#cyber-and-careers

But theres a bunch who dont do it

Anyways i hope i gave you some light on it

Best of luck choosing a career

yeah thanks

Many thanks for the advice. I'm really up in the air on what I want to do right now, honestly haha. I like aspects of all three of those fields but I'm not sure which would be the best fit for me as my main career focus. I've always been the "dabbler in many, master of none" sort with just about every subject, which has been both a positive and negative in my life. I guess we'll see where things go though!

Gave +1 Rep to @rugged delta (current: #21 - 512)

TryHackMe paths will cover the basics

@keen tundra

please can anyone help me getting one month free subscription.

the only way is to win a free voucher I believe

how to get it

well, someone has to be giving away free subscriptions (usually for a few months or smth), and you can participate in it, and if you are luckily, you get one

ok

You don't need premium , majority of the content is free

Yes, sir, but I was looking to cover the basics, the prerequisites step by step but many of them require subscription.

Go to this page and select free roadmap
https://tryhackme.com/hacktivities/

Sir, my goal is to achieve SOC level 1. To achieve it, I have to go through the premium content.

Yes,.all the paths contain subscription content.

so what should I do now 😦

what about getting a paid job so you can afford premium?

You can either get premium or skip the content.

free roadmap should be completely free

Roadmap != paths

Even on doing a payment with different cards, it shows that your payment could not be completed this time. Please try again

email tryhackme

done

Well having a broad range of skillls is beneficial in cybersecurity, a lot of the skills and knowledge are transferable between roles, you'll need to know a lot about awide variety of things

Heyyyy... anyone one free... i just need quik guidance

what guidance?

i am new for cyber security so need someone to talk. i have few questions

you can ask them here 🙂

Hello guys, as a newcomer into blueteam. What personal project will really hone our skill and highlight our resume? Anyone have tips? 😁

I would suggest ompleting the SOC1 and SOC2 paths, and consider a certification in blue teaming like the SAL1, BTL1, CDSA, CCD or other practical cert that gives you experience using and learning the tools, get comfortable with scripting/coding, create a home lab with virtual machines or spare computers and install the tools you would need in a SOC and configure them correctly and blog about it

https://tenor.com/view/cute-cha-pri-gif-4196443019552842049

can the PT1 certification increase my chances into getting a uni?

If you're applying to a universtiy, you will need to look at the requirements of the application process, though sometimes that process does take account of your achievements in the field to date. A lot of roles in cybersecurity today can be achieved through certification and gaining and demonstrating your knowledge in other ways, like having a blog, doing writeups, CTFs, bug bounties, going to conferences, meetups, etc.

so if I can show my skills and show the cert..is that enough?

A home lab project is a worthwhile project to show.

• Setting up your own home lab with a minimal SIEM and a couple Windows and Linux VMs is a good start.
• Get all of them to send logs to your SIEM of choice.
• You can expand by setting up TheHive as an IR platform.
• Add a domain controller and onboard your VMs in the AD.
  Things like that. Even just the first step shows recruiters and employers that you can do more than answer guided questions and take flags. You demonstrate an understanding of how things work. Things will break or not work and you will have to fix them. If the goal is a blue team or a SOC then demonstrating that you can build even parts of your own SOC / detection environment is super handy.

is there anyone got job after completion of SAL1 certificate ??

i am doing soc analyst path L1

As it is relatively new, it might take time before it is widely known although there are job postings that include the SAL1 cert on the credentials they are looking for.

can we get remote job as a soc analyst ??

Yes it is possible, but it is significantly harder to find a remote job if you don’t have experience in the field

Hey quick question for you guys here, i started a remote dfir role a couple of months ago but there is almost no follow up of my progress at all. You would think that the first few months that there is some guidance right? Or is that just the way it is with remote jobs in dfir

Do you have any seniors or peers available?

Hi I need help to scan nmap I am not getting the open ports
Plz help me

I am getting all 1000 ports are closed

Try #room-help This is not the place for technical questions.

Yea i do and i ask questions to them but i feel like management should als have a big part in this no?

Also i cant bother the seniors all the time

Yeah ideally there would be a plan in place. You could ask your colleagues if this is supposed to happen, and if there is a process for it then you should probably speak with your boss. If you're in the private sector then I would say that it is pretty common to be left on your own.

Yea i felt like that too. I’m indeed in the private sector, it also doesn’t help that its my first full cybersec job as i was a network engineer before

Its quite sad tbh because its probably the best place to learn but, now I’m learning almost everything on my own during or after hours which kinda defeats the point of switching jobs to learn

I've had a similar experience. I joined with no prior cyber experience into a completely new security team (where I was the first and only member for months). So there was no structure and the managers had no cybersec experience. Just had to make it up as I went.

I would say to use the resources you have available. Learn from your colleagues and keep a goal in mind to work towards. Find a reason why you can make it, in spite of circumstance. The threat actors win when we lose heart.

ow damn , the only member?? must have been crazy tough without experience

yea understandable that you were pissy about it, it really sounds overwhelming

but indeed a great learning experience

but in your case i would be scared that I would get fired because you are figuring it all out on your own

thats what i have now as well

I am pursuing a career in defensive security by offering my own services is it worth it or is the traditional route of applying for a job a safer option

Depends on how expensive your mistakes are I suppose. Your job is never safe, no matter how important you are. Anyone could be sacked tomorrow, but we’ve had no breaches under my watch so it would have to be a general layoff.
If you’re lucky you have performance metrics to go by.

Depends on what services you're offering. If you have no work experience in defensive cyber then taking a job is a better route to gain experience and then go freelance if that's what you want to do. Offering cyber security services without industry experience could be outright dangerous and misleading for the customer.

Curious to hear if anyone made the move from Software Engineering to Cybersecurity / Security Engineering and what path they took?

Hey guys, I'm currently revising my resume a bit, tailored towards security.
The question I have is:

• Is it recommended or applicable to use training platforms as projects?

I was thinking if I could, since it gives me something to talk about
what I am learning or had learned, I also have some home projects
that I am working on, but not yet finished.

Instead of putting it under projects consider using "CONTINUOUS EDUCATION", lets companies know that you are staying busy upskilling yourself

Hey guys, wanted to ask. I'm currently looking for a SOC analyst internship in Europe. How useful would it be to include in a resume the fact that I'm in the top 1% of users on TryHackMe or that I have completed the SOC level 1 path?

It shows interest, but I would not include my thm rank in a resume or cover letter

Should home lab experience be included in my resume?

I'm having some issues with my Kali Linux os, I can't connect to the internet I've tried many things but it seems not to work, I need assistance cus I need it to complete a project

It should go under a projects section, it's not actual experience

I would conduct a query for whichever hypervisor you're using on how to connect its VMs to the internet. Outside of that, I would ask your teacher/professor how to proceed

Got it, thanks

Gave +1 Rep to @stoic cave (current: #20 - 514)

They are not your project, so it wouldn't go under projects. Extracurricular Activities or Extracurriculars would be an apt section. Something like a homelab, or projects you're creating, would go under Projects

I'm using virtual box.

Much appreciated, thank you!

Gave +1 Rep to @stoic cave (current: #20 - 515)

The first question you should ask is "why should/would someone hire you." Do you have prior industry experience? If not, then I don't know that I would recommend what you're asking.

OK, there's plenty of documentation on the topic

Please, how do I access them, this issue really got me tired

is this channel good for tutorials?

There must be banned or not full videos

says it's ethical hacking, but seems like it is illegal stuff

Looks like sensationalist clickbait with little value like most cyber content creators. Whatever you're trying to learn, I'm sure there are better resources.

In general, if the title says "hack" and "kali linux" or the thumbnail has a guy in a hoodie, with a mask, it's garbage.

Hey, I'm looking for people to collaborate on short articles on cyber security. I have access to quite an audience so if anyone is interested just write priv 😀

guys does anyone have good project idea that i can build on as i going for soc analyst entry level or pentesting job and want to do projects that can stand out i don't want to do something that common or which is already out thereany idea's

well, if we tell you, wouldn't it be either common, someone else's idea, or an idea already out there?

yes , but you get what i mean

no I don't?

layman terms just looking for a project idea that that would stand out on a cv

yeah, but then, aren't you stealing someone else's idea (unless you actually write clearly and give credit)

well its the wish of the person to tell or not i just asked and its not like i am stealing a million $ idea

if it stands out in a cv, then it is a good idea 🤣

I would pick a lane first, soc analyst and pentester recruiters will be interested in different projects

👍

it' would be soc

I dunno. If I see a pentest applicant who has SOC xp (even as an extra curricular rather than as actual work experience), it's still a big plus.

Means they've got a reasonable idea about security controls in an enterprise environment. At the very least endpoint (and possibly cloud) controls.

🔥 \

Yeah it's certainly still valuable, but if the candidate has no prior penetration testing experience I'd be most interested in them demonstrating the ability to do the advertised job first.

That doesn't mean they need to "pick a lane" though. Nothing wrong with doing both.

Heck, if I saw a fresh-faced grad come in for a junior role who had -- in their own time -- configured a home lab with a vulnerable application + integration with a SIEM for monitoring, then tested it and analysed their own attack, I would be fairly impressed.

As, I suspect, would a SOC manager.

Not least because that also demonstrates a much more well-rounded attitude towards security. It isn't all or nothing attack or defence. Understanding both sides is always valuable. Demonstrating both at once is a bonus.

Yeah I suggested a similar project yesterday to someone asking for a project. But op was looking for something novel, so I was hoping to narrow it down. You're entirely correct of course.

Ah, now that makes life harder

You could probably pin this for future questions ⭐ It doesn't become any less impressive because others have done it before you.

could you give me any ideas regarding projects

I can't pin things anymore unfortunately

is the try hack me cert good? soc1

the soc1? probably, you can look at reviews online

Muiri just gave you an excellent project idea if you scroll up like 5 messages.

already noted

bl1 or csa or security+ comtia or try hack me soc which one would be better

idk

which one have you

done

I think the SAL1 cert will become a solid cert to get. But it's still pretty new and it takes a while before certs get accepted fully by the industry. I see Security+ mentioned the most for entry level positions.

I haven't done any 🤣

so which side are you blue team or red team

thx ill go for both then

Gave +1 Rep to @keen surge (current: #2926 - 1)

red team, but I'm not like professional

What do you guys think about CRTA, MCRTA, CRT-ID, CRT-COI and CPIA? from cyberwarfare

i worked for a telecommunications company for 6 years with 4 years being in tech and also have a uni degree in game deisgn, do they seem to care deeply about certs?

i guess to be a bit more specific like if i can prove i know the stuff with labs and what not do they care

This will vary between employers, but I would personally value projects more than certifications. However, if you're just getting your foot into cyber security a cert certainly doesn't hurt.

I think my problem right now is knowing whether i already know the stuff because so far the stuff i have been "learning about" has been stuff i know other then acronyms and such

and red team blue team purple team etc etc

the networking i know pretty deeply

like i decied to try out the pen testing path on try hack me and feel very confident with all of the tools, but from what i have read SOC analyst is probably the best first shot

does this sound accurate?

SOC analyst is a typical starting point mostly because it's a very structured environment, and easy to onboard low-skilled personnel. It can be a great place to start, but if you've been working as a software developer for 4 years for example, then you could get into appsec or devsecops or something like that as well. It's not all red team blue team :D

I think making a personal project could be a good idea for you, just to prove to yourself that you know what you're doing, since you're unsure

well I am only really familiar right now with C++, C# I started learning about python yesterday and I'm trying to build little programs to learn about it.

as of this point I dont think i know enough about python to write an attack code or anythign but i think the fundementals i have at this point make it much easier for me to learn other laungues and i am finding python is actually super easy.

do you code for work or what part of IT do you have work experience with?

i guess that where im not sure i have no formal school for IT

but i supported network incident reports for outages and varies other things, device support from phones to mobile connected laptops, helping people setup networks apps etc etc

i have not coded for work yet no

game design is very difficult to get into so i was trying to find a more realistic option

that is still engaging for me

some people told me it was boring a long time ago but its clear they didnt know what they were talking about, but thats on me for listening lol

Fair enough. It's going to depend a bit on your personal timeline then. You could probably interview for SOC positions right now. If you really wanted to focus on the programming aspects you could keep improving at that and maybe find a way into the industry that way.

Yeah game dev is an oppressive industry to work in. It's for the passionate, and if you are passionate about both game dev and cyber sec there are certainly ways to combine them. Games also need security. I can't really give you much advice on that part though.

I was thinking about that too, cyber security is so vast, i just want to make sure im doing something with purpose that feeds the family and doesnt make my mind go numb

Sounds wise. And only you will be able to figure out what that means for you. I think you'll do well

Thank you

how long have u been in the industry?

what do you do specifically?

So I basically suck at everything all at once :P

wearer of many hats master of none?

lol

when u said write isms do you mean the whole plan for operation at a specific company?

or just part of it

oh so its kinda like when i had a write up data base for my old job and there were people who updated the polices when they needed updating

yeah it seems like there is a lot of cross over just different Acronyms

i was thinking just like an SOC analyst to start out and then branch

i dont wanna get to far in over my head

but pen testing would be sick out of the gate

It's a good play. Getting exposed to a lot of alerts from many different sources is great experience to have.
Yeah a lot of people are drawn in by pentesting. Some are able to get into it right away so I'm not saying it's not possible. But for the most part I've found the old saying to be true: Entry level cyber security jobs are not entry level IT jobs. And entry level pentesting jobs are not entry level cyber security jobs.

yeahh im noticing that about a bunch of careers

do you get to use the tools like cyber chef?

or splunk?

oo that makes sense

so how similar is it to things like cyber chef

if ur able to answer that

very new to cyber sec, no relevant degree or experience in the field. how likely am i to get even an entry level position in a year or two if i really grind the material & get some UK-govt accredited certifications?

I mean cyberchef and virustotal are public tools that you can safely assume most security personnel use

ngl cyber chef is cool AF

I practiced writeing my own python prgram that bascially extracted IOCs first then found cyber chef

I would like some advice as I will need to start applying soon, I am graduating with a bachelor's in compsci with a concentration in cybersecurity (so taking classes along with some cybersec classes). I see that a lot of positions require or prefer(either or, 50% of the time), 1-2 years of IT experience. I am wondering if that is a hard rule for trying to get into a junior level SOC job. I am currently studying for sal1 and next semester I will be preparing for sec+, I am hoping to start setting up a homelab as soon as I can to practice some SIEM stuff and for general uses like jellyfish, etc. I am just wondering if there is anything I must do to circumvent such or if I will have to do helpdesk for a year or so.

well as most people have been saying infosec isnt entry level

so it might be required to be in IT

but i dont know for sure

anybody know any good cloud computing courses
for someone whos just starting
any languages recommend for this as well to be learned?

everything appears to be written in python in some form

gues I'll have to apply for helpdesk then after graduation. though I have been looking at some places and they seem to be okay with no experience (for soc), just that it is preferred. kinda wish it didn't make my degree feel useless even though I know I need it to get where I want to be.

yeah its a pain but it'll go by quick and u may even be able to move up in the same org

I've used A Cloud Guru in the past. They have solid training on cloud and other computing topics. They're owned by Pluralsight these days. The big cloud providers tend to have their own training, a lot of it free, but there's plenty of paid content too

I'm trying to move out of the nation within a reasonable age that's the only reason why I'm worried tbh

what nation?

Preferably Taiwan otherwise maybe Norway or Germany.
If I can't, then Ireland or Australia. I just don't want to stay in my home country for all my life. It's been a goal since I was a child.

Granted though it gives me more time to be fluent and get certified for that language so maybe it's not all bad, the current market just worries me ngl 😭

i feel that

Your degree certainly isn't useless, it provides a great foundation for the way you need to operate in the field, and it can bring you better salaries in lots of orgs

that's fair, i do recognize that it's useful and I kinda need it goal wise (wanting to go into reverse engineering), however, it just feels like forever anxiety wise. also it's kinda scary having to understand I'll be finally leaving academia really soon, into an environment I am not used to.

Yep it's a lot to process, but don't worry too much. Most of the time you're transitioning into an environment full of people who moved from academia to become profesionals

fair, I do appreciate it, at least I'll finally have money to not be eating mainly ramen and pasta 💀

The struggle is real, and yeah make sure you're getting proper nutrients as much as you can. It'll get better out in the world

i'll take your word homie, thankies fr fr

i think the hardest thing to come to terms with is realizing that degrees just give u a solid foundation and not expertise the rest is up to you sometimes if you cant find jobs that dont require some kind of years of experience no one is willing to give lol

thats why other people in my classes when i was attending college weren't on the same page coding wise in my game design degree because I coded on my own as often as I could during that time and even now. IMO I think real world practice is the best way to gain real experience and some time its got to be a free investment, as long as you look at it like that it will make it easier especially if your passionate about it.

and i started with no knowledge

tldr: you get out what u put in is the truest statement i think

Absolutely, you get out what you put in. Practicing the skills makes them part of you

Nice, and do you think cloud computing will be saturated or high in demand in the next years? I am hesitant on studying computer science in college next year, because of how much people are going for it and the crazy amount of competition. But I learned that if you go for a specific niche in computer science you can be successful like in cloud

Cloud is standard stuff in orgs from the smallest to the largest. Having cloud skills is always beneficial

Hello guys, i'm looking to change career, just turned 30. Never had "formal" IT experience but always been tech savy. Currently self learning is my go to. Wanna get into cyber in the next couple years or so, would it be advisable to go IT Support role/certs first year then study cybersec/get cerf after?

It's possible to get an entry level cyber job without prior experience if you study hard and can demonstrate technical skill in interviews, but you can expect to be rejected a lot based on the CV before you even get to speak with anyone.
IT support or similar (sysadmin or network admin is even better if you can swing it) is amazing experience to have before transitioning into cyber. Having enterprise IT experience gives you a lot of context for the security work.

yes cause you have the experience thats your cv

i heard a case where the mod hiring for jobs he find a man having oscp , cert , with 3cve but he can`t give the answer how you get this

I’m having account that I’m needing someone we can work on them

Account on what?

woooow, what advice, you should be given a Nobel Prize for that.

Right. Having even basic networking job experience even for 1 year or 2 would help me understand it better and looks better on paper. So maybe ill just go that route. If anyone has any suggestions, feel free to drop it

is it easy to get full distance job as a student / im strudent cybersec in sweden second year

A full distance job in cyber security or any type of full distance job?

I mean somewhere in this field

If you have no experience it’s quite hard, but not impossible. Most will require at least hybrid work for interns/junior employees

Do you get paid aswell as interns

A fully remote job in cyber as a student is quite hard to land. IT support or something similar could be achievable. I would still count on a few weeks of on-site work during onboarding though.

I would think of possibly doing an internship, then getting a job in that company based on your performance (one way of going at it)

Yeah, in your third year most universities in Sweden have an exam project which you can usually do at a company. You won't be paid by them, but it often results in a job after graduation

yeah, so internships can be nice and a good experience

I often see people mention internships in general, but I don't think I've ever seen an internship that doesn't require you to actively be undergoing a degree program of some sort. I really do wish there were internship opportunities for people undertaking self-study because I'd be more than happy to do that to help myself learn more about the work I'm trying to career change into

Most internships are aimed at college graduates, but there's also an increase in movement away from requiring a degree for many of these roles if you have other qualifications like a combination of certifications, CTFs, bug bounties, writeups, perhaps a blog, attending meetups and conferences, etc.

i did 5 internships total in my school carreer, 2 in secondary school, and 3 in college

i think its also depended on where you are located

here you see internships at pretty much every level of education

Did internships help you ? And also certificates how important is it ?

Didnt need any while applying for them

And they helped ne greatly

I leanred way more at internships then in schoool

School just loads u with a lot of unnecessary shite

What parts do you think are unnecessary?

That's because they're meant for those in education. Maybe look for apprenticeships or get an entry computer industry job and do self-studying on the side.

That's usually always the case

Not really, schools are not the place to gain skills or expertise tbh, real world experience coupled with consistent personal development is what brings those skills

Useless courses that prevent u from focusing on what you enrolled in the degree for

I know im saying its a cram fest ur playing a game

a lot of memorizing useless info u will forget

I'm trying to talk through this with you, what courses do you think are useless?

somewhat the same with certs but they hold more value and are more focused

i cant rly say without giving away my location lol its very much a unique program

But business courses and electives

So how can you give such an overly broad assertion? Is knowing how a business operates not important? For electives, I'm making an assumption it's something like English, but do you not think it's important to have the skills necessary to write and appropriately edit a report?

For sure writing is important but you dont need the other stuff

Very easy to look up how a business operates if u need to

I have a good gpa it got me a great internship but it definitely made me realize how worthless school was

You need it though just for the credentials and possibly structure if u arent disciplined

Respectfully, I disagree, but I'm about to lose internet. At a high level, those extra courses round you out as a person and member of society. I, and other working professionals here can chime in, have probably used an aspect of every elective I took in college in my professional career. A large part of Cyber is also understanding how the business unit works, so that you can make effective decisions securing the organization. Even an art elective can help, think about making slide decks and diagrams.

I've been in industry for awhile now, and I have to say that in my security roles (both as individual contributor and manager), the most pratical and useful classes I took were Communication and Writing&Rhetoric.

And that is with a BS in CompSci, and several graduate level courses in CompSci.

The only useful ones are the writing and speaking ones

But if its not focused on that its pretty useless

I didn't say the only useful ones. Just the most useful ones.

Those are the ones that taught me how to effectively communicate and demonstrate the ideas from every other thing I've ever learned and known in my life.

im saying those are the only useful ones

And you are wrong

That's ok, we are all wrong sometimes.

It's part of learning.

people forget things. most only remember key things from school they still use to this day

Im not remember some random course i took

unless it was important to me throughout university and to this day

How does that makes the classes not useful? If you encounter something in a class, you are more likely to remember that you learned it and have more success than learning it for the first time when it matters on the job.

But it's clear you aren't interested in matching your viewpoint to reality, so I'll just drop it there and wish you good luck in your career.

i guess u havent learned what talking about things is

all good

A large part of my training is identifying bad faith actors. And when it sounds like a pigeon, and shits on a chessboard like a pigeon....

It's a duck! Did I get that right?

Agreed, those skills you develop in those electives can help you with becoming a better collaborator. Many techs don't like this fact but the IT industry is people centric.

Very much so

Public speaking was a degree requirement for me and I am honestly greatful. I regularly have to give briefs to all manner of people and it definitely helped.

The problem I see is that CTFs and bug bounties tend to focus on one specific sort of individual. Anyone can do the blogs, certs and so forth but not necessarily CTFs/bug bounties. Also sucks when you live somewhere that there aren't any meetups or conferences to attend within a significant distance

I've been trying hard to find just an entry-level helpdesk position and I'm struggling to find even that, despite the fact that I'm probably a bit more advanced in terms of my education than the average helpdesk candidate. I do need to get my Sec+ but that's challenging to be able to afford that if I don't have a job that I can save up the money from lol

Any content regarding cyber forensics

There are loads, what are you looking for?

They were only suggestions. Obviously not everyone is going to do everything I suggested, or if they do, they're not going to do just those things. And it's very difficult to do all of them with consistency. You need to find your own way to express your interests. It's not just about getting a job. It's about building a life you can engage with and be happy and successful to your own satisfaction. Getting a job is a good result of all that, but the job is there to fulfill a part of your needs and goals

Any tips of looking for gettin job, just graduated with my major as cybersecurity and been applying for a lot of jobs, but no luck, It would much appreciated If I can get any suggestions..

I would suggest reading one or more of the Tribe of Hackers books (a collection of interviews with experts in the field in various roles), improving your skills on THM, studying/reading/practicing lots, doing rooms, CTFs, bug bounties, going to meetups/conferences, look at the roles that you're interested in and take note of the certifications, knowledge and skills they're asking for and go learn what you need to be able to do those things.

You need to be somewhat capable with IT systems like Windows/Linux/Cloud/DevSecOps/Coding to some extent and build on those skills as you progress. Also, don't limit yourself to applying to just cybersec roles. Many people in the field started in roles like tech support/helpdesk, IT, QA, programming and other roles

Hmm, I think i followed most the things you suggested like I attend conferences like b sides, participated in cybersecurity clinic in my university in which we helped a non-profit organization improve thier cybeersecurity posture. Also I've security+ cert, eJPT v2 cert, Google cybersecurity professional cert, and im top 4% in thm and I've a masters degree in cybersecurity. I've been trying to get into bug bounties but been busy searching for a job, i dont get what more I need to do 🙄...

Also I'll be giving the THM pt1 cert exam soon, as i got a free coupon from there recent give away 😁

If you can get referrals, it would be great

Yeah, thinking of doin that

Yeah, my past 2 jobs were based on referrals so I can attest to it

Oh..thats nice to hear

No worries, I'm not trying to come across as ungrateful or rude. I just mean that it seems like some who try to get into this field (myself included) are struggling more than normal because of the current state of the industry and how security practice platforms/labs tend to focus more on offensive security. I mean, I'm absolutely interested in that side of things the most, but right now, I'm just trying to find any way to get my foot in the door with general IT or entry-level security jobs

sometimes, it also depends on location

Yes, location is definitely my biggest issue. I live in a rural small town and don't have a car so I'm pretty stuck with remote jobs for now

ohh fair enough

You have to remember that qualification works in both directions. You can be overqualified for roles, which will also get your resume in the no pile. Companies don't want to take a risk on someone who could leave before their business plan allows. Your compensation requirements may also not align with what they're intending as well, ie applying for entry cyber with a masters degree.

Entry computer industry roles, ie IT Helpdesk I, are true entry roles. What I mean by that is you can apply with no prior professional experience or degrees. If you have a degree or prior professional experience, apply for "higher" roles.

If you haven't already, redact and post your resume as an image here

@high trail

Anybody have any opinions on ISC2 cybersecurity certification?

CISSP is the most asked-for cert in all of info/cyber sec

Go look at a dozen job reqs, you will likely see CISSP on most of them

They are an organisation built to provide professional accreditation in the cybersecurity space, basically set up in the 1980s to establish a way to indicate knowledge of cybersecurity needs for organisations. They developed a Core Body of Knowledge (a book that's revised frequently that you can buy), and this lead to the CISSP, a certification that typically indicates 5 years experience in the field, with a broad range of knowledge and skills.

They have other certifications like the SSCP (their equivalent of the Security+), the CCSP, their cloud security certification and others. Recently they started offering the CC certification, an introductory certification for people new to the industry to indicate your intent to pursue a career in the field. It's usually free, with free training from them.

CISSP is accepted by lots of organisations, even required/requested by many. It's known as a qualification that's 'a mile wide and an inch deep', meaning you'll learn a lot of the concepts, theory and terminology, but you'll need to learn the tech and skills separately

And yeah, even though they expect 5 years experience in the field for the cert, many orgs request it from people new to cyber. It's usually not too hard to get someone already qualified to vouch for your security experience from previous roles if you're already working in IT/software engineering

Thats great info, thank you so much

That's actually a good point that I didn't consider. I probably could run a job higher than helpdesk but my concern is that I'm still learning a lot of the stuff I'd need for that 'next step'. For example, I probably could learn on the job for what I don't know when it comes to a level 1 SOC analyst position, but I am still learning a lot of the basics (finalizing the Cybersecurity 101 learning path on THM) and I don't have any degree or certs under my belt yet. As such, I'm not sure if it'd be a waste of time for me to try applying for those positions instead of helpdesk, especially considering my general lack of professional-grade IT experience. I have almost 15 years of experience working as a support specialist for a forum host but that was 100% remote and text-based, and a lot of what I did with them has been shuttered over time because of the decline of the service, so I don't have much I can show for it: just my word.

And as for this part, a lot of them are asking for high-end certs, degrees and/or several years of experience. I've seen a lot of people on LinkedIn talking about how hiring managers are asking way too much for entry-level positions these days. I'm even significantly reducing my 'desired' pay specification below the state's entry-level average, just because I'm in desperate need of something to get my foot in the door

Hey! For someone who is just entering the world of IT and interested in cybersecurity, SOC analyst looks like a good start to gain Industry experience.

But how important it is to be wizard in IT world before moving to security role. Currently I'm completing the SOC path, but I feel my fundamentals in computers lack.

So will doing A+ or Google IT support helps?? (Or SOC analyst do not require in-depth IT knowledge just networking and SEIMs)

i keep seeing the job role and even the soclevel 1 job roles require 3 yr in exp it an entry level job at least the entry level job role needany any exp only its like a snake biting its own tail job === exp exp === job

Entry cybersecurity != entry computer industry

Hi guys, aAmisa this side. I am a fresher in the field of cybersecurity and currently enrolled in the pre-security path. I dont have much idea about the CTF's , or Cybersecurity based hackathons. I would love to connect with you guys and learn more about these if you have knowledge about it. (I am open to creating groups and participating as well)

Hey Amisa, welcome! I'd love to connect and help you learn about CTFs and hackathons.

Is there really something as being overqualified for an entry level job?

Yes

Every role has a rate of replacement, that the business assesses when they open a job req. It's basically how fast they expect to have to replace that role - if a candidate is overqualified, there is a risk to the business that the candidate will outgrow the role before the promotion schedule and leave early.

Cost of hiring for a role is usually between 10 and 25% of the roles annual salary so it's non trivial, even beyond the time cost of the candidate onboarding and getting competent at the job.

So if I get a master's and try to go into an Entry level role I'm effiectively SOL

I wouldn't necessarily say that.

But I would say that it will make hiring managers take a much deeper and stronger look at you which is not necessarily good or bad.

If you're interested in Cyber, why wouldn't you do UTSA or a university closer than you?

You also won't know you won't get in if you don't apply

I also don't think technical skills rank very highly on your college application. Being a well rounded student, with a good GPA and volunteering activities is probably going to rate higher

Gave +1 Rep to @stoic cave (current: #20 - 516)

im currently an IT helpdesk slowly moving to system admin and im looking for certificates but im honestly overwhelmed i heared security+ is a good one to start with is that true? and how can i improve in my free time other than the certificate

Real quick, certificates and certifications are not the same. What you're talking about are certifications. Security+ is the baseline cybersecurity certification and is often a requirement for those types of roles. If you have experience, can relate the experience to security roles you're applying to, and have Security+ you're in a good spot. My opinion at least

so, do you recommend me to pursue the security+ as a first certification

i also heard about CCCA

It's actually the only one I would recommend you pay for out of pocket

I would consider that within your current scope, so I'd try and have your company pay for it

doubt i can make that happen

If your current company won't, time to move. Again, imo

i mean, im a junior graduate im currently an "intern" in IT and in 3month ill start working full time as a system admin

anyways my company provides its own "certifications" but they're useless

any recommendations on what should i do in my free time?

maybe youtube vids you would recommend or courses to take

Whatever makes you better at your current job, you're very new by the sounds of it

Reputation is everything. Trying to move on before you're even settled doesn't really set you up for success

yea i just graduated and im working 70h a week so cant research alot

i tried but i got overwhelmed

I'd say that's an exception. GTFO if you can

ye this is my last month working that many hours

im going back on track to my studies

trying to make a clear roadmap

It's good to have goals, but don't get stuck on defining a strict roadmap

Life has many different paths, with different curves and twists

yea

hopefully good twists lmao

Sec+ is not a baseline cert for admins, ideally that would be something like the first in the MS engineer chain, RHCSA, Linux+, or Linux Foundation Certified ASysadmin

mmmmm

i heard its a good start as a cert

from many sources

For security, yes

idk

Good clarification and I understand. More information was revealed after that and I thought they were further along than they actually were

For system administration? It's good once you understand how to manage the system

whats the ideal one at the moment?

If you don't understand how to basic sysadmin stuff, sec+ is fluff won't help you do your job better

I gave you a list

The ideal one is the one your org will pay for

none

im paying from my pocket

Unless it is guaranteed to get you a job, do not spend money on it

Talk to the hiring manager/team leads for what you actually want to do and maybe they can give you a path to move internally

not guaranteed but as a fresh graduate it would be nice to put on my CV

Junior graduate? What does that mean?

i just finished my studies

bachelor

if you have a B.Sc in an IT related field, none of the entry level certs will do anything for you

as a hiring qualification

CS

oh

thought they would atleast get me in for an intern position

in the cyber field

Hello everyone

Hi everyone

Hello

Hi how are you?

Hi how are you?

Just a heads up to everyone, including moderation, I was contacted by an account that had THM as a mutual server, claiming to be a recruiter that saw my messages here. This account wondered if I could share a bit more about my background to see if I might be a fit for any positions that were open. I was 99% sure it was a scam but I ran with it for a bit (with caution) to see for sure. Every single message detected as 100% likely AI in QuillBot. After I was completely confident, I reported the account to Discord and blocked.

Just figured I'd throw a heads up for anyone here to keep their eye out in case they let their guard down for something like that. Also, if any mods want me to list the account name so you can kick it from the server, let me know.

Please DM screenshot to me

I already blocked/deleted the conversation, is there any way I can view that so I can send your way?

Hey Raaz, looking forward to connecting with you.

Yeli

Yelo guys

Hello 👋, I'm giving my situation if anyone can give me suggestions about career and stuffs in Cyber security. I just finished my BE in CSE. I know some development stuffs. But i want to grow my career mainly in cyber security field. So what can I do? How to get job? Anybody can help me. Don't be shy to be open.

How has your job hunt been so far?

Maybe you can post your resume with redacted personal info so people can critique it and help it improve

Okay. Actually I'm thinking about getting an entry level position in cyber security is very tough. Especially without certification.

Yes, its rare and hard to get an entry level cyber position as a fresh graduate but not impossible

I suggest in getting a job in IT first though, it gives you a solid foundation before moving into cyber

But if i got entry in Aiml field then it goes to a different direction from cyber security right?Specially data analytics

yo guys, soon ill have a ctf assessment for pen tester job, which places are good for practices? The CTF is 24hrs long

Hello, if I want to pursue a career in incident response, what’s the best things I can do like, certification, event, learning? I really want to join this field and be competent, so if anyone is in this field or knows about it, I’m taking all advice!

Certs: COMP Tia Security+ -> Google cybersecurity certificate (Coursera) -> Microsoft SC 200

Is anyone here a cloud sec engineer? Do you have to start off as an analyst?

thanks !

Gave +1 Rep to @winter estuary (current: #2934 - 1)

You can also consider CompTIA Cybersecurity Analyst (CySA+)

okayy thanks !

Gave +1 Rep to @charred knoll (current: #331 - 21)

Hello, is there anyone here who already works in security?
I would like to know how the rooms differ from a real-world working environment. And at what room level we start to see cases similar to real ones.

hey i have an interview for malware re tomorrow any ideas ? for prep

Duck drop in the building if it’s in person! And follow up is the ransomeware attack!

TBH, the THM SAL1 will prep you the most. It requires you to have real world SIEM experience to pass. Not just a multiple choice generic one.

We need experience in an actual SIEM environment, like Azure which is widely used in enterprise environments

SOC Analyst Level 1, and the SOC simulator

Not working in the field yet, but that would be my answer

Review the job posting and see what they're asking for, ie experience, degree, certification(s). If you have no prior professional experience, I would recommend starting to build that. A common industry starting point is IT Helpdesk. Entry IR is not entry to the industry.

What do you mean by real ones? Like real pentest engagements? Cybersecurity is extremely broad. I can more than likely guarantee that what appears on THM, or any other learning platform, does not match up with my day to day.

Real life is very different from simulation

Guys please I have a real question

Have the people who dedicated years to TryHackMe found that it truly helped them land a cybersecurity job and improve their skills on the job?

Better to grind something than do nothing at all. If you commit and actually learn while doing it, you gonna level up

I'm truly wondering why you're asking this question?

I want to get a job in this field.

Then what are you hoping with asking such an obvious question that you already know the answer to?

Besides, other peoples stories will differ heavily from your path. Some might be here for a month and land a jr role because of previous X Experience. Others might be sitting here for 5 years not getting a single interview because their CV has 50 mistakes and looks like it was made by a 3rd grader. "Technical" Skills are not even half when it comes to interviews, it's social skills and how you can sell yourself.

Yes, i dont have a cybersecurity degree, i have a sysadmin degree and didnt get any cybersec in school, most if not all my knowlegde comes from THM and other things like it

Thank you brother for your help

Gave +1 Rep to @dusk wedge (current: #87 - 95)

however, i got very lucky with internships and the company i currently work for

its good but i dont think THM alone will be enough

Hello, currently I’m a cybersecurity student (senior) but struggling to get internships specifically reaching interview stages. I’m part of a cybersecurity club, participated in a cyber case study, completed a Python project relevant to IT, and passed the ISC2 CC. I’ve used Wireshark, Linux, and MS Access (database). I’m planning on studying for Security+ and CCNA. My goal is to become a Security analyst. Any advice on what I can do to improve my chances will help a lot!

I’ve seen people recommend to try doing home labs and applying for help desk positions.

anyone wanna join me

like part time

dm me

join what?

you can check general chat, they also posted it there, I think their company

like doing work together

not a full time my friend

yeah i would follow the advice of the poeple in #general

you gotta reach out to the admins

ok

since this is not a recruitment server

where is the recruitment server guys

idk

not here

just check in with one of the admins

Hi
Please does anyone know where I can get data analysis certificate

Wanna join me

You can work with me

we already told you

Bro

It's not a company noe

still

It's just two people

No .

Alright thanks

Gave +1 Rep to @red patio (current: #1921 - 2)

I’m currently trying to land a job in GRC, Any tips you can share as far as reinforcing my knowledge in the civilian sector? I recently separated from the USAF as an ISSO, and although I wished it was a more of a technical role, I’ve come to appreciate the knowledge I’ve gained over the past 4 years.

I’m tryna get an internship next summer frfr any recommendations on what to do this summer and in the winter when I’m not taking classes I was thinking getting a cert or something

depends on your interests, the kind of internship and the level you are currently at

Well I’ll take anything related to cybersecurity I’m still a beginner probs I know the basics and I can code

What kind of role are you interested in? Typically an internship will give you a look at lots of roles in an org and to see if you fit in/it suits you. A lot of orgs will post internship roles on LinkedIn and other job sites, or the company's own job page so you should look at companies in your area. You should also speak to your school's career facilitator, as they'll generally have someone aware of/involved in arranging internships, or at least directing you.

If you're considering a GRC type roll, you might be interested in pursuing certs like the ISC2 CISSP or the ISACA CISA/CISM, but those certs are tailored for people with a lot of experience and knowledge in the field. You might also like to get a cert in pentesting/SOC skills, as being able to demonstrate your interest/accomplishments goes a long way. Certifications in cybersecurity are frequently fairly pricey but there are several new certs from Try Hack Me, The Cyber Mentor, Zero-Point and others you might consider after you gain some experience completing challenges.

You should make some kind of home lab, whether it's spare/old computers, virtual machines, a cloud platform, etc., for learning and playing around with things that interest you. Consider making a blog about such adventures, doing writeups of THM rooms, etc. You could also go to meetups or conferences and get on LinkedIn to network with people in the field. Make a habit of learning regularly, following paths on THM, etc. You can verify your THM profile by following this link:
https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

I’m interested in the offensive side of things but honestly for an internship I’m just trying to get experience in cybersecurity especially since I’ve never worked before so I need experience somewhere before I can get a real job after graduating

I’m gonna talk to an advisor about it once my major change goes through since I’m currently a Econ major and my advisors don’t know anything

So far on thm I’ve done pre security and imma finish cybersecurity 101 in a couple days (I do like two rooms a day) I also set up a vm today and I’ll make sure to document the stuff I do with it.

I was thinking I’ll get one of the certs on thm and do some ctfs this summer but lmk if there’s something else I should/could do

PS imma bind my account but after I get past level 9 bc I don’t wanna be piss yellow ;-;

Thx for the advice :3

Doing rooms is a good enough starting point, but the real work in security doesn't happen until you understand how things are deployed, how they break, and what has to be done to fix them.... even if you don't have hands on experience as a sysadmin, seeing the post-install policy scan to ensure it's trued up to approved configs is important.

Strongly recommend you consider experimenting with deploying things to a homelab to try things out, break them, fix them, and then break them again.

By understanding how things are deployed and break and how to fix them do you mean using the vm I setup to like deploy a web server or something and inevitably break it it’s kinda hard for me to understand specifically what to do

i know thm soc analyst cert is not recognized and if i do it i also have to do the CySA from comp tia as that's what everyone ask for so I don't want to do both

so cysa is better ?

start with sec+ first, esp if you're aiming at a beginner role

To anyone who has put THM (without the certs) on their resume, I'm curious: what sort of things did you include, and in what way did you include them? I'm thinking about adding the few challenge rooms I've done but I don't know how I'd add them in a way that would actually catch an HR manager's eye

in my opinion (not a professional, so not good advice probs), don't put THM in your resume unless it is your certs

What if I don't really have anything else (other than brief work with other course sites) in the education segment of my resume?

I mean, THM is the only quantifiable education I've got in security so far

Its a form of study, i would put it on there

I mean you can of course add thm into your resume, but like you can say the CTFs you did, but probably not gonna stand out that much

again, not a professional so

Would challenge rooms really be considered CTFs per se? I've only done a couple so far and I only remember one or two having a traditional flag which is why I'm wondering

yes, they will probably be considered like CTFs, and all of the answers really can be found online and stuff (not saying you cheated, but employers keep that in mind), so THM stuff probably won't stand out

I did not have it listed on my resume, i did mention it in my letter of motivation and interview,

i do have it listed on my linkedin

yeah, but that probably didn't help you that much, right?

like you can list it, may help a little bit, but won't like completely stand out or smth

Idk, its in the list with the other certs

i think mentioning it could be good tho

exactly, but without THM certs

true, just saying it might not pop out

adding something is better than taking it out in most cases

Yeah, I've seen walkthroughs for the learning rooms so it doesn't surprise me. Either way, I'm just really struggling here. Can't land a single helpdesk interview despite definitely being qualified for it, so I'm essentially hoping for better luck with some Jr/level 1 SOC positions, since my resume has a lot of security-related mentions on it.

Honestly at a loss if that doesn't work.

I would say to get a cert, that will probably stand out in your application, although everyone else who is applying and has a chance also has certs

idk, maybe I'm crazy

I'm aiming to get my Sec+ in the semi-near future but my concern is that if I shell out that money and can't find a job to pay it off, I'm gonna be hurting even worse. Plus, I've been seeing more and more professionals calling out hiring managers for listing all these requirements but expecting much more than what they list, which concerns me as well

After the Sec+, I'll likely go for the SAL1 unless I need something like the CySA+ and the like for a specific job

do you have anything else than thm?

You can always apply for soc positions, but it can be alot of factors why they are not calling you in for an interview

ok, done does anyone have a good playlist or notes for the ceh exam hta would help me prepare

A few months going through Cisco's Networking Academy courses, but that's about it. Oh, and I did an A+/IT fundamentals course through a course site called One Education, as I originally planned to go for the A+ before anything else (but chose not to for a few reasons, not the least of which is the cost)

in my personal opinion, it might be difficult to get a job without any projects or certs that will stand out

you can write the stuff that you learned on your resume, try to get a job, maybe you will, maybe you won't, idk

I've been applying for entry-level helpdesk positions for months now, not a single interview. So yeah, it has been INSANELY hard. It's taking every amount of effort for me to stay hopeful at this point. I can't exactly afford to pay off a cert if I don't at least have some decent prospects

since you can't get any certs, maybe create some projects or get better in tryhackme, but except for that idk

but if you have the knowledge you could do take job in the upwork or other platforms

like higher positions than entry-level helpdesks?

Home lab projects really are one of the few possible ways I could increase hireability but the primary issue with that is that I live with family, very little space to do much of anything, much less a full home lab setup. I'm blessed to have been given some unneeded hardware for it, which is great, but I don't know where the heck I'm supposed to set it up unless I get a place of my own again (which I can't do if I don't have a job).

That said, I am at least in the process of planning and documenting what I'd like to do so it won't take quite as long to set up if I can figure out the space issue

i mean like ti could help witht money, i am thinking of doing it soo..

if you can't get into entry-level helpdesks, how can you get higher jobs 🤣

If nobody's hiring me for something that's supposed to be entry-level for people first breaking into IT, I'm not sure if anyone would really be interested in hiring me as a freelancer but I'll consider trying to figure out if stuff like Upwork/Freelancer might work for me. Freelancing certainly ain't easy though, I've tried in the past (but for a different career field)

well there are loopholes everwhere you can get hired in upwork without exp also so.. but the thing after getting hired can the person finish the job

i would suggest that first to find a income source that help you to get cyber certification

I'm not so sure about that. Sure, I might land a contract or two with a small business but if I screw things up, or if they want me to do something beyond my expertise, that screws up my reputation. Part of why I'd prefer to actually have a job is so I can make connections, find a mentor or two, and work among a team as I ensure my skills are as up-to-snuff as I think and hope they are. I was chatting with a pro about this subject earlier and when discussing how good my networking skills are, I mentioned that I understand how stuff works and can troubleshoot issues, I could definitely work out things if I were part of a team, but if I were asked to do everything on my own I might have some trouble.

So yeah, at the end of the day, freelancing probably wouldn't work out for me. I do appreciate the suggestion though!

It can be that you are overqualified for the helpdesk position

👍

true, but they don't give an interview at least?

because you're overqualified?

Idk, every application that got denied for me was just an email

Yeah, I haven't landed any interviews but I've had some rejection emails. Usually automated stuff, nothing to really give me any feedback

if you are getting rejected alot that just means your CV doesnt have enough keywords to "light up" the ATS of the companies that you are applying at

try getting some certifications and also rewrite your CV

https://www.jobscan.co/

try using that site

set up a homelab that focuses on using things like proxmox, splunk and maybe some other tools, depending on how small the equipment is, i am sure you can make do.

Personal interest only. Do not list THM as education or certification. It's only OK to list THM as certification if you actually have the paid certification (SAL1).

Are you tailoring your resume/CV to the position? The automation is usually looking for keywords, match your current work experience and whatnot to the actual job req as much as you can without lieing.

Though I have not put THM in my CV, for any short courses I took via Coursera, I only put the relevant ones in personal interests.

Hey everyone!
I'm a Software Engineer and MERN Stack Web Developer, and now I'm looking to transition into Cybersecurity, starting with the CompTIA Network+ certification.

I'm currently preparing for the Network+ exam, and I wanted to ask—is it worth starting with Network+ as a foundation in cybersecurity?

Also, I'd love to connect with peers who are also studying for Network+. Studying in a group can make the journey more exciting, productive, and fun.

If you're on a similar path or preparing for the same exam, feel free to reach out—let’s learn together!☺️

Anyone wanna join me

did we not talk about this yesterday 🤣

No

It's not about job bro I want to learn

alr 🙂

Is ejpt worth it?

If it's required for the position you're applying for

Anyone in the UK managed to land a role in cyber with just sec+ and IT knowledge, few jobs in the market but getting an interview seems harder than I thought

IT experience or personal knowledge?

Did somebody had a dual study / internship experience in Germany? I’m planning on doing it in the future but see some risks in terms of actuality (mostly because of university content). Thank you in advance

Failing to land any internship. Can anyone help me with some idea how you landed you first internship in cyber security. Offensive pov.

Are you in higher education?

Why are you cross posting?

Hey this may be a stretch but is anyone here from bina beyarok or know someone in that unit? I'm drafting to the idf soon and I'd like to get a modiin / intelligence role but I haven't had any luck with meitav.

No experience just knowledge

Will do thanks Kate

Gave +1 Rep to @queen cipher (current: #2939 - 1)

@queen cipher Hello! Welcome to the THM server!
Recruiting is only available to the people with the Recruiter role and limited to the #jobs-board channel.

@obsidian rose ohh so sorry about that, and thanks for informing me

Gave +1 Rep to @obsidian rose (current: #45 - 218)

Absolutely, no worries. 😄

👍

@obsidian rose but am not allowed to chat or post in the ⁠#jobs-board cahnnel, can you help

That's limited to people with the Recruiter role.

If you would like to request it, I'll just have to get some information from the staff and I'll come back to you! 🙂

Okay thaks i really apreciate your kind gesture

That happened to me 4 Times when I was trying to get an apprenticeship.

I got rejected four times because they were looking for someone they could train from scratch.

Yes, pursuing engineering

Also addressing this to @warm hinge since you both had similar remarks. If I have to fully tailor my resume for every single job application, it'll take me two or three times longer to actually get applications out there. The process exhausts me as it is, even just sending them a resume tailored for the job title itself, let alone if I had to tailor it for literally every application. How on earth do y'all pull that off?

Working on plans, but how do I set up Proxmox if I can't even set up my server because of the lack of space? I was under the impression you wanted to have that on whatever system you use as a server?

What if I don't really have any other education I can put on it? The only "higher education" I could actually put on my resume is THM, a brief time doing Cisco NetAcad courses and an IT fundamentals/A+ prep course I did through a site called One Education. Surely it's better than just listing "High School Diploma", no?

Pulling it off via caffeine

How big would the device(s) you are using be?

Because I'm pretty sure if it's a laptop for example, surely you could just set it up to not go to sleep even when you close the lid, allowing you to put it somewhere

If not then could always make a test one in a VM I think?

Fair, but what if you have no caffeine sensitivity and get no benefit from it? 🤔 😂

Okay, so here's the thing: I actually have a lot of hardware to work with. I have my main PC, three laptops and a ThinkServer with 4TB of storage in it as of now (a family member had one and didn't need it so they graciously gifted it to me for this purpose). I could theoretically use a laptop but I have dedicated purposes for each one. The only one I could possibly use for this purpose is a 2012 ThinkPad, only 16 gigs of RAM. I know RAM is extremely important for purposes like this, I'm not sure that'd be enough? Even then, I do have specific purposes in mind for that ThinkPad, it currently runs Mint and is supposed to be the machine I use to learn coding and test any sorts of scripts on.

In the long run, I'm just trying to figure out whether I can actually talk the family into letting me set up somewhere (already tried before and got a negative answer) or I'm going to have to figure out somewhere else to move. The latter isn't real feasible unless I have some steady income from somewhere but it seems to be the only viable way to actually get this lab set up the way I'd like

Obviously you just have more caffeine then, eventually you will feel something, even if it's heart palpations (/s)

I get it man, just try your best is all

Dunno if it helps but I have a friend who has limited space and legit just kinda attached his Intel nuc to the underside of his desk

Lol jokes aside, I don't know what it is, but the last time caffeine actually had any sort of noticeable impact on me was when I was like 14. It's really odd 😂

And I appreciate your input/advice, it really does help to have support from people in this time of my life. Really dealing with "it" right now (depression, frustration, feeling impossibly stuck) and the advice and help I've been given from people here and on other communities has been helping me to keep trying whatever I can try. Even if I'm not getting anywhere, it at least makes me feel less alone

How big is his desk? Mine is maybe 3 feet wide 😅

THM is definitely not higher education. Please, please please do not put any non-accredited corporation or institutation as education.

Unless you are still in your teens, I would suggest not putting any education if you don't have at least an associates degree.

Do you want a job or not? Spray and pray is only going to be nominally effectice for the absolute bottom barrel jobs. Strongly recommend you talk to a placing service or temp agency in the interim, if you are currently unemployed.

I just don't quite get how putting a high school diploma (or nothing) is going to help? I know THM and the like aren't higher education and aren't going to make an HR manager immediately want to hire me but I can't imagine having absolutely zero education listed is going to help either

I also store my resume as a type of programming language, which I version with my private git repo. I can make chagnes as I need, commit the change to the repo, and rollback if I need to.

If I have to completely exhaust my mental capacity every single day customizing a resume, I'll end up applying to 2-3 listings every few weeks and I'll be too drained to want to keep going on anything. Temp agencies or placing services might be an option, I'll have to look into those but they're going to need to be able to look into remote jobs due to the transportation situation. Do you know if that's very common for those sorts of agencies?

Having a for-profit non-accredited corporation as a source of higher education is a terrible, terrible idea. It legitimately damages your chances of getting hired. I cannot stress that enough.

You should be applying to roughly the same kinds of jobs. Many of them will have very similar keywords. At most, it takes me 30-45 min to tailor my work history to the target role. It's not a total rewrite, it's emphasizing specific things to align to the job req.

I think I'm just going to log off for now and take a breather. Trying really hard to maintain some sort of hope here but I feel like a half-blank resume is going to completely wreck any slim chances I had. How else am I supposed to discuss what I'm learning and working on?

Personal interest, hobbies, etc can be a good way to demonstrate that. If you are just starting out, having a homelab is a very common entry point to the conversation especially if you are deploying and building it in an enterprise-like/lite way

As a beginner, you are not expected to have the deep knowledge and resume that you currently have in mind. Keep it to topics you can legitimately share knowledge on. Basic networking, basic sysadmin are great places to start. If you expect to pass a certification exam within 30 days of hire, I think it's fine to say you are studying for it.

A large part of what you need to keep in mind is what the job req is actually asking for. If you are lookign for a junior level job, the background you need is to know what some examples of tools are for that role but not be an expert in them. List your interest, list your homelab and the things you are building in your lab, if you are attending actual university or college courses, don't necessarily list the coursework but do say when your expected graduation is.

It really does boil down to the home lab, which then boils down to figuring out some way to build one up with a tiny space to work with. Not anyone else's problem, I know, just not sure what I can do at this point

Hey

Hello! I hope you're doing well.
Please DM @cobalt escarp for the recruiter role. Jabba will let you know what the next steps will be.

Hello there, Is there any Cybersecurity Internship opportunities open? I would like to apply to the same.

Hello everyone, I'm new to cybersecurity and looking for advice on where to start. What resources and platforms would you recommend for building the foundational knowledge and skills needed to meet entry-level requirements?

Welcome , you can check out this roadmap by THM 🙂
https://tryhackme.com/hacktivities/

Hi everyone

It been a while since I’ve been on this feed.I have been on my grind..graduated from DEVRY in December With a associates degree for cybersecurity but can’t seem get a interview I’ve been a little frustrated with the whole thing

anyone wanna try and hack me?

wrong channel

Wrong server

he got banned thank goodness

rage baiter

"i took cybersecurity try and hack me" if i knew how to hack him i would have because he was being a dick

Sounds like a severe escalation, unethical, and illegal....

he shouldn't have typed that if he wasn't willing to face the consequences...

I take my craft seriously

If you were serious, you'd leave it alone... Doubling down on illegal activities is not a good look

I’ve dropped it, I got a little heated

🤣

Hey guys

hy

Hi

Hey please drop me a DM if you want to recruit here

Oh ok my bad

May I ask? In your own opinion, what do you think is an HR BUSTER certificate?

To be fair, we are literally called Tryhackme

That's like an invitation for that kind of challenge

has anyone here done / does anyone here do cybersecurity consultancy? If so could you give me a pallpark on hourly rates please?

"We" are not literally called TryHackMe.

The company (TryHackMe Ltd, 11673275) is called that.

Now, arguably there is indeed a challenge there though

do people give projects to freelance pentesters?

Hi , i am Rubab a cyber security student, I am currently pursuing my bachelor degree in cyber security , i am in my 3rd year .
I have completed all the free rooms on tryhackme , should i buy the subscription and go on ? Which subscription would be the best ?
Are there any free certificates that i am suppose to do to get a entry level remote job ?

Yes, but that’s very rare and you’d usually have to be quite a reputable professional

no free certificate is credible to land you a job you will need to build a home lab and practic on it

please suggest some labs brother

I have a home lab and have practice on it too , kali , vm , ubuntu , parrot and I've worked with tools as well

try pwn college its a great free site

hey guys is comtia sec + is certification should i go for as the first certification in cyber

Do you have a degree or prior professional experience?

It's IMO a useless cert

me doing B.tech cse

why? i have seen a few job req that have said sec+ is needed

I would go with a more hands on cert

like

?

there's eJPT, ceh practical, tryhackme's jr pt

so these are better than comtia sec +

but try hack me is also not asked for rn in the job req

idk about that, I was talking about Certificates that requires hands on

oo i see, thx, so a hands on cert is better

Gave +1 Rep to @hearty jay (current: #1455 - 3)

Disagree. It's often a requirement due to contractual reasons and is one of the most listed certifications on job postings. The certifications that matter are the ones that appear in the requirements

I would ask in servers and job boards more specific to your situation. India has a bit of a different market

@dreamy surge please refrain from sending unsolicited friend requests. It's against the rules

👍

By "useless" I meant that because it's mostly theoretical with very little to no actual practice, it's not useful for someone who is seeking to become a security professional, an actual hacker.

What are your goals and ambitions? There are likely better certs out there depending on what you'd like to do

Again, I disagree and nothing I said changes. Security+ is the baseline entry cybersecurity certification. Let me ask, are you currently in the industry? You need to be careful when telling people where to spend their money.

Money is often a finite resource that is hard to come by for people

what's the importance of dsa for a fresher who's planning to get into cyber security field, is it that important from interview point of view/coding round?

i know the basic concepts of dsa and can code but is a strong hold required?

Yes, and I did the OSWA an OSWE, which I think are a more useful type of cert. But like I said in my previous message, it also depends on the goals and ambitions the person has.

Neither of those are entry and are too expensive for an individual at this point....

They're still in school

I think you're missing the point here. @stoic cave is referring to entry level certs that are required in job entries which the OP was asking about in the first place. (#cyber-and-careers message)

OSWA and OSWE are good certs but: They are not entry, and most likely aren't as required as Sec+ when it comes to entry level jobs.

If you're a beginner, I'm not sure why other certs would even matter.

OK, I guess I misunderstood the context

When they do, they are making a mistake virtually every time.

Even independent pentesters should have a consulting company that they are either working through, or that they own. Liability for pentest is too much for an individual freelancer to just absorb, IMO.

IMO you should let the employer tell you what certs they are going to pay for.

If you absolutely cannot get a job without one, look at the job reqs and postings and make an informed decision based on what employers are actually asking for.

Hey Guys - Has anyone transitioned from DevSecOps into a traditional Security Engineer or Cloud Security Engineer? Any insights would be appreciated!

Certs can be useful for learning, HR, or both.
Sec+ is often very useful for HR, and can be useful for baseline training.

OSWA and OSWE are good for learning web attacks and source code analysis, but aren't nearly as well recognised at the HR barrier (despite being from Offsec -- OSCP tends to be what orgs are actually looking for).

If you're after an entry level job, or to demonstrate baseline security competency, Sec+ can be very useful.

It makes sense, and I understand your perspective. I hope by now, it's clearer what I meant when I said that this certification is useless. I intended to contextualize its usefulness from a hands-on and practical standpoint, but I recognize that it's more tailored towards absolute beginners and can be requested as an entry-level certification.

Look on the bright side... It's more useful than CEH on every level

😄

How dare you challenge the ultimate level of CEH?

EC-Council may take a long walk along a short path towards an alligator infested swamp

Hi everyone! I'm really happy that I finally found a Discord server with a cybersecurity community. I have a lot of questions about careers in cybersecurity, applications, and more.
For the past few months, I've been interested in learning and developing my skills in cybersecurity. I'm 16 years old and I live in Poland. I'm just at the beginning of my journey in this field, but I'm ambitious, a fast learner, and disciplined. I wanted to ask a few questions:
First of all, how hard is it to get a job as a cybersecurity analyst?
If I go through all of TryHackMe’s entry-level content, do some practical labs, and earn the CompTIA Security+ certification, would that be enough to land a job? What else should I expect to be required?
What are some common mistakes I should avoid?
Is it possible — and how difficult is it — to get a 100% remote cybersecurity job in a foreign company while living in Poland?
Do you think 3 years is enough to reach an entry-level position and find remote work for a foreign company?
I'd really appreciate any advice or guidance you can share.

can you guys help me dox somebody

No , that's illegal

everyone laugh at this man!

How do you know that's a man..?

i think he deserves a pin of shame

Is the tryhackme jr. pen tester certificate worth it for jobs

it is pretty new, so I don't know if there are statistics on that, but maybe? idk, more professional people might be able to help

PT1 - yes , certificate of completion of Jr.Pentester path - no

I just opened kali linux 😎

Completing it will just give you more hands on practice with Pentesting but there's no use of it when it comes to using the certificate to apply for jobs

is anyone here interested in physical pentesting?

Hlo

Hello i'm a french student and i need to do an abroad internship to complete my studies.
I'd like to know if you had any advice/website to share to help me with my research.

thank you in advance !

What are the best courses or certs for mobile pentesting? Junior level

Like me

Hello
I've recently completed a 2 year paid internship (it wasnt that many hours per week but go to school so I didnt mind it)

And I was recently contacting non profits to see if they would like free cybersecuirty services
I was planning to help them meet compliance and create a vulnerbility managment program

But it turns out a lot of them are saying they dont need these services

I see a lot of posts of people saying that they volunteer for non profits and how they know a lot of organizations that need security but it seems like everyone I call dont need it.

Im just trying to volunteer and get some more experience and skill building while I search for my next job.

Any tips. Ideas. Really anything. It gets hard after hearing no so many times.

Having completed a 2 year internship, do you feel comfortable taking charge and responsibility for cybersecurity in an organisation (non-profit or otherwise)?
If so, are you willing to stake your reputation, economic stability, and potentially freedom on that?

What you're offering them is usually called a vCISO service. As soon as you put yourself in the role of CISO, you're effectively accepting liability if anything goes wrong (e.g., if they get hacked).
Would not recommend doing that freelance, and I would definitely not recommend doing it off the back of a 2 year internship.

I see. I have done external research and studying. While I didnt directly take a lot of certifications. I took a lot of the classes and self studied but I've hesitated on the certs because of cost.

I do see the concern with experience but I was mainly gonna do a vuln scan, write up a risk assement, then report.

From there i could prob do basic remediation but other than that I would say go find someone more experienced

Depending on who you're calling, I would wager at least some of them are working for orgs which are too small to have the bandwidth to deal with a full scale cybersecurity / information security programme.

Others may already have things going, or they may acknowledge the need, but not trust your credentials.

im just going down a list for local non profits

Mainly for medical stuff
And ive been trying to get like a medium employee sized organization

I feel like larger ones would probably have a cyber program developed and if something is too small it would probably think they wouldnt need it

Okay, what does that actually do for them?

Aside from the fact you're still shouldering some responsibility for their security posture (i.e., if they get hacked they can point at you and say "but they said we were secure!"), a small non-profit may not even have dedicated IT assets to scan. Think BYOD laptops and SAAS office suites (Google Workspace, M365, etc).
A larger org which does have stuff deployed on-premises but isn't large enough to have a dedicated security programme likely needs more than you can offer them with a vulnerability scan.

Equally, assuming they have stuff to scan, and you go highlight a bunch of vulnerabilities, what happens then?
As soon as they know about those issues, they're on the hook for them (which is why there are regulations around frequent scanning / pentests / adequate monitoring / etc).
So you've highlighted those issues, then buggered off leaving them to pay someone to come in and fix them, which is likely to be extremely expensive.

You in the US?

yes

Okay, gonna need someone with local knowledge to chime in on this one, but last I checked anyone dealing with medical data in the US is bound by HIPAA, right?

i.e., no matter the size of the org, if they're in the medical field, they're going to be dealing with cybersecurity already

I guess. I mean they do have to pay for someone to come fix them but if its a legal requirement the fines could be potentially more expensive
Thats kidna what a risk assesment covers doesnt it?

yea

depends
Not all of them are compliant but larger ones are

Eh, little org with no security programme. If they get breached they'll most likely plead ignorance and accept a fine / slap on the wrist.

If the lawyers can prove they knew about the issues in advance then there's a negligence case to be made.

Again, I'm not US based though. That's a fairly generic answer.

well im pretty sure the fines are hefty

but i guess thats what a lot of orgs do

its just a risk they take ig

@urban sapphire this is your world. Care to comment?

Either way, would not recommend trying to gain experience by freelancing in this industry 😆

yea thanks
I was initially afraid of possible consequences but i figures
policy writing, vuln scans, and writing up a risk assement would be kinda minimal risk for me

Gave +1 Rep to @undone shore (current: #10 - 890)

Nah, it's all about liability.
The second you provide those services, you become liable for them.
If something happens -- especially something catastrophic like a ransomware attack -- you're the one who will be thrown under the bus.

Oh, we had beowulf write our policies. We assumed those would be sufficient because they offered their services as a cybersecurity professional.

Beowulf did a vulnerability scan for us and this didn't show up -- we would have fixed it if they'd told us about it!

Beowulf did our risk assessment and concluded this configuration was fine, so we didn't change it. You're saying that this is how the hackers got in?

There's a reason why consultancies have insurance policies for this stuff. If they get sued, insurance eats the bill.
They also have lawyers on call to write up cast iron contracts which alleviate as much liability as possible.

You don't have either of those things as a freelancer.

As a side note, that's also what usually happens in big orgs which do have mature security programmes in place.
As soon as something big happens, the CISO gets fired as the scapegoat.

alr

wait you mind if I dm something rq

That depends on what the something is

its what my lawyer wrote up for me (GPT)

kinda funny in a way
might just be that way for me

Yeah, don't use AI as a substitute for a lawyer

There's precedent for that ending badly

you wanna read it or not

im not actually gonna use it.
I just asked for advice

then tried it out to see what it would look like

Not particularly tbh. It's not going to be legally binding, and it's 0125

sure then.

im not a lawyer so idk if it would be but thats not the point.

either way thanks for the advice

Does anybody have any tips for studying for the CySa+? I'm going through Mike Chapple's Sybex book right now and am about 1/4 through the SOC Level 1 TryHackMe path. Thanks!

Guys i have a question what is better PT1 or CompTia Security+

I'm still reading, but the answer is it depends. If it's a publicly traded company that files a 10k with the SEC, they would have fiduciary responsibilities. Privately held corporations are slightly different and I am sure a registered 501c3 differs from that as well

HIPPA specifically refers to the handling of identifiable medical data and it's, iirc I haven't looked in a while, pretty specific in who it applies to

It's regulatory, if it specifically applies to the healthcare industry. If someone uploads their medical charts to, say, grok, then the uploaded data is not considered to be private and confidential because it was uploaded deliberately to a non-healthcare site.

Much like someone who emails their credit card data to a vendor, that is not a method of transmission PCI will apply to.

By the sounds of it they're talking explicitly about medical non-profits -- i.e.,
healthcare orgs, no?
Either way, cheers for the input both of you ♥️

does anyone have any interest in physical pentesting

Hello. I am currently in the US Military and I am looking forward to getting out within the next year to pursue cybersecurity. I currently work in IT and have been trying to get as much experience as I can in this line of work, but I've always found myself coming back to relearning the fundamentals (CIA, AAA, basic cryptography, etc.), however, after getting the premium subscription to THM, this has been my first time into taking my own individual training for cybersecurity (CS) further. After much research, I have discovered. for myself at least, that its safe to start from the ground up and become a CS Analyst, or at least work anywhere within the defensive side of cyber. I've been working in IT for 5 years, and I currently have SEC+. I am now pursuing to get CCNA and going back to school to get my Bachelor's in CS at University of Arizona.

https://tryhackme.com/manage-account/teams?joinTeam=a80baabb2c

#1385311669256982608

YES

I don't really have an end goal right now in regards to CS, but I know that it is something I want to be involved in. If anything, I would love to work more with cryptography, which I'm sure is more the CS Engineer route. Anyways, my question to the community is what's next for me to do? I would love to get as much certs as I can from the military, but even that doesn't seem enough. I'm starting to look at jobs now and even for some entry level positions, they still want some sort of degree under your belt, yet all I usually see is the opposite. They have degrees but no experience, or plenty of experience, but no degree along with certs/skills that don't even match the positions responsibilities. This honestly makes the decision to get out a little tough on me because of job security. I even got offered a $80K bonus to stay in the military for 5 more years and get the opportunity to work as a cyber analyst... but thats the catch. Stay in the organization that I've been telling myself to get out of for years, and now they'll do whatever to keep me in. I'm not that special but it's clear that they need numbers. Most will say that'd it would be silly not to take the opportunity, but I would honestly sacrifice my mental stability and happiness just to work in somewhere where I don't feel like I belong. There's a lot more to that I won't share here, but any input on that is welcome.

To sum it all up, I'm still leaning towards getting out and I have 1 year left. I know THM courses alone won't get me too far, but it has definitely been a great start. I got no regrets with my purchase. I'm just going to make the most of it, of course. What are some ideas or skills I should need to pick up before I put together a resume and start putting myself out there?

Hi guys

Hey everyone wanted to ask the experienced people or anyone advice … so I’m currently starting a cyber security lvl 3 boot camp ,I want to freelance in cybersecurity (ethical hacking with programming /codiing ,pentesting/redteam ) after the boot camp you get a guaranteed job interview and I wanted to ask advice on what you guys would pick, Paid IT APPRENTICESHIP, business administration and office based roles,customer services or call centre roles ,data entry or analyst roles ,IT entry lvl roles ?

hello

What you pick depends on what you enjoy the most or what you’re best at, I know I’d go with an analyst role

Yes that what I was thinking

If I show you what my course offers can you tell me the value

Maybe ? Idk much

Ok

Finally got a help desk tier 2 job! Praise the lord!!!

niceeeee, good luck on the job!

congratulations 🍾🎉

Congrats , finally some good news today 🙂 🥳 🚀

@spice plover Congrats!!!

hippa also applies to non profits
Other regulations depend on certain factors

they also need some level of cybersecurity to meet the requirement for certain grants

Doesn't matter - it's regulatory for all healthcare industry orgs, non-profit or otherwise.

quick question:
Hippa requires self audits and the sort but does not require organizations to send these audits or get third party audits, correct?

New acc

That's... exactly what I was saying

?

15 june 2025

Just asking

yes I've only recently got into discord

is there some problem?

Me too

Nah bro

thats great man

Starting journey or

for cyber security no. well not really.
On discord yea I am

my original question was up here

i did get some feed back on it thanks to muiri

Ok

how about you. new on your journey?

Well you can say that . Yeah

well good luck. lmk if I can do anything to help you.

Thanks for saying that .

Gave +1 Rep to @hollow prawn (current: #2955 - 1)

👍

HIPAA is regulatory - there are some obligatory reporting, and if an org gets caught not doing it it's very very bad for the the C-suite because they personally get fined.

there are some HIPAA-related audits and frameworks (HiTRUST for one) that are commonly required by customers for a vendor to supply services.

isnt the reporting only after incidents

i might be mistaken so please feel free to correct me

Realistically, do you think it’s truly possible to get a job in cybersecurity without any formal educational background?

yes. Cyber is one of the easier ones to enter. A lot of people do shift from other industries

I think help desk is kinda the more common/basic cyber starting job

so basically grunt IT jobs

What kind of "help desk" should i look for that lean towards cyber sec. entry level roles that will give me some experience

im not an expert or I dont claim to be
but from what I've heard help desk stuff usually refers to jobs that kinda relate to the comptia A+ cert.

So basically basic tech stuff.

That will get you some experience but after that it really depends on your experience and the sort

your skills, certs, education, experience, etc.

I could potentially help you more indepth if you want to dm

and it depends on what type of experience you are looking for

either way anyone is free to dm me for questions, complaints, or anything really

Help desk is help desk. You're interacting with the customer(s) no matter what, so having that general baseline of good cybersecurity practices is always fundamental, regardless of the position you're in

So with that kind of experience, you can at least show that you know how to break down something complicated into something that is understandable to anyone. In my 5 years of IT, I always stumble across someone who doesn't understand what's going on around them. So if you have that ability to break it down into simpler terms for someone who has zero awareness of cyber security, then you actually know what you're talking about. Sounds silly to put it that way, but you would be surprised how many people in this field don't know what they're talking about. It also shows you have great communication skills as well.

Again, help desk is help desk. You can go anywhere for that sort of experience. It's crucial in this field because if you can't break it down to a customer, you're going to fail at explaining what's happening to your boss and other essential personnel in your team and get yourself fired instantly. Getting A+ will just verify that you know the basics of computers and good security practices, but you can get that knowledge anywhere for free

I would disagree on cyber security being an easy pivot. Yes, it is possible to thrive in the field without formal education but I wouldn't consider it easy.

Sometimes you just have to accept that someone is gish galloping their way into saying so many wrong things that you cannot possibly address everything

Yeah and based on conversations I've had with my classmates, some of whom are very experienced in the industry, it can be very difficult if you don't have a background in ITC. If you're doing a "180 degree" career change it's going to be tough. If you've been a sysadmin, developer, or network engineer etc you've got directly relevant skillsets. I guess some people do a lot of complicated home networking and set themselves up media servers and such so they'd perhaps have some foundation skills there, compared to someone like me (linux user "good with computers").

How about someone who has been in QA for 4 years and then switched to cyber and worked as a Security Analyst (but only for 8 months now)

and after that 8 months , am not working anywhere , but now on a jobhunt for the past 4 months

that you've been working in the field for 8 months and having difficulty finding a new position shows that it's not that easy, I think. What quals or certs do you have?

I have a Masters Degree in Cybersecurity from a french university

I had a AWS security cert which expired in 2023

Now I'm learning through THM

cool

What was your undergrad?

I consider myself a rookie in Cyber still after all these quals , I have an impression that there is too much to learn and update everyday .. and each and every job demand a specific in detail skillset (for eg, they don't demand just an experience and knowledge, they demand working experience with a certain specific firewall like F5 or Akamai.
Or a working experience in MITRE ATT&ACK, STRIDE, PASTA, VAST .. etc etc)

It feels IMPOSSIBLE to have gained such experience , and I am not getting any answers for Entry level jobs or fresher cyber jobs

Knowledge of Mitre Att&ck seems pretty fundamental to me, that's a core framework.

But you're right, there's SO much to learn. This is what I'm finding tough rn. Figuring out whether there's any point in persisting, and if I do, what to focus on. Feeling a bit overwhelmed.

Maybe your resume/CV needs work? My first job application with a government agency here, when I asked for feedback, I was told mine needed to be more focused and I needed to ensure I addressed the criteria. So I pruned my cover letter and CV massively - even totally left out some jobs, just focused on tightly relevant skills - and the next application got to the interview & referree follow-up stage.

Exactly the same, My family wants me to give up on my cyber dream and get back to QA so that there will be money for now atleast.
Tough times

ah that's difficult.

Those are some good credentials.

Well, I speak as a person who has been unemployed in moments of crisis, and I am now XD. You could get a job to have some money for your stuff and still search for vacancies in cybersecurity.
But see with AI what she thinks about your curriculum, that is something that most people started to say on LinkedIn, as a lot of RH uses it now, it is an excellent help to find where you could improve your curriculum. And check if your country offers any assistance in finding a job. Sometimes, there is help available for enterprises that contract unemployed individuals.
That is what I am doing now.

Ah, yes I'm working on my resume skills as well.

Are you still searching for a job?

Yes, but I am a newbie in this field. I am currently taking a degree in engenharia de sistemas informáticos. Because of that, it is a little more difficult to find a job, but sooner or later, I will.

Best of Luck mate

Thank you!

Gave +1 Rep to @distant glen (current: #2957 - 1)

looking for what to do , i am a graduation student in my last year and want to pursue a carrer in cyber security and have a skills of linux , shell scripting , js , networking and operating system

depends on what you wanna do after

because cybersec is a big area

well what can be good for a fresher in this industry as a blue teamer

Well, hopefully this Job board will be my saviour, just got told my team are going to lose their jobs

I would like to be a bug bounty hunter but i don't know what i should learn to achieve that

Hey Pal, you can probably consider becoming a SOC analyst.
Most of my colleagues started their career in cyber as SOC in the past 2 years

Hey guys. Little help for getting a job in cybersecurity. I passed eJPT certification recently, top 5% on THM and preparing for Comptia Security+. I can program a bit and have my portfolio and github where i post my programming projects, tutorials or articles. I'm also a master student in cybersecurity. Could you tell me what else should I do to get a first job? I'm thinking like I have a good profile but it's still enough... what's the reality of that

I'm also more into red team

I'm open for any role at the beginning, tech support, penetration tester or even some compliance stuff

any tips?

hi guys im new here i need hackers and spammer friends

Well if you compare it to the medical field I would say its easier.

not easy. Easier.

hopefully this didnt offend you either.
I have heard and seen more success stories for pivots into cybersecurity compared to other fields.

I would appreciate constructive criticism. It would be great if everyone was respectful to everyone in this community despite differences in opinions.

yea by other industries,
I meant tech really but I have heard of people from entirely different job types succeeding in cybersecuirty

yea. In case I wasnt clear, I'm not telling anyone to get the A+ cert but that help desk relates around the concepts ig learned in the A+ cert. But great advice.

Again. If anyone disagrees with me. Feel free to correct me. 🙂

@warm hinge if you were to start over, (at less say 30ish hahaha) where would you start? which certs would you pursue?

Hey guys! Aiming to get some certs after my semester is over. I was considering getting EC-Council's CEH but I see the reputation of it has taken a punt even if most companies ask for it as an HR buzzword lol

I have an option to get two of the following: eEDA, eCDFP, eCIR eCTHP, eJPT, eCPPT, eWPT, eMAPT and eWPTX, certified by INE. Would love to know your opinions!

It would really depend on your end goal.

I wouldnt say I have a particular preference to the path you take because the industry has changed throughout the years.
Madhat I believe the channel is called has some advice I would agree with.

I think there was even a decently recent video on certs

Hello i'm a french student and i need to do an abroad internship to complete my studies.
I'd like to know if you had any advice/website to share to help me with my research.

thank you in advance !

Your school/college should have ways to facilitate you as part of a program. Otherwise, many companies post internship programs on job websites like LinkedIn and others

well i wish but there is nothing unfortunatly in my school

i already checked linkedin but didn't see many

I searched 'cybersecurity internship' in EU and there's loads of them; Milan, Utrecht, The Haag, Ingolstadt...

yeah i saw some but not that many
and i need to sort a lot because some of it need to talk the local langage or are 6+month (i can do 5 max)

How do I get a basic entry level job in a field that can lead to security analyst? Will an associates degree in IT Cybersecurity even get me a basic job?

Are there any skills or things I can do to improve my chances?

Also, is it possible to start in the field remote?

great question, i certainly cannot believe one would have to have a degree to get a job in the field. have you found or mitigated any vulns or tried any bounty programs?

those always look great in interviews or on resumes. certifications are extremely helpful too

sure, not saying they don't, but it's tougher to make a big shift. The education industry is pushing the 'it's easy and there's lots of jobs' narrative to get students into certificate courses. My point is: go for your dreams, sure, but also manage expectations.

yup. Its a tough time for really any tech job.
But compared to other sectors in tech. I would say cyber has a better transition rate.

especially if its from a tech job

I didn't even think that I could even attempt a bug bounty, and I don't even know what that other thing is. Mitigating vulnerabilities? How/where would I do that?

I've been working through THM rooms a bit where time allows