCP, OSEP, OSWE, and CRTO before getting my first proper pentest job. Technical certifications through the gills, but still totally unprepared for how things work in a big org.

You shouldn't have that problem.

I'm trying to do a career swap from game development (Senior Producer) to information security/cybersecurity roles. Any tips on making this change? I have mainly focused on prioritization and leadership skills, but I do have some very limited hard skills related to cyber and due to the role held in the past, also know when to withhold information and when to share it. In general in teams I'm likeable and supportive and can understand people's emotions and know how to ask open questions. 30% excel and 70% emotional intelligence and adaptability to changes.

Hello! Does anyone know what are the main concepts to know or understand at least to be able to claim to be skilled in Windows?
I mainly think about
Core Windows Processes
File System Hierarchy
Windows Server Administration (GPO, Active Directory, Domain Controller, LDAP)
User Account Control (UAC)

Is there anything else important to consider?

I feel u can skip A+

With a BS in IT

How likely is it to land a remote SOC analyst job considering you're 16 , but you are really skilled at your job.
If not, what are the other methods to make money in legitimate way?

And if experince i the hurdle, i am ready to do the internships?
But how many months of internships would be considered good enough to get a job?

Very unlikely especially if you don’t have experience. You’re underage which makes anyone who hires you liable to certain laws where you come from.

If by “remote”, you mean trying to land a job overseas, then ever far from likely. Companies have a duty to keep their security teams within their country of operations (unless they are operating on a global scale and have satellite offices in the country one lives in).

About internships, it entirely depends on your company or if others are willing to hire you given that you’re underage and normally at that age, one is taking their highschool diploma.

Hy currently I'm doing free road path in thm. After finishing it if I want to g to soc analyst. Does purchasing premium and completing soc lvl 1 and soc lvl 2 enough ?

They're a really good starting point . Majority of the content is free , you don't necessarily need premium to start 🙂

Oh so the soc lvl 1 and lvl2 majority is free that's intresting 😮‍💨

Yeah , majority of the content is free but not the whole path

ok i will try it now im into completing the free path so i can get a view on every field ..after that im going to focus on a path i had did some portswigger labs too so pentest is also somewhat intrests me haha so is it possible for a guy to gain skills on both blue team and red team haha .. if i can im gonna push my skills and knowledge and learn more new things 🫠

Guys I'm currently trying to apply for soc roles and jobs. Any advice? Also is it okay to get a security+ cert directly? I don't have any certifications.

It's definitely okay to get sec+ directly, although some people find it easier to get A+ and network+ first.

I'm financially having issues, so I couldn't afford to write all the exams. So I'm just wondering if it's fine to directly write sec+ and will that certificate get me a soc analyst job too

Mind if I dm?

Sure, you are always welcome

Thank you for helping

Gave +1 Rep to @merry axle (current: #170 - 48)

when i interview and someone is like this, i ask them their thought process. i am more interested in how they got to that conclusion or why they think that rather than whether or not a specific fact is right

i do ask leetcode questions, but i dont really care if they pass all test cases. i have passed someone before who couldnt get a test case but could explain to me how to pass it algorithnically (just ran out of time)

i think if a candidate were to say "i may be wrrong" a good follow up question from me would be "how do you ensure you're not wrong?"

I have sec+ and no one want to hire me. Everyone want CISSP, at least here where I live.

Still good luck I hope you will find new job, I am looking for one too. We can do this.

Thank you. I hope you too find a job soon

I guess your pfp speaks for you 🥹

That and searching for a job in cybersec for 2 months now after being laid off

It's so depressing

Just another depressing day of sending dozens of applications and not hearing back.

So yea my pfp is quite adequate 😄

Don't worry bro. At least we are breathing. We still have a tomorrow to fight. You'll win tomorrow. Don't worry

Normally I am quite happy but current job market is dreadful.

Well I still have some saving so I am not that worried yet.

Wow cool. I'm bad with money management too lol

Well time to go back and learn cybersec no other way than to gain more experience.

Can we talk on vc sometimes?

Gave +1 Rep to @rugged sable (current: #86 - 89)

Hey everyone, I'm a first year cybersecurity student and I'm wondering which certifications are the most valuable. Which ones would you recommend starting with? Should I go for Security+ first, or is there a better entry-level cert to build a strong foundation?

Depends on your background

Ceritifications are a business requirement, at this point you shouldn't be paying for them yourself especially if your degree program covers that material.

Okay got it thanks a lot!

got it i do have experience in IT

Yea if you already got help desk and you got a degree I feel like A+ would be a waste of your time

I suggest going for a network cert

got it

thanks

any french here ? i'm looking for help (je veux faire de l'alternance mp moi pour que je puisse expliquer en quoi je demande de l'aide)

Hey I want to do the security+ certification and find a job in IT, does anyone have some tips before I start my journey?

Yes build Foundations first before security+

A+, Net+, Microsoft azure fundementals ect and then sec+

If you're just starting out and want to get into IT, tier 1 helpdesk or similar roles is the starting point. You don't need certifications for those roles, go apply.

Please don't recommend people spend a bunch of money on certifications when there isn't a need to. Respecting people's hard earned money is important when we give recommendations.

Also adding to Moose's point, uh, how's that working out for you?

Maybe they are the sales manager @ Comptia

They're not. Last I checked they were looking for their first job in cyber (and/or IT -- we never did see the CV) by paying hundreds of dollars for a LinkedIn auto-application service.

https://tenor.com/view/joke-dumb-you-gif-8906255

No one responded to my thing 😔

Every case is different. What kind of work experience you have (dont gotta be IT related) whats your education lookin like?

Whats ur country?

This

I feel game dev is a good start. What part of game dev did you do?

From a companys pov: why would I hire a 16 year old with no experience when there is a 24 year old with some projects certs education ect

U need them because most jobs expect them

How ru gonna work in tech support or networ engineering or admin if u don't have them?

Great!

Level 1 helpdesk is primarily customer service, with minor amounts of technical knowledge needed. I know a few places that were more interested in personal projects completed in free time rather than certifications

Has anyone ever tried starting a consulting business on the side? If so, how'd it go? Any advice for someone considering?

Where ru from?

Those were super rare in competitive areas

Like my area

I think if I switched locations my salary will increase cuz less competition

thats 1.4K in certs ☠️

Not more?

Spend bro u will get ur ROI

i've already got them bro - I agree with the above, would be a waste without any actual experience or direct networking, or something applicable they are abysmally easy to pass

Nice bro me too ecept the Azure one yet

Ya without experience won't be much

@cinder orbit ronin_1_3 what do u do bro?

I really need an internship pf job to get started, I already have a 1.5 yr gap. I am from India, have done ejpt and tryhackme jr pentester path. I am also planning to do masters in cybersecurity in ireland starting september but dont want to go in as a complete fresher. Please someone give genuine advice on how should I proceed.

I have been applying to jobs everyday as a fresher in this tough market and there are hardly 5-10 jobs that I can apply. I am also doing ctfs and portswigger stuff everyday and I feel like it's not useful to land a job. So, should I keep doing it or move on from it coz maybe it's time wasting right now and do other things instead? I really need guidance.

Oh, neat, you got a job then?

I already have a job just not a full time

I had an interview yesterday 32usd per hour but they want me to move to the USA and I live in Canada

Finally Guys I Finished Pre Security Path

Keep it up

What is a good Roadmap to Ethical Hacking?

You can follow this one for beginning 🙂
https://tryhackme.com/hacktivities

Congrats , great job 🙂

It costs money tho

Majority is tree and there's also a free roadmap

What type of personal project that would be?

Trying to get IT support role or even help desk is difficult these days. I don't know if it the resume or just the employer's themselves. Can someone share a good and reliable resume? Just incase if I'm getting something wrong

why aint kgb community mentor yet

Hello, I graduated from Computer Science like 6 months ago and got into networking, currently working as a NOC engineer. Been a good run, learnt a lot so far not just about computer networks but also about corpotate organization and customers, providers and the like.

Feel like I've gotten to a point where I wanna keep movint beyond your usual ticketing and L1 troubleshooting. But I feel like I've reached a breaking point. I was pondering studying for the CCNA and then focusing on more networking-CCNP and such.

However, looking at the sheer investment (not just money, also time and effort) it takes to get there, made me question if that's what I really like.

I've listened to L1.5 and L2 colleagues and peeked at what they do, which honestly doesn't seem that enticing to me.

I've had my eye on pentesting for a couple years now, but felt like I had to learn more about computers and networks in general.

It's been interesting, but now that I feel like I'm at that point where I should get in depth, I don't feel like I want to. At least not in the same way.

Anyone can relate?

Sorry for the long text

Talk to your manager about career goals, and what makes sense for your path - a good employer will be invested in your success and growth, because you will make them more money than they spend on training and paying your salary.

You shouldn't be paying for CCNA out of pocket, that should definitely be a thing the employer pays for

They might have a conditional where you are allowed to expense it

Has anybody paid for a membership to TryHackMe or another site ? Is it worth it ?

You mean premium or ?

Like subscription or something else 🙂 ?

not, but htb yes.

Might go speak to my manager, he's a chill dude. Also yeah, the CCNA is paid for by my employer, but (stupid, I know) I feel like if I get the CCNA then I should get the CCNP and so on because quitting after CCNA seems dumb, but committing to a career I might not like seems dumb, too

You can always change; when you get to a certain depth of knowledge, a lot of it is laterally transferable to another domain.

There's some catch-up to do with some of the foundational perspectives

Guess doing a few rooms every now and then, while studying for the CCNA ain't a bad idea

yes sorry premium

did you think its worth the price ?

I’m actually studying for the CCNA as well.

Weather it’s worth the price depends on what your goal for taking it is for.

hi everyone who is studying for comptia sec + ?

Got that in my bag already. Took me over a month plus to get ready for it.

could you share your exam tips and resources with me ?

I used Proff messers free videos on YouTube and the Mikes practice exams on udemy. As for tips for the exams, i did a lot of practice and when i look at the results, I focused on my weak areas by make flash cards on them.

I did a lot of practice test every time I was done with a section.

thanks !

No problem. Good luck

any help withthisplease?

┌──(root㉿ARBUNZA)-[~]
└─# sudo mount -t nfs 10.10.68.119:home /tmp/mount/ -nolock
mount.nfs: access denied by server while mounting 10.10.68.119:home

Hello I need advice for an Offensive Security/Penetration Testing Internship I applied for. If anyone can help.

That's where I fall flat. On one hand the most short term outcome would be to be paid more at my current job. On the other would be to make myself a career in networking by then going for other certs like CCNP or Huawei. But that's the core of my dilemma

I don't worry that much because my employeer pays for it anyway so I guess it's more a matter of laziness and lack of focus maybe

I know how to do this

Drop the question in #room-help

Hey guys what is everyone's job search strategy? Or the strategy that works best for you?

I think it is worth . It is one of the cheapest options on the market and you really get much for that 14$ 🙂 . However , majority of the content is free so you don't necessarily need subscription right away 🙂 .

Have my first interview on Monday for a Jr Security Analyst role, wish me luck!

grats varseth , dont get dissapointed if u dont get it - keep going and learn from the last

Good luck on your interview , fingers crossed 🙂 🤞

in this month i am applying 1500 jobs in cyber security domain but i am not shortlisted to any companies

Another week , another unsuccessful internship search 😔✊

anyone ever hear of apprenticeships in the field?

Hy

There are such things and you would need to apply to them the same way you would a plumbing or electrical apprenticeship. There's likely programmes in your region you can apply to

there are for sure degree apprenticeships in the UK - i imagine it has to be similar elsewhere

then mby ur under qualified?

1500 jobs is a lot i feel like ur spam applying without tweaking your resume

Spam is not the way to a job

Creative way to apply for phishing campaign manager /S

Not how it works IRL. Not usually anyway. People tend to be pissed off if you target them without permission. It also demonstrates a lack of integrity, judgement, and sheer common sense... Not really the kind of person which corporations want to hire.

Fixed it

The spam, on the other hand, is just downright irritating.

Lmao, fair

Hello, right now I am taking the IT and Cyber ​​Security Foundations course, but I am confused between the fields in which I should specialize otherwise. I also do not know what road map I need to make in order to complete and develop myself in cybersecurity. I hope that if anyone has sufficient experience to help me make a road map, I will follow it until I reach a good point and level and specialize in a specific field. It can help me. I am waiting for a response from you. Sorry if it is long. Thank you in advance…

also i might need some assistance myself, i’m a Greyhat that really has been enjoying the harmless pranks and gysts that technology has given me. But im wondering if i could make a career from the certificates on TryHackMe, for the soul fact that i don’t have enough money to go to school for SE.

your on the right track with Certs but tryhack me certs are more of a conversation starter than a cert that will be recognized as an accredited cert. people can cheat in various forms on tryhack me. find walk throughs, etc and there is no true final exam to obtain the cert. Your going to want to do accredited certs such as an entry level foundational certs like CompTIA Security +, PenTest+ or if you want to get into networking then a Network + or CCNA from Cisco. (It's a good idea to have strong network foundation for ethical hacking). Then you can move into more advanced accredited certs like the CEH, CEH, OSCP or any SANS Cert (GSEC, G..., etc.). All the certs listed are recognized across all of IT in their respected fields. You will have to study for them and you will take exams for them. some multiple choice, some practical exams. You don't need a college degree or go to school for it. The certs do cost a little money depending on which one but it's worth investing in your future. The more Certs you have the more attractive you look to recruiters. You can even get pay bumps in some companies by obtaining more certs. Don't let the fact you can't afford to go to school stop you from achieving your goals and never stop learning.

thank you

Gave +1 Rep to @atomic steppe (current: #2692 - 1)

ok, sent

Hi
i have recently completed my CySA+ and SOC Level 1 TryHackme, In my environment getting an IT jobs requires time because it's kind nepotism based market so i have a lot of free time in my hands while continuously applying.
My question is do you have any recommedation whats the next cert i should aim for?, im leaning more the defensive blue team.
i looked into blue team level 2 and GCIH and i cant really decide which one should i go for?

Honestly, you will need experience more so than certifications if you haven’t already.

i do have like a 5 months experience not much but the place wasnt going anywhere

im cs grad got my ccna , google IT sup

so i cant doinganything about getting job

so in the meantime while im free

thinking of doing another cert

Hmmm, both BTL2 and GCIH are SOC L2-L3 roles and its hard to recommend them without prior experience. You might be “overqualified” on paper or you will get paid less than what you are worth.

If you are looking into certifications that aren’t blue team, I recommend learning cloud security paths either from pwnedlabs or xintra. The Attacking & Defending AWS module from THM has also received multiple praises.

I think having cloud knowledge is a great plus since a lot of companies are shifting to cloud-based services.

AWS Solutions Architect - Associate and Microsoft’s AZ-104 are great entry paths.

i did study for aws part but didnt take the exam

might go for the azure one

the loop of you need experience to get experience can only solved (in my opinion) by home labs / projects is there any recommedation or should i go free roam style and figure it out

What projects have you done so far?

in cybersecuirty feild none

i did web dev and msce while studying windows server

Any recommendations for a CISSP that doesn’t want to do OSCP? I’m happy doing any SANS recommended ones, I’m particularly focused on CTI but also, management level

Yeah, for CTI the OSCP is far from what you want. If you want to do SANS and get a ff GIAC cert, the GCTI, GSOC, GCFA, and GCIH can be up your alley.

Good projects are those that you can iterate over. Find one you want to do and be sure you can build over it.

yea ill build like a basic kali/firwal/seim build

and see what comes of it in the future

thanks man

Is leet code good for cybersec or not needed

Wym build it over?

Things that you are build on top of. One example is having an AD network and then trying to test vulnerabilities on it. Then you can extend it to adding an SIEM/XDR system like Wazuh.

Gotcha

Ty

hey, is it better to get CCNA first or CompTia sec+ ?

Thanks, I have an MsC on forensics. What is your opinion between GCTI and GSOC? I have advanced OSINT from SANS as well (SEC587)

Gave +1 Rep to @dense dagger (current: #22 - 448)

Well , they cover different topics , depends what you want to do and on your local job market 🙂

I don’t have one as I’ve haven’t taken either of them. But if you’re looking at it from a price to quality ratio I would factor in: the instructor’s backgrounds, the last update of their modules, whether or not their labs are “challenging”, and other students’ course reviews.

Thanks, your replies are very helpful.

Gave +1 Rep to @dense dagger (current: #22 - 449)

Hi there bros,
Do you know where on earth can i do remote volunteering in CyberSec ?

^

Volunteering for what? Cybersecurity is so integral to organization protection, volunteer roles are going to be extremely limited.

try building a home lab. This is what got me two internships within cyber

freestyle it or there's a guide?

theres plenty of guides. I would suggest spinning up a vm environment and installing wazuh

it's open source and farly simple

fairly*

and then add agents

through that you can do configuration checks as well as alerting

i see

might need to add ram xD

don't be afraid to use the free tier of the cloud providers for IaaS as well

Most cloud IaaS will have a free tier to learn the services that is 1 or 2 minimal resource VMs

where did you apply to these internships? I have been applying like crazy to internships but havent gotten anythiong

I’ve been searching in LinkedIn “cybersecurity internship”, filtering by the last 24 hours, then visiting the company website and applying through there. NOT applying through LinkedIn

Same haha

Rip

Maybe need to beef resume

Did you put your home lab on your resume? Or how did you show it off? Was it through like a personal site

I have a whole projects section

I have some ELK stack work I’ve done, phishing email analyzation walkthrough document, and on prem wazuh server

I too am curious, are there any Vets in here that have gotten careers/jobs from making their own portfolio, how can we get in through the door?

A good combination of studies plus portfolio are recommended. The user @humble gull gave a perfect example of it, if you don’t have any cert of ELK for instance (elastic stack) but can demonstrate that you know the technology and apply it, it can benefit. One big disadvantage are big companies with HR departments that only filter CVs by matching keywords. Without having what they ask, is almost impossible to get in, i.e., degree or MsC on science… if you don’t have it, the HR filter would not let you pass even if you have advanced knowledge in other areas.

Something I’ve also done is list the certs I’m currently working on as “In progress”. That way it bypasses any sort of filter. Only do it if you’re actually studying those certs though

I am currently working towards my bachelors degree so I have it as in progress as well

Of course it can help in some cases but as I said before, HR systems are quite boolean on that aspect, either you have it or not, they don’t allow other condition but any reference to what are you currently working on is a huge advantage.

Hello there

@broken idol

I have been applying to jobs everyday as a fresher in this tough market and there are hardly 5-10 jobs that I can apply. I am also doing ctfs and portswigger stuff everyday and I feel like it's not useful to land a job. So, should I keep doing it or move on from it coz maybe it's time wasting right now and do other things instead? I really need guidance.

If you're US, are you out already? If so, have you passed the point for SkillBridge?

SkillBridge must be completed within 180 days of getting out so once the Vet status has been achieved then no more SkillBridge. I'm in a similar boat. I've been applying but no call backs and looking for ways to get in the door somewhere.

Right, which why I was asking where they were. Some start using Vet as soon as they get their DD214

That being said, there is veteran preference on USAJobs postings and the larger Defense Contractors do have veteran specific pipelines.

Can someone advise me, I have a job with a friend who and the company is a cyber security related company,

Is thm worth learning or should I be looking at something more expensive?

THM is just fine. It has all variety of tier systems. If you think you are ready to go, try hard. That should give you a good experience on if you are ready for that level. Overall, more expensive does not mean better quality. Marketing is great tool; MS and Apple are expensive but Linux is free and better.

Till you reach the advanced level, THM is just great, after that, you will have to look somewhere else.

But doesn’t mean THM will be useless after that, just not as efficient but since you are just starting, this is the right place to be and THM is continuously improving so you never know.

Awesome thank you, will put something me focus into it for a few months :).

I’m doing cybersecurity studies but I feel like it’s very theoretical. I do lots of practical stuff. I do THM mostly and I try building some cybersecurity apps. I also study at 42 school.

The thing is that I would like to maybe do a certification like CompTIA Security + and try to land a remote job in cybersecurity. I’m based in Europe. I would like to get a remote job and move somewhere else cheaper lol

Do you know if I could just get a certification between schools and could land a job? I’m looking for the fastest and easy hack to get there.

Cybersecurity is a vast field and you need to know a lot before you can start the practical stuff and thus the info dump aka the theoretical part you mention

Security + is a certification of that info dump, that you know every basic thing there is in cybersecurity, (not in depth, just the fundamentals)

You can certainly get the cert in school but landing a remote job can be tricky depending on where you are from, especially a remote job

But s+ is certainly 1 of the best if not the best beginner cybersecurity cert

Do u guys know some fun IT labs to add to my resume?

When do I know I’m ready for OSCP? I’ve been behind in CTFs and labs like THM/HTB because my school blocks the VPN, but I’m wrapping up my bachelor’s in compsci/cybersecurity and definitely know a lot of the low-level concepts that (I believe) is what is really needed to be able to pass and be well prepared for the exam

You could try HTB pro Lab Dante to check where you are. It aligns the most with OSCP.

My friend is a data engineer with 2.9 years of exp. and he is planning to switch towards Security Analyst(SOC). Is this a right move for him. Because there are no openings at present for his current role in the job market?

If he is good at what he does “data engineering” then I would say he should focus on the goal of becoming a security data engineer and not start from the role of an analyst. He will definitely have to learn all those things a SOC analyst had to and more.

It’s a high level role so it requires exp and certs, needs to work on that.

I'm currently in my second to last year in university, studying computer-science and majoring in networks. I'm leaning towards network engineering/architecture and pen-testing but after doing some research I've decided SOC will likely be an easier entry-level role to get into (ik it's usually helpdesk -> SOC but my goal is to skip the helpdesk)

I am currently spending 25-40 hours a week learning on tryhackme, as well as taking CompTIA's Network+. I plan on developing my skills, finishing the Network+, and then taking Security+ while continuously developing my practical skills with tryhackme, HTB, and other similar resources. Eventually I will look into getting my CPTS.

This is just a general road map I have currently. My goal is to get into an entry-level cyber-sec job (likely SOC) as soon as I can after university. I am also going to do whatever I can to get an internship in something network, helpdesk, cybersec related.

If anyone has any suggestions or can help me out so I can get a better idea of what I need to do, from someone with a better understanding of the industry, I would greatly appreciate it.

hi dont know if this will help but as a third year i received a SOC analyst interview and an offer letter for a network administrator/engineering role from a relatively large organization

i would say that most of it was due to my high gpa

but i think that my tailored resume and cover letters also helped a lot as my friend did not get the SOC analyst interview despite having a very slightly higher GPA. i had no work experience prior so it was mainly my courses and projects.

definitely try applying as much as you can through your school as its basically like a referral then move on to externally

i mean i basically spent more time on applications than school at some point i would say, but it gets faster once you have applied to many different roles and have resumes/cover letters you can refer to and use as templates. you still have to tailor some things accordingly to the job description

the tryhackme will definitely help for SOC analyst i know lots of people who have used that to get in including me (i assume it helped me get the interview). but keep in mind my university program specializes in networking and security as well. im not in cs

and if you are wondering my program used cisco netacad - all ccnav7 courses. my later more advanced networking courses did not use it anymore however i know a previous intern who only completed those courses (was an engineering major) and still got the network administrator/engineering role.

I work on video games in the video game industry, and while it's a bit different than big tech, I could still say your GPA matters very little. It's about the skills you have and the sentiment you build. If you mention that you're doing SOC studies through portals like tryhackme etc, you're already ahead on the game compared to someone who just focused on finishing school. People hire people who showcase their interest into this stuff through their hobbies. Let's say you manage your local network and use kali linux to do CTF:s etc. Even mentioning that will raise interest compared to someone just talking about their school success. It's not the numbers you get, it's the projects you do.

definitely i think showing interest through projects is part of it but i still do think GPA will still actually get you into the interview stage

This is highly dependant on the country though. So we do need to actually take that into attention.

I can say that in finland, we still have seniors here who were around before there was a formal industry education for tech, so they care about your skills more than your GPA

what im thinking is that

since i live in canada and everyone has a degree from a university

it matters a lot more

Okay, you're probably working for some company already?

soon

Have you already worked in the industry before?

nope

but my seniors will have degrees and masters

and my hiring manager had 2 degrees

to some extent skills yes when you actually get in but gpa is an important factor to get you in

someone from my uni has a 4.0 and is an incoming intern at google

Ah, that's interesting

I am a Bachelor of Business Administration on Information Technology side with a gpa of 4,35. But I did not have my GPA set before I was hired to work for a game company

But I did showcase a megaton of that hobby side

i imagine projects matter a ton more for gamedev

Even in terms of project management. I started a decentralized 3d-printing operation during covid to provide hospitals with face visors for the nurses

With 40 locations

around finland

😄

nice man

That probably mattered more than the gpa I did not have yet at that point

They've tried to hire me in tech companies too, but games are more fun, because I don't have to worry about people's health and well being to same extent than I'd have to in a tech company and the projects they do

Cybersec and red teaming would literally be what I'd want to do, but with the constraint that I would love to do the physical pentesting stuff mostly, because if you let a dude that looks like me in, you've already f'd up 😄

:/ hoping it doesn't have too much of an impact to be honest

Wasted a lot of time partying up until mid last year

Idk if my GPA is repairable at this point so I'm relying on really developing my skills

Well. I don't know how much it really can matter. People learn and grow throughout their lives. Would be stupid to use an educational metric in hiring professionals given they showcase a lot of skills in their trade, but have not worked that well in an educational setting. I personally care mostly about your skills, education is a plus and it's more like do you have it or not. If you're able to work in a team and can provide value, all gucci

Unpopular opinion, but need to take into account that sometimes formal education can also be a minus, if you went to a school known for being horrible and not providing the talent the industry needs you might end up needing to showcase your skills more 😄

But ultimately, take anything and everything I say with a grain of salt. My experience comes from the games industry, and I've been here for 8 years, and might not be fully synced with the tech industry trends around the world, and as seemed to be, it's apparently very location based if education matters or not.

Is the new THM certificate something that goes alongside say sec+, or could you view it as a replacement? (If so, should you get both anyway?)

New THM cert is focused on blue teaming , it is comperable to btl1 for example. By comperable i mean in terms of topic 🙂

so conjunction then? thanks a lot

Gave +1 Rep to @keen tundra (current: #1 - 3503)

You have more info on the link below
https://tryhackme.com/certification/security-analyst-level-1

ah, gotcha, thanks

If SAL1 just came out, is it worth getting? Like how will employers know what it shows?

They don’t know

And it will take a long time to gain traction usually

Ah okay I figured

Any GRC Analyst in here? What frameworks are recommended to learn or build proficiency in?

hi guys, i want to became soc analyst. So i bought thm premium today. Thm's walktrought is enough for get a job at soc analyst L1? If not, which source would be good for me?

Depends on org and client needs. What frameworks you'll be working in specifically will be determined by the business and what will make the business money.

That said, NIST CF and NIST SP 800-153 are very common starting points, and are both freely available.

I’m looking for an entry level cybersecurity analyst job.I just graduated from a 2 year program at Devry University with honors.

Try to look at #jobs-board

I know the new SAL1 cert is new and all, but I was curious if it would be worth grabbing for someone who already has an entry level cert (BTL1). Opinions?

Kinda afraid it will be impossible to find a job in the next few years . Is there any hope?

Its said cybersecurity has vacant positions even though there’s a surplus of workforce

Id assume its bc of a bunch of ppl not being qualified

Jobs are evolving as well, just saw on LinkedIn, they count HTB and THM in exp, so 3 years on either counts as 3 years of Exp

Thats good

I just starting my joirney

Journey*

The job market will only expand in the future because attack surface is getting bigger

Now they have to protect, doors, fridges and what not because everything is connected to internet

And probably humanoids in the near future

So cybersec is only going to grow

Thats good

Ty

the thought of a hacked "playing doll" is kinda scary

Ahh we are finally getting physical control through internet and thats scary? I am excited as fuck 😂

no, i mean having a robot for "fun activities" and it being hacked

Well thats kinda scary

Thats why you should get alive playing dolls

That sounds wrong 🤔

Do you have any postings? Self-learning is not professional experience.

It says exp, Lemme just search one up, maybe I will find a job with similar requirements

Check out this job at Heartland Business Systems: Penetration Tester II https://www.linkedin.com/jobs/view/4167265705

Check this one out, although it asks for certs as well but counts THM and HTB as substitute for experience

I just looked it up, and I do see that, however I would be concerned. From both an applicant perspective and from another business purchasing their services perspective

Labs are not real life

They would certainly guide whoever they choose

Then someone who is proficient in labs will take minimal time to adapt

Its like during my CCNA prep, I did things on packet tracer, doing it in real life came out as different but it hardly took me some hours to figure everything out

that company doesn't know what they want, they really need a senior role to plan out and scope what it should be. Hiring a pentester II with zero on-the-job experience is a huge red flag.

They also want CEH, which is another good indicator they don't have a clue what they're talking about

Common misconception, this is absolutely not true. I interviewed a candidate awhile back who had a lot of lab experience and zero idea about why a pentest should be run, and how they should be run. Smart candidate, but not someone I could hire due to their personality.

Also, this is not the case with pentesting. Some of the technology is the same as your typical lab, but the methodology and conduct are very different.

e.g., based on your lab experience, would you be comfortable scoping a full assessment (and making sure that all required components are covered), then conducting a full test -- not just looking for a complete kill chain, but all of the vulnerabilities.
For example, if you're doing an infrastructure test, are you looking for service misconfigurations? Are you looking for cryptography issues? Or are you just looking for RCE?
If you're doing a webapp test, would you know which security headers need to be in place -- and importantly, why some of them might not be?
Would you know enough to say that the Critical vulnerability which Nessus flagged is actually only a medium, or a false positive -- and be able to back that up? Would you know how to rate vulnerabilities, and justify that? I'll tell you straight off -- that takes considerable time and practice

Equally, would you know what not to test because it might cause damage to the client's infrastructure? Or what not to test because it's a waste of time?
Would you know how to recognise the technology in front of you, and tailor your testing methodology to that? If I tell you that you're going to be testing an API gateway protected by mTLS and Oauth2 tokens, do you know how to approach that? How about something like a full cloud configuration review? I've yet to see a proper lab on that.

More generally, what happens if you sit down with a client and they tell you that they need 9000 IPs scanned? How do you manage that project, coming from an environment where you've only ever had to do one at a time? Do you know how to estimate FTE? Or how to manage that time appropriately?

Then we get to the reporting...
From your lab experience, do you know how to write a proper pentest report? Do you know what information you need to include, and how to divide that into neat sections? Do you know which bits are most important the client? Do you know how to express yourself in clear, technical language? Do you know how to tailor the sections of your report to the audience?
Do you have the experience to give full recommendations for fixing the issues you raise? Are you able to take into account existing controls, and adjust your recommendation accordingly?

There is a huge amount of stuff that goes into a pentest, and the stakes are high. Worst case scenario: fucking any of it up could end with you (or your employer) being prosecuted.

I promise you -- your lab environments do not prepare you for that role, and that company are on very thin ice.

Well can’t really compare networking to pentesting, which is the case here, so it might be some HR putting this up after debating with ChatGPT 🤷🏻‍♂️🙂

Damn 💀

A useless cert indeed

This is like a pen testing version of what God said to Job in Job 38-41. 🔥

That's a very detailed explanation, damn lol

Its marketable tho

The certification is quickly losing value in the western market. India, as far as we're aware, is one of if not the only market still requiring people to have it.

Guys, I have to clear the aptitude tests. I am a BTech 4th year computer science and engineering student. In this final year I have attended 6 aptitude tests by companies like Ltmindtree, UST, 6d TECHNOLOGIES ,EY etc. But I couldn't clear a single aptitude test. Now I'm nervous about my next step. After each test I'm becoming less likely to get placed.
What should I focus on programming or aptitude test ?

HR appeal? OSCP has more and thats atleast something

https://tenor.com/view/hey-there-hello-wave-gif-19235605

ngl i can't imagine how people would even enter cyber going from non technical backgrounds, i've got what i'd consider a fairly well rounded technical background touching cyber,software engineering and it management and still struggle to pick up work atm, honestly feels like peters from dead pool soaking all the attention in interviews

sorry to hear

it's just got me rubbed the wrong way atm tbh, but i can't even imagine if i didnt have experience or a degree, like its just so flooded by people who don't want to actually do the work

that's sad

that said if it was people putting in work and i'd just be unlucky would be less tilted

True

The job market is really bad at the moment. I am in the same boat, I come from software dev ( python / django) and even with the experience is hard to land a role. Decided to upskill to cyber security but it looks like even this field is as bad. 😢

Yeah it’s insane, I’m about to finish my masters and even then it’s close to impossible

@grizzled hare please interact more before advertising.

okey sorry

is that really hard to find job? , may i know which country your from?

Hi! Hope you're well. I have a question not specifically about Tryhackme but about cybersecurity in general. Is it ok?

Although I'm particularly interested in the security aspect of computing, I still have a curiosity and interest in computing in general, which is why I'm currently studying the “Design and Architecture” aspect of CPUs at the moment (on textbooks like Computer Organization And Design MIPS Edition) even though I conceive that there's no direct link with computer security. However, I'm afraid it's even completely useless for cybersecurity and spending too much time on it.
What do you think? If there are professionals on the server, do you recommend spending time understanding in depth the workings of cpu's and different computer components, or should I confine myself to areas directly related to security, such as networks, cryptography...? Is there any difference between those who have this knowledge and those who don't among cybersec professionals? Is it more valued by recruiters? Thank you.

(Feel free to correct me if I have made any English mistakes)

If you look at the kinds of jobs being posted for cybersecurity, they revolve around things like SOC or pentesting, engineering and various other roles, management roles, etc. Look at what those roles expect of you. While the book you've been reading is interesting, you likely won't be dealing with much to do with CPUs unless you're designing or working on such things and the proesses around them. You should see the kinds of qualifications and education people who work in cybersecurity take for such roles. By all means, maintain your interest in things like the book you're reading, but you should be learning things like networking, Linux/Windows administation, etc. Check out the paths on the THM site and the various certs, books and other resources mentioned. Sure, recruiters like to see that you have broad interets, but they want to see that you understand the regular details that most security personnel deals with daily

Hi guys !
I have a question : I’m on my way to learn cybersecurity and system administration. I know in France a master degree is important to find work in cyber. But could you give me information about the other country? Especially in Switzerland, Canada, Ireland or Nordic countries ! (We know we want to leave France after my studies with my wife, but we don’t know where for the moment !)
Thanks for your answers !

Hi I need an advice
I got an email that I am selected for Information Security Specialist position phone interview last Friday at 2.30pm. I professionally responded at 9.30 pm. So today is Wednesday and I did not hear back from them. How to handle please?

send a follow up email if the phone interview date has passed

reply to the email thread again and include your available times for the week and ask if those work for them or if additional times are required

"i am just following up on my previous email..."

ideally u didnt wait too long

Hi thanks for you're long and well written message. I appreciate that ! I'll definitely finish my book and then move on to networks and network administration

Gave +1 Rep to @rugged delta (current: #21 - 464)

If you already have a degree in Computer Science or a related topic, you should be able to combine that with things like certifications, CTFs, having a blog, doing writeups, bug bounties, having a home lab, etc., to be able to demonstrate your abilities. Having a Master's can be a good indicator of your abilities and interests, and your ambition, but isn't always necessary, and can mean an employer will expect high performance from you. I would suggest reading the Tribe of Hackers books by Marcus J Carey. They're a collection of interviews with experts in various roles in the field with advice on how to proceed

Good morning everyone! My name is Eddie! I’m looking to get into cybersecurity without paying thousands of dollars for a bootcamp. Does anyone have any suggestions, resources or recommendations on how to get started, learn some skills, build a portfolio and eventually land an interview/job?

THM is a great starting point

🙏🏾🙏🏾🙏🏾 thank you!!

Hello,
First off your website and learning modules are 👌🏻

I have a question, Im currently following the pre-security path and next the cybersecurity 101 path for a good base. I want to focus on open source instellingence next. What path would be the best starting point for that?

You're on a great path , just follow along 🙂

Hello! Does anyone know what are the main concepts to know or understand at least to be able to claim to be skilled in Windows?
I mainly think about
Core Windows Processes
File System Hierarchy
Windows Server Administration (GPO, Active Directory, Domain Controller, LDAP)
User Account Control (UAC)

Is there anything else important to consider?

Never done bug bounty but having a very hard time breaking into a cyber career rn and would like to do some for fun/experience/side income. I know that they aren't really 100% comparable but what level of box/skill on sites like thm would you say is high enough for me to have some success starting out?

really niche question but does anyone know if "Pyramid Consulting" is a legit company, it was on ziprecruiter and they responded within the hour. im not sure if this is a legit company i should be dealing with

Pyramid scheme 🤨

If you are able to complete Hard level boxes, you can definitely survive out there but then again, CTFs are puzzely and at the same time have no defined scope, you just have to do it. Real life is a bit more straightforward but with strong rules and limited scope which you have to be within.

So when you gain the skills in THM, start in real life, learn the difference and you are going to survive

im not 100% certain, i google the company and it seems legit but pyramid consulting doesnt sound too legit

Not one company responds immediately, so its very sus

Legit company with almost a million follower, you might as well doubt TryHackMe 😭

😆

Agree on that

anyone available to look at my resume and give me a review of it?

Is there such thing as job positions for individuals with little cyber security knowledge but hungry to learn on the job or help progress learning?

Some would recommand to do some Helpdesk job aka IT customer supports

@broken idol @cobalt escarp

Lmfao what is this

what are the certain things taken care of in an interview?

Done!

i have done all things now whay i have to do

Hey brother, if you find the answer to this question, please do let me know, this is the reason I join this app, Lol

THM is the best point to start man

Strive to acquire a general overview of the field in the first place. The way you phrased your question ("to get into cybersecurity") suggests a lack of informedness. It's like asking: How do I get into playing sports?
Look into the curriculum of CompTIA Sec+. I would not necessarily recommend getting the cert (it would help with the job hunt though if you have the cash) but reading through the official cert guide will give you a decent overview of the field. You can also get the ISC2 CC which is less extensive, but free (you actually have to pay the 50 USD yearly maintenance fee to become a member, but the course and the exam are free at the moment). Maybe look into the Google Cybersecurity cert.

At this point you should have clue about which area of cysec are you willing to pursue. Then pick an advanced course and start practicing the relevant skills in your lab environment.

For example if you are interested in blue teaming: deploy a SIEM, ELK stack, NAC, maybe a DLP, try to analyze network traffic, do some digital forensics, etc. THM can teach you a lot of that. Take a look at LetsDefend and HTB.

Hi, I am looking to start a career in Cyber Security and believe am SOC Analyst would be a great starting point. Being 35 and having no degree in a relevant field, going back to University is not an option. I was looking at completing my CompTIA A+ 1/2, CompTIA Sec+, CompTIA Network+, and CompTIA PenTest+, whilst doing these I am also going to be using THM as well as building a home lab to try get some practical practice as well. Any recommendations from anyone about whether this should set me up?

can someone provife me a roadmap with free courses to optain certs (espacialy red/purple team)

You won't get worthwhile certs for free, or do you just mean training?

THM map may help for learning purposes
https://tryhackme.com/hacktivities

Hey Guys!

I’m about to finish a degree in Electronics Technology. I want to get a job as an SOC analyst 1.

Currently I have:

• Security+ Cert

I’m pursuing:

• Splunk Core certification
• Microsoft sentinel SEIM
• home lab
• Scripting using powershell

Any tips on anything else for getting a SOC Analyst job?

I'm doing master's in computer application from govt engineering college I want to make my career in cyber security I'm highly interested in blue team roles like SOC,DFIR can anyone give me guidance I want to do internship as soon as possible and grab job ,my father have some liver and heart problem

I'd suggest doing the SOC Level 1 and SOC Level 2 paths on THM, and consider doing the new THM SAL1 certification, or perhaps the BTL1 or another practical SOC certification

#announcements message

for anyone wondering they are a scam, been doing it for 16+ years

Are you going to provide a source or other evidence?

guys i want to start a learn about cyber security but i want start from the biginner hahaa, there some good content to recommendo ?

basic please

https://youtu.be/Tqnns1Sbr54?si=dlfFaFnh08c0oUEL

Along with an automated bot asking for my social security number before actually knowing if I'm hired

guys i have ceh v12 and have decent knowledge but i dont have degree actually i failed in exams can anyone help me to land my job 🙂

I have a question. What is the best real life hacking tool to buy? Is it Flipper0 or maybe Proxmarc3 rdv4 or maybe another gadget like this? Im concerned in credit card security and training thats why i ask

Hi I hope everyone is well, I just wanted to ask for help with my job hunt in the Cyber Security or IT field (UK).
I've recently completed my MSc in Cyber Security with a Distinction (1st) and have a BSc in Computer Science achieving a 2:1 .
I've got no relevant experience, just summer jobs.
I am currently studying through the SOC Level 1 path on tryhackme and I'm looking to start learning for the sc-200 cert.
I would like to get into an entry level SOC analyst role (preferred), or any entry level IT role to get my foot in the door to gain experience and try and shift around from there.
If anyone has any advice or guidance I would really appreciate it and thank you for your time reading and responding to me in advance.

The CEH is still accepted by a lot of organisations in India, but you may need to complement your knowledge with practical experience, a blog/projects, writeups, home lab, CTFs, bug bounties and progress on platforms like THM, PicoCTF, VulnHub, PortSwigger and others.

A home lab, for instance, could include old/spare computers, virtual machines, a cloud account (AWS/Azure/GCP all have free tiers available), or a combination. You might post a blog on a platform like Medium, or even GitHub, or use it to discuss projects you're doing, etc. You'll need to check the rules of the platforms you engage with as to when you're allowed discuss/share details of your progess/experiences/writeups. Obviously, you can make use of blogs/writeups/videos others have published to help you learn more; as the cybersecurity field is always evolving. Best of luck

Congratulations on your academic achievements and your enthusiasm for pursuing a role in a SOC. It's usually the first role most people in the field will start with, and spend a number of years with. You have the right attitude with regard to your pursuits, and it's perfectly fine to pursue a role like helpdesk/tech support/IT (Windows, Linux, Networks, etc.), when looking for experience and a solid grounding.

You should consider on your resume/cv to include the work experience you've had; it can be a good demonstration of your willingness to participate and contribute. As for certifications, the SC-200 is recognised by potential employers. AFAIK it's a mix of multiple choice questions and interactive components. THM has recently launched the SAL-1 (Security Analyst Level-1) certification with both multiple choice and practical simulation aspects. Here's the announcement and a review of it for your consideration, since you're pursuing the SOC Level 1 path
#announcements message
#announcements message

Credit cards are pretty specialist. None of those are really credit card related, there's not really kit out there for it.
What are you working on?

Not really working on anything. Havent even put my foot in water yet. Just wandering where to start and how. Im new to gadgets and cybersecurity in general

Don't start with credit cards
Be very careful around the laws that govern hacking too

If 1 plans on moving to a higher level then skipping CeH is better

Security+ and then a decent certification like OSCP for intermediate level

Or if you have all the money in the world, then no problem on going for the all the certs you can 🤷🏻‍♂️

Cert hunting isn't actually recommended, not just from a monetary perspective, but also from the negative connotations.

OSCP is entry level for pentesting, just FYI

I have a degree, sec+, and help desk experience and can't seem to find a job 😔

can you elaborate on the negative connotations, please?

Certifications without experience are a sus flag for employers. While certifications show you know a certain thing, it doesn’t necessarily translate to actual experience (e.g., doing a pentest for a client, writing a report, scoping an engagement, etc.)

I see, thanks

Gave +1 Rep to @dense dagger (current: #22 - 450)

For an entry level role? Like will it be sus if it’s for my first job and I apply with sec+, CCNA and CPTS?

It all depends on the employer tbh.

I feel like you deleted a whole paragraph just to say this 💀

I mean it showed Mknukn’s typing for a long time

Thank you, I appreciate it and I will look into it

Gave +1 Rep to @rugged delta (current: #21 - 465)

Hello... I am Mubashir... i am a try hack me beginner... im looking for partners to learn together and build future partnership and workspace... if you are willing to join in try hack me and be friends pl send request mubashir.3lancer@gmail.com Thanks and happy learning.

https://discord.com/channels/521382216299839518/833866257077895178

😅

thanks.. i new here...

np, hf

when will the complete beginner path removed from TryHackMe ?

Hi everyone ! is there any recommendation I can get about a book while studying for CompTIA Sec+ ?

@plain vector I just picked up CompTIA Security+ Third Edition by Ian Neil from Pakt publishing. So far so good.

“Security+ Get certified ahead by Daril Gibson and Joe Shelly”

Thanks guys

Just completed Google Cyebrsecurity Professional certificate program

actually boosted some of my knowledge which Sec+ requires.

especially threats vulnerabilites and mitigations

Hello, can you give me more information about the certification? and how it works? I know you do the course on coursera, self-paced, and in order to receive the certificate you need to pay. Can you tell me how much did you paid? and if you can complete the course in a month for example.

Hi, sure so the course is normally should be finished within 6 months but I have finished in 3 because I was barely having time and I have paid a lot money 30 or 40 $ a month something like that. The best option is there if you can complete it in a month or a two that would be great because the knowledge in the certificate program are very basic thus do it if you can complete it in a month or two if not I do not recommend spending more than 2 months in the program better to spend it on Comptia exams. But it does give you the basic knowledge in some aspects especially for the sec +. I would say its 6/10 better to spend the time/money on comptia materials.

Ok, thank you very much, now I only need to schedule my program to be able to complete it in a month 🙂

Gave +1 Rep to @plain vector (current: #2709 - 1)

Good luck 🙂

riiight... so im hearing some rather gruesome stories about pentesting as a career being really difficult. As a beginner, its gotten me a little concerned ngl. Anyone here have any experience with pentesting professionally to give their two cents?

I don't have direct experience but I can say that lets not call it very difficult rather call it a long road it but at the end if you learn consistently you are gonna get your reward in life you just need to put in work IT in general is a long path.

Do you guys think putting certs you’re working on on your resume is a bad thing? For example, “OSCP (in progress)” under your certifications section

Is that okay?

You can but I wouldn’t

Why would it be good or bad for example, I thought it would be a good thing

I don't know that it's a direct negative, but I personally wouldn't. I haven't earned it, so to me, it doesn't belong. That and what are you going to do if you fail and you've applied to jobs? It just opens up unnecessary, imo, questions.

You can feel free to discuss certifications you're planning on, or you've booked. Failing cert exams is a normal thing. If the cert is a requirement for the job, you won't get an interview, and if it's a suggestion for the role, unless they say they're paying for it, you shouldn't list it.

The only time you'd list a certification you don't yet have is when, for instance, you're doing a college/uni course and the certification is part of that course. You can mention your intention to complete it by the end of whatever academic period/when you graduate. Other than that, leave it off the resume/cv. You might mention that you're preparing for it if you get an interview, but otherwise don't

Hi guys, I am looking for friends who share the same passion; Cybersecurity or Desktop engineer. I am an IT professional in the Dallas. Texas area. Please send me a private message

I am looking for the same I am in the Kansas City missouri area

https://tenor.com/view/charlie-day-gif-18564553

Question regarding the learning process: Is feeling overwhelmed a common experience for newcomers in CTFs and security challenges? When machines take hours with minimal progress and consulting write-ups becomes necessary, is this part of the normal learning curve? For those now working in pentesting or threat analysis, how did you manage the initial learning phases and stay motivated through difficult challenges? Any insights would be valuable.

I have done this under particular circumstances: Halfway through a CCNA class, having been referred to the job (along with the rest of the class) by the instructor, I listed the partial cert study progress. I stress that I did this only because 1) the certification, and the things the employer knew I would have learned by that point in the course, were directly relevant, and 2) I was referred in relation to the cert course by its instructor, who had an established relationship with the employer.
If that's happening, then sure, go nuts. Otherwise I would lean toward no. Maybe, if you're taking a course and the cert is going to make or break you for that role.

Yeah it is. I was in the same boat and I also occasionally peek at writeups every now and then.

Dallas is a pretty good place to be for that. Just moved from there a while back. If you fw FW vendors in the area, tell DTAC and/or the ELTA 11 diaspora that Puff Junior says wazzaaa :V

Thank you 🙂
Its really frustrating some times, but addictive the same. ^^

Gave +1 Rep to @dense dagger (current: #22 - 451)

Hello everyone, I’m looking into getting cyber certificates. Specifically catered towards red teaming and pen testing. I have been looking into EC- Council’s certs but the information I find is that they are useless certificates. In your guys opinion what certifications should I seek for a career in penetration testing?

Yeah , I also used write-ups and watched a lot of videos when I was starting . I mean nobody was born with knowledge , you need to get it somewhere , just find good author and make sure you understand what are you doing 🙂 .

thank you 🙂

Gave +1 Rep to @keen tundra (current: #1 - 3647)

It is strongly recommended to use a password manager for storing securely passwords. However, I do not like and trust Lastpass, is there any free alternative?

bitwarden

can also be hosted locally

https://bitwarden.com/download/

I'm new, too. What path/room are in you in?

Anybody here learning while abroad.

KeepassXC also good if you don't mind managing your cloud sync yourself

And if you want to have it on your phone, then Keepassium is cool. It has some features locked behind a paywall, but even for free it's good

Need a Vietnamese hacker

Hey this isn't a hacker-for-hire Discord server. We are unable to help you here as it would be against our community #rules

🤣🤣

:mute: al.saffah#0 has been muted.

Dude you muted me for laughing? You saying “hacker-for-hire” to her “need a Vietnamese hacker” is funny af and I am somehow breaking the rules?

I will continue to use emojis, ban me next time if you got a problem with that

hey, any idea if i can get Job in georgia? 🇬🇪

comptia scurity + is very costly what should we have to do ?

:hammer: al.saffah#0 has been banned.

thank you man, appreciate the positivity

Gave +1 Rep to @plain vector (current: #1771 - 2)

Are you a student? You can get it for a fraction of the cost through their academy store

If not get a discount by buying a voucher through professor messers website

You r welcome !

Does anyone recommend a resume that has space for putting some skills in without making it the focus?

Like a "familiar with" section maybe

template*

so, I have been doing networking security for about 20 years, I'm about to get let go after an acquisition. how much of a step back would it be shifting from netsec to a cybersec role for say pen testing or maybe red teaming?(I'm not real clear on what roles are)

Can yo provide an example? Like a template you see with that?

yeah, I'm trying to send a picture but I don't have permissions

on some resumes there's a section on the left hand side where it includes stuff like "skills"

You'll need to verify a THM account to get permissions to post pictures. We've had.... problems in the past, and so we don't allow unverified to post images.

oh i have one

how do i go about that?

that's not the right link. weaksauce bot devs! @quasi stream

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account for full instructinos, short answer is /verify <your-thm-account-token>

with that much experience, I'd be looking at network architect or director type roles - that said, you are probably qualified for a senior network pentest role; not sure what you make now, but i don't think they'd want to slot you into a junior role with that background.

notice how the lefthand side is spaced out? I'd like to have a template that looks compact and modular with a similar section as skills

I guess I could definitely try with one of these resumes first to see if I even need something more compact

i really hate that format. I've seen it more often from european candidates, and I do not like the left hand strip. having a skills section is fine, but that template does not flow well when I read it.

that's right, do you have any suggestions? @flat sedge

I want to avoid that generic look

I can put my information down, with the obvious private information censored and we can go from there

My first suggestion is to find a resume format and template that appeals to you.

Hello friends, hope you are doing great, I’m here just looking for some help,

Tomorrow I have my final interview with the SOC fraud Leader and the QA at local company, I already been through 4 prior interviews for the position and went successfully through them.

I’m trying to figure out what questions I might face. If I pass the interview, I’ll land the cybersecurity analyst position. Does anyone have any recommendations on what I should practice, or at least what questions I should keep in mind that might be asked?

Thank you in advance, I do appreciate any help possible.🙏🏾🙏🏾

This will be my first Cybersecurity related position, so it’s kind of hard to know what to expect when you don’t have in-real world experience m, hope someone can help me, thank you

I would suggest crafting a resume that applicant tracking systems can easily process.

what features do resumes like that have?

thats a good idea

Keep it simple, don't add any fancy borders/colors, try to use the fonts like arial,Helvetica,verdana and use keywords to tailor your resume for you desired Job so that yoh can increse the proportion of getting hired

currently im in cyber 101... SQL basics... what about you?

Here is an example 👇🏻

To increase the chances of a resume being seen by a human recruiter, many companies use AI to screen applications; therefore, maintaining a well-organized resume that AI can easily process is beneficial.

Hey @warm hinge , How does this certification path for Red Team/Pentesting looks like? PNPT > CPTS > OSCP

Honestly, I am no expert in cybersecurity i think this is a solid path.

Security+ and pentest+ by compTIA can be advantageous if you are starting new to Cybersecurity

Security+ yes as fundamentals , but avoid PenTest+ since its only theoretical , ethical hacking is fully practical hassle and only practical certifications are worth doing.

I got offered a position as IT Helpdesk/security support… is that real role?

Thank you for the reply, i will keep it in my mind 😀

Gave +1 Rep to @zealous plume (current: #2711 - 1)

Yes, a help desk position is a good entry-level opportunity to gain experience in the IT field.

Congrats for the Job offer 👏

Thanks. Are my certs enough or do I need to know more? I have A+ Network + and Sec +

Gave +1 Rep to @charred knoll (current: #401 - 15)

That would be enough and good communication skill can be a bigg plus

Whats after help desk? What position should I prepare for?

Probably for system admin or network admin

Which can be a stepping stone for cybersecurity

So I’m not at cybersecurity yet?

No, help desk is typically considered an entry-level IT role. However, it's a valuable stepping stone. You'll gain experience with troubleshooting, customer service, and understanding how different systems work. System admin or network admin roles often follow, and those are much closer to the cybersecurity field. They involve more in-depth knowledge of networks, servers, and security protocols

I hope i could help you 😄

Definitely. I was a little nervous about starting this new position. I thought maybe e I didn’t know enough but if you say my certs are enough for help desk then I believe you.

what was the command that you were running? Sorry missing some context here 😅 /docs verify?

Your certifications provide a strong foundation for an entry-level IT help desk position, and gaining experience will further enhance your career prospects.

yeah, docs verify brought up to the "verify your school account" page, not the "how to verify thm on discord"

Looking for advice
I have a Computer Science bachelor degree and I did the presecruity, cyber security 101 and SOC 1 paths .
Now I have a little more than a month to find a remote job or I will have to move on to do other things (salary is not an issue for the most part as long as the job gives me experience)
Is it possible? And what steps should I take?

Those who got an SOC analyst role, what projects were most impactful for you guys?

Hello friends, is there any way by which I can earn money sitting at home or cover my study expenses
Please🙏 help guys I want to study but studying is very expensive.

It is better if you start from the beginning look for a entry-level job then with experience you can apply advanced jobs or step into cybersecurity, i recommend security+ by compTIA for a beginner level cert in cybersecurity and if you are completely a fresher then compTIA A+ can be a good option

For your convenience, you might consider seeking employment opportunities through job search applications or platforms like Indeed, perhaps as a transcriptionist or a freelance proofreader/editor. Please remember to consider your location, as job opportunities can vary from country to country

I was looking at the content of those certs and it's mostly stuff I already know and studied before

Yeah i know but certs really shows that this individual knows stuff, because industry standard certs can be a plus to the candidate when it comes to be a pioneer

That's not a fair assessment of the value of certs vs degree.

Having the degree makes having the certs unnecessary, unless the business explicitly asks the employee to get those certs. Certs establish a baseline expertise that is accredited, to an auditor or to another business customer. In the absence of needing to 'sell' the idea of employee expertise or other business requirements, certs are not important.

Looking at your message again this is the most vanilla advice you can give 😅😅

I already have the degree
Any idea how should I navigate rn

I don't understand what you're asking. Can you reword this so what you are looking for is more clear?

basically what should I do to find a remote job
In the next 40 days

if it's even possible

Apply for roles that look reasonable? Your question is still not clear what you're looking for.

Oh I didn't mention that I am not getting any responses

It usually takes 2-3 weeks for a company to respond to an application beyong 'we received your resume and will review it.'

If you aren't getting responses beyond that, it's likely that your resume isn't getting through to a human because it doesn't have the keywords that each job is looking for.

I strongly recommend you personalize your resume for each job you apply to, aligning the presentation of your knowledge and experience to the requirements and tasks of the new role.

Added to this, put your cv/resume and the job description into one of the many ATS checkers on the web. They can tell what terms you need to include in your resume (only include ones you actually know). This helps your cv/resume get seen

I apologize for the inaccurate guidance

I appreciate for correcting me 😀

I understand your perspective, and I agree with you. However, in my job search, I frequently encountered requirements for specific certifications.

Cert requirements are often more 'fluid' - if a company thinks that a candidate is a good fit for the job and capable of getting the cert, they may put a probationary period on employment. Such as, "you have the knowledge but not the cert, you have 90 days from hire to get that cert. When you pass we'll reimburse you for the exam"

Thank you for taking the time to explain me things i was unsure off 😄

Gave +1 Rep to @flat sedge (current: #11 - 812)

I will try doing that thanks

Gave +1 Rep to @flat sedge (current: #11 - 813)

@keen tundra

Only mod/admin can help with that 🙂

What do you need help with?

there was someone with a steam gift away link

Ah, that checks out, thanks.

Has anyone heard about CRTA certification by cyberwarfare?

Is anyone Bangladeshi or Indian?

Yo guys I will start an MSP, what do u guys think?

you play chess?

Yes, I am rates 2000+ on chess.com

Do you play OTB?

Not anymore, Now I rarely play on cc, because of work and my road to 1M$ income per year lol

What is ur rating?

like 900

i suck

Hello, I just got hired for an internship in cybersecurity as a junior analyst. It lasts three months, but the salary is around $500. I live in Latin America and I am not sure what recommendations you would give me, because if I manage to pass this internship, I would be hired. I would really appreciate if you could contribute to my experience. Thank you in advance.

I need a little guidance and I'm hoping this is the right place to ask. I do not have a IT background outside of basic computer knowledge and have a degree in Criminal justice that i have used over multiple jobs at this point. I am wanting to break into the Cybersecurity field although I do understand this is not a entry level gig. The 2 long term jobs that have really struck my interst are Penetration tester and Digital Forensics and Incident Response. I have started the beginner course TryHackMe is offering and have really enjoyed these. I am just needing a little guidance on the direction I should be taking and what other things I should be working towards.

sorry I know that was a lot

I need some advice, please. I am working at my first IT job as IT support for an MSP, where we mainly support the medical and some restaurant businesses. My non-compete agreement states a 50-mile radius, especially with another MSP, but I’ve been invited to interview with another MSP that supports schools. It offers a 20-25% raise and is more helpdesk-focused. What are the risks? Is it worth it, and how will it look on my resume in the long term if I leave after only 6 months?
Thank you in advance

Going from IT support to help desk is like downgrading your carreer to me. Unless we mean different things with IT support. I do IT support and in my company, helpdesk only does the half of what we do.

a lot of that is actually unenforcable, depending on the area you live in. talk to your local labor board to know your rights

hey guys. I read on THM that the Comptia Pentest+ Path on THM is enough to prep for the Security+ exam. Is that correct?

thanks

Gave +1 Rep to @flat sedge (current: #11 - 814)

Oh dam bro, well u seem good a cybersec if u want I can teach u chess and you teach me cybersec

Wdym 50 miles radius?

If you leave after 6 months it might look look to them that ur not loyal, good at your job or can't keep a job

cant work for another MSP within 50 miles from the current job
Yes, but its 10-20% raise, is it worth the gamble
Im not planning to stay there for long either, i wanna do something like a hybrid between soc and grc

hello im pHAT i kmow alot about network and must protocols how its work and the security cetficatr and event logs and more i want road map to blue team in depth in soc team and forensics team i and i need group of friends if they are making skills and sharing skills i need pepole who make metting evrey day and talk and disscus alot of thing so i learn more and help each other

Hello , if you're interested in logs and blue team activities you can check the two path linked below 🙂
https://tryhackme.com/path/outline/soclevel1
https://tryhackme.com/path/outline/soclevel2

after that its gonan be some certficate or studys in depth in specfic thing

when soc 2 came ?

so fast cool

What would someone recommend eventually progressing to from a network administrator/engineer role? I start soon, but I figure the role would be a little stressful, so I eventually want to move into something else that is related.

As of now, I was thinking of eventually getting a government network based role, as I have heard working for the government is more relaxed.

It came out a long time ago 🙂

government is also more stable

a company would rather kick somebody out

yea i was thinking of using this company's prestige to eventually get into a government role

or some security role that still deals with networking

not sure how exactly i would do either though

Hello everyone, I am seeking advice on my next career move. I’m currently a cyber analyst but just recently received a job offer that will come with a 15% pay increase (before negotiations so maybe that number increases) for a Senior position.

The position is on the GRC (governance risk and compliance) side of things. My current role is more technical. I have a few thoughts on this:

On one hand I think it’s a no brainer. Take the significant pay increase along with the Senior title.

On the other hand, I’m a little timid to move away from a technical role to more of a project management / admin role.

I’ve heard that eventually in cyber security, you’re going to be asked to manage people / projects anyways and the days of doing the technical work will come to an end. If you want to continuously climb the corporate latter and earn more money, that is. Which I do.

Any advice on this? I’m leaning towards taking the position, I just want to gather some thoughts from the group please.

All depends how you feel about the job , money wont give you anything material that you already can have so let yourself get comfortable . If Technical side what you like , then let it be .

I wouldn’t necessarily say it’s what I like, it’s just what I know and have been doing. I’m open to other disciplines on cybersecurity. I just want to make sure I’m making the right career move to max financial opportunities in the future.

In that case go for GRC role , just make sure you got enough experience on paper to reapply for a technical position in case your new opportunity will be unbearable.

Thanks for the input

Gave +1 Rep to @zealous plume (current: #1774 - 2)

Hello, i'm Blackxut 🐈‍⬛

Currently i'm focusing my learning in data science.
Do you have any suggestion of rooms that involves "data scientist", "data engineer", "AI", "Big Data", "DataBase", ... ?
As an example, i liked a lot [Machine learning] Can't CAPTCHA this Machine! during THM AoC 2023

Thanks for your time and have a good day ☕

Apart from one challenge in AoC2024 there're no ML/AI content currently on THM 😦

I searched a bit but didn't find any ML room, what about topics that involve Data in general ?

Not really , THM is security oriented platform

Alright then, i thought i could find stuff that mixes cyber and data. Thank you for your answers

Gave +1 Rep to @keen tundra (current: #1 - 3709)

hey

nnvm

It would be a cool concept

hey i am new here in this cyber seecurity field from where should i start

hey there! current automotive technician of 7 years. looking to get into tech. been working on THM pre-security courses. seems to be the right path so far, any recommendations on resume building based on my automotive skills to start a transition over to tech?

Buddy did this transition a couple of years ago. He transitioned over to a Helpdesk, worked there for a year, and then transitioned to a different company doing more Linux admin work. Then moved more recently to a more cyber focused role

I feel like quite a few skills I have from automotive would translate well. especially considering new vehicles are saturated in modules nowadays. only been doing it for 7 years but it's killing my body already. plus I just have a genuine interest in tech

Hi!

I've been a certified tour guide, have a Master's degree in museography, worked as a CEO's assistant in a truck company, then been a volunteer EMT for 7 years while doing nurse studies, and now, I'm an artist's agent on my way to cybersecurity:

wow! you have quite the experience in various fields, that's awesome. thank you for your volunteer service as an EMT!

My tip for your resume: be proud of all you've done before, don't lie, and just be yourself.

Explaining why, at some point in our lives, we decide to change our career fields is a demonstration of strength, ability to learn, adapt, evolve as a person: I love explaining all that choices in a great letter on top of my resume!

Nowadays, company are not hiring "diplomas" anymore, but personalities.
At least, that's the way I see things.

couldn't agree more! thankfully my soft skills are pretty decent (if I'm critiquing myself) and I know that's super important in this field. I just want to find that fine line on my resume that'll highlight my accomplishments in my automotive career, show how it can be applied to tech and get myself past the HR filters

Thanks, it's kind of you!

My point was that, even tough I've worked in lots of unrelated fields, every experience was in correlation with what I wanted to live at that time, and that's how I present things: I'm not "lost", I do what matters to me. 🙂

Gave +1 Rep to @unique scarab (current: #2714 - 1)

absolutely! that's where I'm at in life. almost 30 years old and I've lost my passion for turning wrenches. I have always loved technology and feel my passion is shifting significantly. that alone makes it justifiable in my head to make a career change now. I simply want to do something that makes me happy

I've had to keep myself away from the naysayer mentality on sites like Reddit - all doom and gloom about tech/cyber. I've always been about pushing past my comfort zone and I love that tech/cyber is challenging and always evolving

Regarding my education and job history, I'm a pro HR hacker! My tip: a good letter, well written and structured, pinpointing your skills and linking your past experience to the next is waaaay more important then a simple resume or a "standard" letter.

I get you, I'm 34, and starting studies in cybersecurity! 😅

Not on Reddit: I'm listening to my heart and mind. If you wanna do tech, do it! 😀

Plus, you've got your link! Tech is all over automotive now, so it'll be easy to write a letter highlighting the skills you already have. 🙂

human resources ?

Yeah 😊

Anyone currently working under the “unlimited vacation” policy?

Yes

Welcome , you can start with this pathway 🙂
https://tryhackme.com/path/outline/presecurity

Hi i'm very close to get a new job as Cyber security analyst. Just the last step. I have long experince from IT in differents role and have seen many enviroments. What do you think is the best courses/paths here to get more training. I have finishes security engineer path...

For SOC analyst you can check out two paths linked below 🙂
https://tryhackme.com/r/path/outline/soclevel1
https://tryhackme.com/r/path/outline/soclevel2

Question for you, do you know of any CS jobs that provide training?

What do you mean by that ?

Hello everyone, I am currently in 3rd year of my college pursuing Btech CSE degree in India, and its a 4 years course. So I want to do masters in Cybersecurity abroad but I don't which country is good currently I am considering this options: USA, Germany, Sweden. So can anyone suggest me where to go and what are the requirements, also which exams to prepare? Please it would be very helpful 😊

Hey everyone, I’m looking for some advice on how to navigate my next steps in cybersecurity.

So far, I’ve secured my CompTIA Security+ certification and completed the Pre-Security and SOC Level 1 paths on TryHackMe. However, due to hardware limitations (my laptop isn’t powerful enough) so hella weak🥹, I haven’t been able to work on many side projects. Additionally, due to my geographical location, affording premium training programs is challenging because of high exchange rates.

Right now, I’m considering applying for remote help desk roles to gain IT experience and secure funds to continue my cybersecurity education. I’m also taking the TCM Practical Help Desk to boost my chances.

My ultimate goal is to land a SOC Analyst role, but I don’t have enough xp to with —just Security+ and my TryHackMe progress. Given my current situation, should I:

1. Keep applying for entry-level cybersecurity jobs (SOC roles, etc.) despite my limited resources?
2. Go for a help desk role first, gain experience, and then transition into cybersecurity later?

I’d really appreciate any insights from those who have been in a similar situation or have experience breaking into cybersecurity. Thanks in advance!

Why not both. Apply to Soc roles and help desk then leave the desk whenever you land the Soc job you want

yea just apply to both it doesnt hurt

Question on top of parelis, When transferring from a non cyber sec role, What would be those like "Starter" Jobs that you should be looking for? Help desk? SOC? anyhting else that comes to mind?

In my experience, if you have a good enough fundamental knowledge of Active Directory, networks, operating systems, and overall computer science, and you are able to prove your knowledge, then apply straight for an entry-level cybersecurity role, like SOC. Obviously, you also need to know the fundamentals of a SOC analyst's job, but luckily for us, we have the SAL1 certification to prove our skills!

What I've done is spend four years in basic IT support, and now I'm learning cybersecurity to land my first SOC analyst job. I think the experience in basic IT support has helped me a lot

So what do you class as basic IT support then?

most IT support is pretty basic

just help desk roles or L1 IT support roles

yea soc and help desk

ideally u dont stay in the roles too long

Neat, Also what is the differneces when they mention the levels

just like the points of contact

l1 is the first point of contact

l2 is more complex issues that l1 couldnt do

l1 and l2 can vary a lot depending on the workplace. In my experience, at l1 you gain basic knowledge of troubleshooting, operating systems (mostly Windows), basics of AD and Azure AD, O365 admin, and networking

ahh fair

Also. How the hell do i learn about azure. Because i see it nearly in every job ad and I have no clue how the hell to get any practice/access to it, don't know fi im missing something obvious or just not looking hard enough

Coursera and udemy got good courses, you can also do hands on projects to learn more about it

What even is it? Cloud?

Guys i have been applying for almost 3 months now, looking for entry level roles, networking seems to be like barking at a wall with no replies. Applying feels like a drag and all are rejections, should i just give up😭😭(i am 150 applications in)

Yep

Its a cloud service provider like gcp and aws

You can learn more about it, on thm(they have a room for it) and as well on their documentation about their services offered

Ahhhh okay so i do know what it is just never actually used it

Hmm

Also shrek, dm me your resume ill see if i can help you

Ohh thanks

Gave +1 Rep to @carmine sandal (current: #2716 - 1)

All good 😄

Hey y’all, dealing with some rough family issues and gotta leave my parents’ house & no clue where I’m headed yet, I just need a remote job ASAP in cybersecurity or sys admin (part-time or full-time) to stay afloat, salary isn’t an issue as I just need a place to start

If you can help in any way, lmk & I’ll send my resume, pls no negativity or sarcasm, I'm already dealing with enough,,, appreciate y’all 🙏

Try to check out #jobs-board , also try to search some offers on LinkedIn from your local area .

Just wanting to find out some information from anyone within the Incident Response side of Cyber Security want to ask some questions and pick you brain for some info. Feel free to PM me and I'll get back to you when i can. I appreciate you're time and willingness to help thanks guys 😄

This is a very interactive and open community. Feel free to post your questions here. You'll be more likely to get more contributions and it'll add to the knowledge the community regularly shares

Thank you so much for your input and support, you guys are truly amazing 💯🔥

Gave +1 Rep to @golden spoke (current: #2717 - 1)

hey guys, ive been learning cybersec for some months now and tomorrow i have a job interview as a Junior Sys Admin (new to IT i think thats good to get into industry before SOC) do u have any tips on what to focus? kinda stressed ngl

use chat gpt to study for common sysadmin interview questions, i used it to study interview questions for an interview i had a few days ago and it helped. you can hold down on the response (right click if on computer) and have it read the response to you. You can also respond with how you'd answer the mock questions, and it will help improve your response. Practice answering common questions that they're almost certainly going to ask you first like, "tell us about yourself" etc.

You are entry level, I wouldn't stress about it. As entry level you aren't really expected to know much, just show a good attitude and do not be afraid to say you don't know.

I would NOT recommend using chatgpt or another ai to practice interviewing, as you don't know enough about IT to know when it is giving you an incorrect answer or response.

It's expected that entry level people are nervous in interviews, because you haven't done many of them yet. Just do your best, answer honestly, and don't be afraid to say you don't know.

thank you both : )!

calmed a bit

when is your interview?

tomorrow at 11

one question you can prepare for, that I can almost guarantee they'll ask, if the "tell us about yourself" icebreaker. Definitely think about the best way to answer that one. I understand people are averse to trusting chatgpt on technical matters, for good reason, but try it out for nontechnical questions and discern for yourself if the response sounds professional or not. Personally, it helped me practice professional ways to structure and answer common questions. Since you're on such short notice, it may prove a useful tool. Youtube videos like "how to prepare for sysadmin interview" may help too. Like mod said, answer honestly and if you dont know the answer smile and say something like "You know, I haven't tried that yet [or something like that] but I'm eager to learn more about it". Never answer a question with just "I don't know".

ye thats what i thought about ur & juun`s answers (to try and practice some non-technical questions with GPT guy) , also, thanks for the tip about no-short answers, noted for sure📔

I got a new joboffer as CS analyst today

hi everyone

Good luck @slate wraith
A game plan:

1. Put together a good resume highlighting your project experience, and get it reviewed by peers and recruiters if you can.

2. Connect with real people you know, explain what you want to do, and ask for help finding work. Uncles, school mentors, church or civic clubs, friends parents.

3. look at sites like Upwork, remotejobs, weworkremotely for possible short gigs.

4. Get on LinkedIn, clean up your profile, and connect with recruiters and tech people in your local area.

Try to directly connect with local tech business owners and send them a message, introduce yourself.

5. Meanwhile start hitting every job application you can find for junior IT jobs. Help desk, tech support, ticket triage, etc

Foot in the door is better than waiting around for the dream job.

The prime rule here:
🔑 Real people connections are the key.

1 in-person connection > 100 job applications

Almost everywhere i apply calls me back. The key for me is getting in the top 20 people that apply on linkedIN i am new to the industry but i have 10 years experience as a logistics manager so that may help. Just sit on linkedin and refresh and as soon as a job pops up apply as quickly as you can

How my email?

can i get a site for IT jobs please. i appreciate

You mean #jobs-board ?

Obviously a work of AI: "perpetrator webcam" , "selected an option that installed", "in this ever changing technological world" (I'm missing the "let's dive deep into this topic" part 😏 ) , but the message is clear.

Hello guys hope all are good, i have a big confusion in choosing the right certification for myself among BTL1, CCD, CDSA and SAL1. I have 12 years experience in various fields of IT in which 2 years of security experience, currently holding CEH ECSA ECIH. Seeking for your suggestion.

When choosing a certification, consider your career goals and interests:
CCD (Certified Cybersecurity Defender): Focuses on defensive cybersecurity skills; good for enhancing your security knowledge.
CDSA (Cybersecurity Defense Specialist Associate): A strong choice for developing specialized skills in cybersecurity defense.
SAL1 (Secure Application Lifecycle): Ideal if you're interested in application security and secure coding practices.
Given your background, CDSA might align well with your current experience in security, while CCD could help deepen your technical skills. Evaluate your career aspirations to make the best choice. and just just keep pushing and know what you want it's the more important thing i guess but kudos to you wish you all the best

Thanks dear, here CDSA is from HTB. And what about BTL1, and what is your recommendation for me

Gave +1 Rep to @urban void (current: #2720 - 1)

Given that CDSA is from Hack The Box (HTB) and focuses on practical, hands-on cybersecurity skills, it’s a solid choice to enhance your technical capabilities.
BTL1 (Business Technology Leadership) is likely aimed more at those seeking to develop leadership and strategic management skills in technology-focused roles. If you're more interested in technical expertise rather than management, BTL1 may not be the best fit.
Considering your experience in IT and your existing security certifications (CEH, ECSA, ECIH), I recommend pursuing CDSA to deepen your technical skills further. This can help you become more proficient in cybersecurity, which will complement your existing certifications and experience. If you eventually wish to move toward leadership roles, you can consider BTL1 later on.
i guess that's for me but re think and ask expert in the domaine to get the full vision wish you all the best

Thank you dear for your valuable advice.

Gave +1 Rep to @urban void (current: #1780 - 2)

Ig experience and the region plays a factor too

If a job has like 3-4k applicants chances of getting a call back is zero

thank you

Gave +1 Rep to @keen tundra (current: #1 - 3770)

I wanted to make more informative but I know my users have short attention spans with emails

Should I get CySa+ certificate if I’m going for junior cybersec analyst roles and SOC roles?

If you're in that situation, you need any job. Don't just limit yourself to sysadmin or cyber as both have competitive and longer hiring processes. You should realistically just be looking for any job in order to keep yourself afloat.

Why are you sending this in a public forum?

LinkedIn and Indeed are popular, it depends on your country though

Do you have a degree or prior professional experience in the computer industry? Of the answer is no to both, a common starting point for a lot of people in security is IT Helpdesk. Certifications without a degree or prior professional experience don't really stand on their own.

If you have 12 years of professional experience, you should be able to apply for Senior+ level roles. I'm not sure any of those certifications would help you.

Is this an AI response?

I have a question, I have a good amount of the required basic skills for a cybersecurity intership but then i do not have any good projects to be done which can stand out for getting both an internship and for the jobs, any suggestions?

Looking for internships for Jr penetration tester roles and more of VAPT roles

Are you a current student in higher education?

Im pursuing a Bachelors degree

ie college/university/graduate program etc

University

in Cyber Security itself

Ok, personally, I wouldn't limit yourself to just cybersecurity internships. You're a little late for Summer 2025 applications and if you're not a rising senior, it's going to be a bit harder.

Anecdotally, I did an IT internship and got just as much value out of it, if not more, than a dedicated cyber internship.

The problem is I have my university placements coming up by the end of this year so I have a limited amount of time and I personally have not worked on any projects yet to add on to my resume thats why

yea like any beginner internship role is fine

but its just that i do not have any projects to add/show and due to that itself, i am unable to get any internships

So if you have any suggestions for that, it would be really helpful

Called feedback, same reason I posted my resume back few months ago

There are no secrets with me. Anything that is I don't mention.

I did adjust my resume with the suggestions so I'm hoping that it will catch more attention

It's terrible OPSEC, probably against school district policy, and maybe even state law. You're posting about an incident that happened at your place of work, that you don't have an answer to how it occurred, and it involves minors (assumption here given you're provisioning Chromebooks). You're posting this information on a very public hacking forum......

That is way over thinking the subject.

There is no PII, reason I kept it vague. It's more about bringing to attention not the situation but to be aware.

SAL1 - Secure Application Lifecycle

Wonder how the hell you even get that response lmao

icl I don't know, ChatGPT worked just fine

@urban void Are you using articial intelligence to write responses?
If so, please familiarise yourself with our community guidelines #rules 🙂

ChatGPT (and other) are not equipped to give accurate advice, please let others answer if you don't know an answer 😄

Nah, I mean the juxtaposition between clearly knowing the acronym "SAL1", then going off the rails with the meaning.

Oh, so did you

Anyone in here got Pentest+? If so what are your experiences with working security assessor roles/ designing automated software if you have that experience(Python-heavy). I just got my PT0-003 certification and want to know peoples experience with employability in development or compliance testing.

yeah i'm currently rolling 42 degree , i also have project in c and c++ and i'm learning python also javascript so i have a it background and i play ctf's a lot what do you think ?

no i have a friend who already like his path and i ask him you can see

d just just keep pushing and know what you want it's the more important thing i guess but kudos to you wish you all the best
``` ow thi can be an ai

I’m looking to apply to a cybersecurity internship. Would you guys recommend I put a section for professional development and list out THM as a part of that resume ?

You could put it in a professional/oersonal development section at the end of your resume, after you list your skills, work experience, education, etc. You could include things like a blog/writeups, home lab (a few old computers, some VMs, or a cloud environment perhaps), participation in CTFs or bug bounties you've contributed to, etc

You recommend I have labs and THM included together? Because I do have a honeypot lab I was going to include but in it’s own section

As long as you include it somewhere, but any kind of home lab, I would usually list it as part of personal/professional development, unless it was for a work or course project

Can anyone tell me about the security engineer learning path's career aspect? I have no idea or experience about it.

i just landed my first junior cyber analyst role, beat out candidates with degrees and certs bc i had practical experience and understood business needs + attacker mindsets

not saying that will work everywhere

but it worked for me

picked up most of my practical skills and experience from homelab and tryhack me

Congratulations bottack!

hi

but yeah, tryhackme rooms wont get you a job themselves, i did mention this was a site i used, but if you follow the paths, and practice in home lab environments or ctfs outside of the rooms to reinforce your knowledge, a team looking for practical experience will like you more than a candidate who just did their coursework or bought a sec+ study guide

what i really like tryhackme for is the way it introduces really complex or niche hacks in an easy to follow way, but often there's way less handholding in real environments so you gotta make sure you understanding what you're doing as you go

people wich certification would you recommend for pentesting

there are too much of them out there

and a lot of boof

hii

Hey guys. Anyone that's a incident responder. How do you find it? What are the pros and Cons of the job and do you find it easy or hard?

My 2 cents: It is hard if you do not have enough support and autonomy, a lot of actions depend on owners of the devices and applications. If you are new starter look for a team that will be good fit for you and provides culture to build your initial knowledge base, I would say work with MSSPs where you can be deployed to multiple customers. Once you survive for a few years, you will know how to handle it. At the beginning it will look like too much to know and do. Pros: 1. You will have a future proof career, given you keep updated on latest threats and trends. 2. Get paid well. Cons: You need to be available at ungodly hours. Deal with some politics. Constantly need to keep up with new things.