#cyber-and-careers

I also keep tailoring my CV and applying to big companies, however I receive no reply at all. Not even a rejection email.

I tried creating one CV with all my skills on one a half page, spammed a bunch of jobs on indeed and got 2 calls that wanted me to work right away, however I am in still in college so I couldn’t

😔

Hey guys I've been searching for a certification that will help me grant a job in AI Security Engineering , making AI Models that identify threats , analyse malware , handle incidents maybe AI Agents that perform SOC , and also work on security AI Models , soo I found so many options but some of them are expensive while some others are irrelevant to what am actually planning to do or at least don't know wether they'll work for me

can't u work while u are in college ?

No I am currently on a student visa which allows for part time jobs only

good luck . If I study in my country for a bachelor's degree, is it easier to get a visa for a master's degree abroad?

I don’t know much tbh so I don’t wana give false advice, maybe someone else here could provide better advice. In my case, I was already in a British college. This allowed me to study abroad on my last year.

I feel you man. I’m in Uni too but started InfoSec/CyberSec like two years ago and I’m graduating next year lol. I still don’t know anything so I’m cooked

guys what do you think would be wise to be posting on linkedin without unnecessarily posting and filling profile with random stuff?
like should i be posting room completions / challenge completions or do i post big milestone things like completing a path / several challenges / reaching a rank or something?

What certs would you recommend I get

I have a Bs in cyber security and 2 internships and Google it certainly what would recommend I get ?

sec+, net+

Any material you recommend I buy or look at to study for it

professor messor

free of cost

:D

Thank you

What is answer in task 2 on cyber career

I got a free voucher for PT1 a while back ago and i want to take the cert soon. I already did the Jr pentest pathway but i saw online there is a lot of Active Directory pentesting on the cert. Im pretty comfortable with web at this point, so how should i go about practicing AD pentesting is there any paths that go over it?

Yes...

Go into the #pt1 channel and click the link at the top. Click the Get Started button and look at the Recommended Learning section.

Ah i didnt notice that on the cert's homepage, thank you!

Gave +1 Rep to @rugged delta (current: #17 - 627)

Only in french Hello

I am currently a first-year undergraduate student at university and I am working on a professional project as part of my studies.

I am looking to speak with a professional in the field for a short interview, approximately 30 minutes per call.

The goal is to learn more about your profession, your career path, and your perspective on the industry in order to make an informed decision about my career path.

If you are available or know someone who could help me, I would be very grateful.

Thank you very much for your help and your time.

Hello, My name is J and I am new to cyber/IT. I have an opportunity to attend almost any school and I came across WGU and SANS. Which would you recommend. I'm thinking about getting my bachlors at WGU and Masters at SANS; Or, would a bachelors at SANS be better.

I have a SOC 1 Analyst technical interview any tips? I have been mostly doing TryHackMe, and Letsdefend.io, watching youtube videos, practicing scenarios. But wanted to see if anyone had some awesome resource that I have never heard before that could help. Thanks!

How did you get the interview? What's you resume look like(feel free to just give broad stroke eg degree yes or no, relevant exp yes or no, any certs?)

I have been watching this thread, and helping where I can, but I have a question now. I have seen a lot of people say that you should buy a domain, and start writing a blog. Should I buy my display name for the domain, or my real name? And how much personal info should I put on it? I am wondering if I put it on my resume, if they would want me to say my name on my blog, or if I should keep that private?
Thanks for your time!.

Hi THM, I dunno if any of the THM staff will see this but I'd like to say thank you so much.

I've been doing THM for around 6 months now, I even re-did rooms to document them and publish writeups.

This consistency managed to land me an internship with the SOC team of a large national bank in my country, I'm very grateful for THM's content.

I'd also appreciate any advice from people undergoing internships, anything I should do or not do?

SSH is open and I got into the admin password is brute forcing the right move? It's saying 180 tries per minute so I think it's rate limited so anyone to suggest what to do or should I leave SSH and focus on the other open ports

Folks will need context on what it is you are attacking or testing to make sure it isn't illegal or unethical.

Just dropped my first TryHackMe room — Secrets Within 🔍

It’s a beginner-friendly challenge covering:
• OSINT investigation 🕵️‍♂️
• Steganography 🖼️
• Audio forensics 🎧

Think you can uncover all the hidden secrets? 😏

https: // tryhackme .com /room/ secretswithin
(remove spaces to access it🥲 )

Hey @hidden grove ,
Thank you for this, I'm super excited about your room for I'm a complete beginner. However, it says I have no access, since it's a private room. 🥲
Without trying to be rude, is it part of the challenge or I'm just doing something wrong? Thank you kindly 😊

Gave +1 Rep to @hidden grove (current: #3707 - 1)

@sly terrace remove space from the link i provided above, anyway check dm

Thank you very much 😊

Is this room intended to be accessible to certain users only (as it is set to private)? Or if this has been submitted for THM Staff review?

does anyone know of a way to seach for jobs based on certifications? Trying to gauge the job market/listings based on certifications

You should be able to do a search on most job boards. Haven't tried it in LinkedIn though

hi

If you are linking your website/blog on your actual resume that you send to potential Jobs then they will already have you real name/info and I see no reason to put too much personal info online unless you directly benefit from it. Take popular Cybersec influencers as an example, most have their real info accessible but their websites are businesses typically, your is just an online resume, no one is likely to stumble onto your website who needs your real name who doesn't already have it.

I would not advise searching for jobs this way - outside of the military there are very few roles where it comes down to just having the cert.

I’m in the military for cyber… wanna do some certs to pass time and why not and to supplement my experience

SOC interviews can vary wildly between orgs - best advice I could offer in that regard is make sure your IT/Networking fundamentals are solid (e.g. it is almost guaranteed you will be asked a question or two about the OSI model, TCP handshakes, system recovery/backups, etc..)

Ah well in your case then carry on, if you can get clearances you will have a whole world of opportunities open up to you - I believe there are internal job boards for military members you should be able to leverage as well?

But the advice is still the same if you are trying to be employed in the private sector, they generally look for experience + education in addition to certs as opposed to the military which is generally more willing to train you "up" into a role (forgive me if Im over-simplifying, Im not in the military)

No worries. I do understand your point and where you’re coming from. Thank you!

Gave +1 Rep to @ancient prairie (current: #50 - 231)

@dim moon

@dim moon
@teal arch
@digital marlin

BRO

MODS GET HIS ASS

Hey everyone 👋

I’m an aspiring cybersecurity learner, currently focusing on web application penetration testing and building my skills step by step.

The thing is, I don’t have any real-world experience yet, but I’m actively learning through platforms like labs, courses, and hands-on practice.

I wanted to ask:

• How can someone like me start applying for remote internships or entry-level roles?
• Are there any beginner-friendly internship programs (like VAPT internships or similar) that accept candidates without prior experience?
• What should I focus on to increase my chances of getting selected?

Any guidance, resources, or opportunities would really help 🙏

Thanks in advance!

people in GRC or trying go get into it, how it is like? what are doing to build your skills

I would jest but answering seriously .. I Think that the best way to get into GRC is to start practicing it, build standards for use cases, practice audits, work towards a relevant certification . 90% of these are things you can develop when doing things like IT/IS related positions which are not always the most friendly towards interns.

Act-as-if .. To quote boiler-room.

I wrote a standard recently for a small business/developer to comply with glba/hipaa .. did it much as security/infrastructure engineer , ran into it with my sysadmin experience, and in general have been CYA for my entire career since

Hi im kinda screwed , im year 1 in electronics engineering and like in 6 days i have a interview for the biggest cybersecurity firm in my country , as a c++ dev and i cant barely put a for loop togheder, whats a good way to start or any resources that could help me be as prepared as i posibly can

Hello everyone. I recently just transitioned from driving trucks to tech. I got my ConpTIA+A certification, I’ve been studying cybersecurity via Coursera and any other Material I can get my hands on. I am aspiring to be a Cloud Security Engineer. I also got my google professional certification in AI. I want to know all about that as well. What does anyone recommend for me as far as things to study, paths to take to get to the Cloud Security Engineer. That’s my ultimate goal. Thank you in advance.

Security+ is good, but look at the roles posted in your area (or where you're willing to move) and what certifications they want

Usually they'll need some experience in tech beforehand, so you might need to get a foothold in with the helpdesk and move up the ladder

iirc microsoft has some cloud related certs, but yeah you’d definitely need some prior exp — therefore sec+ would be a good next thing to get

SC-100 would be good yeah. Just depends on what sort of jobs are available near you.

Agree with what sporked said. I would add though that you will also need a certain degree of understanding on the technical side of things as you will potentially be talking to IT and security folks when looking at what controls are in place or demonstrating compliance to a certain requirement.

hey can someone help me? I've been applying for universities and I've come across a hurdle. There's 2 different foundation programmes that I can be enrolled to: "Foundation in Information Systems" and "Foundation in Information Technology". I want to ask which foundation programme can lead me towards Cybersec?

Could you be more open about the content of both of those programmes?

If I’m serious about a profession here should I eventually be using Linux or does any OS suffice? Mac user. I know a bit about Kali.

What kind of profession? Most businesses use Windows

But if you want to be a pentester you might need to know some Kali, yeah

Yea I love the idea of pen testing. Breaking into systems

I so hate windows. But I assume I’ll have to understand the workings on windows servers.

Mmhm. You don't need to use another OS entirely, but knowing how they work would be good

Which pathways should I take in which order if my ultimate goal is to be a full spectrum red teamer?

Which THM Rooms can help me prepare for the SANS SEC506 amd GCIH Cert?

Anyone knows about companies that hire entry level soc analyst to work remotely?
In my country almost impossible to find soc entry level

You should aim to learn everything you can about SOC so you feel confident applying to senior roles as well as junior

Which country? Even for remote roles, a company is usually required to hire within a specific country or region because of things like tax laws, labor laws, compliance regulations, etc.

There are remote jr soc roles available in the US, but most of those companies only hire direct from the US - unless you work for a contracting company that the US company might hire through. When I worked at global company, I had jr people I worked with in India, but they were hired by a company in India and then contracted to the company I worked for. That way, the company I worked for didn't have to deal with the employment laws of India, only had to say "that's on the Indian firm, we are contracting through them".

Is it possible to work remotely in the SOC department?

Short answer - Yes. Long answer - the more experience, the easier it is to work remotely.

If it's junior then?

Location and previous experience prior to SOC?
In the US and has a few years of help desk, jr sys admin, etc - yes, you could probably score a remote jr SOC position.

hello

goddamn it

MODS

Yep?

Oh bots but they gone

I want to work in a SOC but the only experience i have is finishing the SOC L1 course here. i just recently got my Security + as well. I will take the SAL1 this weekend. im curious how can i get and show the experience neccesary to get a SOC position?

Jobs like help desk, jr sys admin, jr network admin are usually more abundant and will give you an opportunity to pick up the skills you’ll need in a SOC position (troubleshooting, reviewing systems and network logs, writing reports/tickets/documentation, etc)

Good day hackers!

Help @tidal delta

Hi all! I see a lot about building a portfolio, but it seems a bit silly to document things as a super beginner doing like the very basic beginning stuff. Is anybody doing this?

No

Anyone been reaching out to recruiters lately for internships. Would love to Connect?

I’ve spent the past few days reviewing a lot of resumes and wanted to share something that might help anyone currently looking for a job.
If you don’t already have one, I highly recommend setting up a linkedin profile and building your network. Make connections with classmates, people you meet at security or hacker conferences, professors, and/or anyone you work with.
When I review resumes and can’t find a linkedin profile, it raises a flag. It can come across like the application from a bot or that the candidate isn’t fully invested - just sending out a ton of resumes without putting in the work of building a network. A linkedin profile helps me get a better sense of who you are, look for shared connections, and even reach out to people in my network who may know you.

It doesn’t have to be perfect, but having a presence can make a difference.

A resume should get you a sense of who the people are not a LinkedIn profile where the content is 90% AI generated nowadays. People with trust issues should openly write personal information on a “business social media” website ? What’s the benefit? You just can talk with the people directly since you have the resume. Not build a system of walls for yourself.

A resume should get you a sense of who the people are
A resume gives me a list of skills and tools people work with. When I'm looking through 150 resumes, very few things really stand out.

People with trust issues should openly write personal information

Who said anything about write personal information? The occasional "Been working with [blah] tool lately and found it does [foo] really well" can suffice. That and a few reposts or a couple of comments from cool articles about the latest security news .

You just can talk with the people directly since you have the resume.
You're going to talk to 150 people a week? Plus do 40 hours with of work. Oh yea, also manage a team?

thx for advice, what can u say about not even reaching interviews? That's my problem sir, I have never had one single interview to join a position I love like purple team.

Gave +1 Rep to @torn plume (current: #401 - 22)

Look, if you don't like my advice, so be it; doesn't hurt my feelings. I've been working in the industry for almost 30 years and a hiring manager for about 15. So I try to give back by sharing the things that I notice and what I discuss with other leaders in the industry.

What type of jobs are you applying for. Also, I'm from the US, so my advice (milage) may vary

Well, anything from SOC to jr pentesting, or ICS entry levels, im now in the last year of graduation in cybersecurity technology but with very few hits on jobs, my last one was as an inter for what we call here in brazil as prosecutor office ( public military ministry) as a support intern, but not even touching cybersecurity...sad reality it seems that here is only for those who are indicated

I need an opportunity a single shot on it I will be very happy, and I have linkedin 😄

Do you have any tech experience? Applying for help desk or working at NOC is a good place to start. Those provide the skills and tools you can add to your resume when applying for position in a SOC.

Do you need an internship?

oh yeah I do, NOC using zabbix and applying firewall rules. Also worked with darktrace, but did not liked it. I have social security number from the times I lived in NJ, 2 years. If your company need it 😄

Anything folks. I will graduate on July so...idk if company will accept a short contract

any knowleage on cloud security microsoft plattforms?

no 🙁 zero

no need on best knowleage, but have you worked with it before?

no =[

intrested?

yeah I can learn if u teach 😄

or learn by myself too

no problem

: D

If you are studying a vocational course or university in tech, I can get you in and your school requires you to have an internship. (:

How old are you ?

I've sent you a friend request

and private messages

That’s a great example. No LinkedIn needed.

Am I the only one hitting a wall for job opportunities? I just started looking, soon I'll get the certification for SOC level 1, and I mean, it is more in the way of I'm not in the U.S or UK

I'm in Latin America, and most opportunities are requiring for me to be in the U.S, even if is a remote position 😔😔

I'm starting out with Kali Linux and I'm trying to perform a deauthentication attack on my network. I tried using aireplay-ng; it sent the deauthentication signals but didn't change much on the network. Can anyone help me?

Yea same

Job market is kind of cooked right now. You just have to hang on until it turns again.

Not really, no interview, nothing happened

I'll try, still will get some certifications in the meantime, still feels kinda off at this point 🙁

MODS

dont. get projects instead 😏

Greetings mates, please is there a free room on tryhackme that I could lay my hands on real labs fkr ethical hacking?

https://tryhackme.com/room/blue

appreciate you

Welcome

There are a lot of free rooms. You may use the search function to see which rooms are free.

yeah, I'd definitely look into them..I've been thinking that it's only when I subscribe then I'd lay my hands on real practical labs

Thank you @fickle grove

Gave +1 Rep to @fickle grove (current: #11 - 933)

What are yall thoughts on cybrary?

I heard it’s amazing but the pricing might be abit too high

It was good back then, I've completed penetration testing course by goergia it was gold

Yea, I’ve been eyeing for that course along with GRC analyst

im targeting the Jr PT1.. the Path frm THM its really good for we get a good skills ?

im focus on

yes, also learn AD basics and its path

I'm really excited about this area, but at the same time a little scared if I realize... There are many applications, but I need to change my mindset quite a bit.

Yes it takes time to get hands-on. Work on the area that you fear and it'll work out, I'm doing the same

are THM certificates useful to enter a job? or are they just to hop to another cert?

no

no what?

Do sec+ net+

THM certs ehhhh

So, is getting certified pointless? I confess I'm quite excited, but I'm new to the field, so the roadmap is proving very enriching. Is it really that difficult to get a job even specializing through THM? In my specific case, I have a friend who recommended it, but he already works for multinational companies as a pentester around the world, and he told me that if I get the PT1 certification, he can get me into the field. I think it's because THM is very practical and ends up proving your capabilities.

but idk im newbie

but the roadmap its good for learn?

Ye

I used it years before for my CISSP prep and Kelly H.'s course was great, I'm not certain if they have changed it since though. Also, I saw the pricing and it is quite expensive for me though I haven't tried their labs.

Learn but don’t do the certs on THM, not worth ur time

Go thru the roadmap and also like do certifications and projects :D

Or study for the sake of learning and not getting certified.

Why should he not do them? The SEC1 was great in my opinion. Security+ VS SEC1 - I would select the SEC1 hundred times over because it’s hands on.

I will do it because I have a friend who is helping me professionally. I'm in a career transition process from support analyst to security... so I need the Jr.PT1 certification for it.

Then I'll do later the ones that are globally accepted.

im total noob

😄

on security

Ooo that’s good to hear then

I heard the labs make it worth the price, ended up buying a monthly subscription for 46$, and so far it’s really good

Planning on wrapping up some security+ labs too

For security+ thry have a good lab too?

To b honest, too early to tell since I just started but so far they’ve been really helpful

Hey everyone! Looking for some career advice if anyone has a moment.
I left my role in digital forensics with the Police back in September and I'm now working towards breaking into cybersecurity, specifically SOC analyst roles. I have a first-class degree in Cyber Security and Digital Forensics, AWS Cloud Practitioner cert, and I'm currently working through CompTIA Security+ and the SOC Level 1 path on TryHackMe. Is there anything else that I should be doing to improve my chances? The market is too rough right now 😂 Thank you!!

I would recommend you open-up LinkedIn (or your local job board), search for local jobs in cyber you are interested in, and see what kind of requirements they have. What skills do they went? What experience do they went? What certifications do they went?

Compile all of this into a self learning path to become the most hire-able in your own local market.

The local markets around the world can be very different...

I think your experience will be helpful in a DFIR role, so look for job listing with that keyword.

If you really went a SOC, then be sure to also learn decision-making with incident response and triage. Read some books on the topic, recommendations- https://youtu.be/uE_8g8PPv-Q

If you went to go more towards the cloud then continue with the AWS courses, they have more then a 100 free courses on cyber (mostly cyber engineering but nonetheless) and if I remember correctly the labs in the paid courses are quite good.

And if you have tons of money laying around (or your employer is ok training you, thats what I did), then look up SANS training, they are the most technical, but absolutely overpriced.

About try heck me... go for it if you have the time, it is nice to practice especially for new peoples, just don't expect to get a job based solely upon it.

Hey, I wouldn't say that you're only breaking into cybersecurity, as you already have digital forensics experience under the belt -- also cybersecurity (a lot of SOC L1 positions later move towards L2-L3, where digital forensics is also conducted). I'd say you're pretty well off to break into a SOC role, and going for Sec+ is good, you could also consider CySA+. Those alone and your previous exp should definitely land you a SOC position, but obviously depending on where you are located the difficulty of actually landing the job will vary. LinkedIn could help you, definitely list all your certs and previous exp, send a lot of applications and keep working on your certs.

hi everyone, just wandering where i could buy full cyber security courses? i am new and have super low knowledge about cyber security and currently learning programming.

Go read #start-here and #1146278299169992755 message in Discord.

After reading that, you might also went to take a look at:

• The problem in getting into cyber - https://thisisanitsupportgroup.com/blog/entry-level-cybersecurity-jobs-hiring-reality-2026/ (READ THIS!)
• Into about cybersecurity jobs - https://www.eccu.edu/blog/beginner-roadmap-to-cybersecurity/
• What is it I need to know in cyber? - https://roadmap.sh/cyber-security
• I went to really learn by myself! - https://github.com/Hamed233/Cybersecurity-Mastery-Roadmap
• I went to pay (a lot of money) for good materials and certifications - https://www.sans.org/mlp/new-to-cyber

oh okay thanks!

forsure, after you've decided if this is the way and the profession you want, come back here to practice and learn the specific profession, there are a lot of good workouts and exercises on the THM website.

What’s the best rooms for security analyst

Studying for the Security+ rn and gonna try to land a help desk job after that

Probably the SOC Level 1 Path, thats what I do when my 101 is done.

not even to learn enough content to go for other certifications?

that's my advice I don't think so its worth to pay for those certs but I would just learn those content and just go for more recognized certs like sec+, net+ but if you really want to you can 🤷‍♂️

nono, i will do what you said, thm certs are more to say that you know that stuff but not recognized, sec+ and more are very known

Look, what are the certifications for? To find a job, right? So check the job boards (local LinkedIn, for example) to see which certifications they're actually asking for! Local markets in different places sometimes require drastically different things. Check what's really in demand and go get it. Make yourself as employable as possible for the market you're interested in.

@empty swan @vagrant cargo Thank you both so much! Both great advise! I will deffo be completing security + and looking into CySA+

Gave +1 Rep to @empty swan (current: #3712 - 1)

Gave +1 Rep to @vagrant cargo (current: #252 - 44)

Depending how long you were the forensic examiner role you already should have the background for SOC work as others have mentioned. Not sure if you are US-based but the job market is especially terrible at the moment so I would highly recommend going back to your previous job if possible while you look for other roles.

As an anecdotal aside, we are currently in the process of trying to hire someone on our team that has one of the best resumes I've ever seen and most recently had a long stint at MITRE. According to them, they have been job hunting consistently for roughly the past 5-6 months

Also, another role you would possibly be well-suited for is e-Discovery - look into this role amongst law offices and insurance firms

ill give a look on certs that are asked in job boards, thank you so much for the advise, @empty swan !

Gave +1 Rep to @empty swan (current: #2414 - 2)

For sure man

is e-discovery simmiliar with OSINT?

No not really they are very separate things

Hi all, I'm a seasoned developer (+20y) mostly specialized in distributed systems, functional programming, and cloud architecture (mostly AWS). I've decided recently to switch to a cybersecurity career (probably towards Offsec), and was wondering about how feasible this is overall. Have you ever met people in this situation? How attractive are these profiles on the market (if they are at all)? Would any of my development/architecture skills really considered by a recruiter looking for a cybersecurity role? Any synergy in mind?

Thank you in advance for your replies.

Hey I am solving a CTF can anyone help right now

If this is a THM-related room, please head over the #room-help channel.

There's a lot of potential for a seasoned developer/cloud architect in cybersecurity. You should understand how cybersecurity fits into how businesses operate. Reading a Security+ study guide or doing the Professor Messer course might help a lot to get you started. The certification is quite widely recognised, but yes, certainly pursuing something like OSCP would be a good direction, as long as you understand the role, rather than just going for a cert

hi guys :) i'm an it service desk analyst whos trying to get a new job, prefrably in security. i have a security degree. anyone interested in checking my CV? :) thank you

One of our pentesters is around 55 years old, similar background as you as a developer and is one of the brightest minds I've seen when it comes to offensive security - this is just one example but just wanted to highlight the fact that you likely have the aptitude but will need some upskilling specific to offsec

he was also a late career switcher, moving into offsec around 10 years ago I think? You will likely be able to pick things up much quicker so I would encourage you to just follow the established paths beginning with OSCP and a ton of CTFs

If you can post a redacted version of your CV here that would be ideal as you can get more eyes on it - otherwise if you don't feel comfortable with that you are welcome to send me your CV (redacted or not) and I will provide feedback in a couple days

thanks man! i'll do a redacted version first and send one to you and see if i'm comfortable enough to send another here haha, but i appreciate it!

Gave +1 Rep to @ancient prairie (current: #51 - 232)

Facing this issue anyone can help??"Oops, this page failed to load
Something went wrong while loading this page. Try refreshing to give it another shot.

Error ID:
cbb6e7805deb4448b88d98ac95d76c6e

"

Hey team 👋
I'm new here , currently working toward my first SOC Analyst / Blue Team role. I've completed the Google Cybersecurity Certificate and the Let's Defend SOC Analyst path, so I have a basic handle on alerts, triage, and investigations.
Now I'm at that point where I'm not sure what's best to focus on next — home lab, SIEM deep dive, or just start applying?
Would really appreciate any advice from senior analysts on what actually helped you get your foot in the door. Cheers in advance 🙏

Any ideas from where to start bug bounty learn about it and practice it specifically ?

TryHackMe has cool rooms on web exploitation, also check put portswigger labs

How's it being an Cybersecurity Professional specifically Red Teaming?

Hey everyone, question for any of the professionals out there. I’m graduating with my bachelors in cybersecurity in May, and planning focus on getting certifications first, but I was curious what the value of pursuing a masters in cybersecurity or IT is? Is there a big value add, or would it be better to get certifications first and then pursue a masters down the line?

Extremely depend on the job, for security researcher a few papers under the belt is great, for a security engineer? Far less so.

Look at the job listing you went, on LinkedIn or any local board - what are they looking for? A masters? A Bs? Papers? Certifications?

You need to be hire-able for your local market in the job you went.

hey guys, does anyone know where does someone go from being in 1st Line IT support? i'm barely a year in but i am on a time constraint. i'm really interested in digital forensics but most DF jobs aren't open for graduates. does anyone work in 2nd line support here?

You should check out the Red Teaming path on THM, which will teach you some of the tactics and techniques and reasons why organisations request it. After you complete it, you can attempt the Red Team Capstone network, which simulates a red teaming exercise against a fictional bank
https://www.youtube.com/watch?v=oIOjkGh5m2U

Thank you @ancient prairie and @rugged delta 🙂 I'll be looking at OSCP and Professor Messer

Gave +1 Rep to @ancient prairie (current: #51 - 233)

Gave +1 Rep to @rugged delta (current: #16 - 629)

Focus primarily on getting real-world experience and certs - not having a master's degree will not be a factor for like 90% of the jobs out there in cyber, it can also be detrimental in some instances as you can price yourself out of certain roles depending on how strictly the org's payscale is structured

You should start looking at transitioning into a SOC role - DFIR-specific roles are highly-technical and typically not open to folks without experience

i see! i understand soc roles are 24/7. can i ask if there is a possibility for the night shifts to be ONLY in night shifts or would it mostly alternate? i do night shifts ONLY atm and its not great hahaha

I don't know where you are located or what your situation is like but two things I would highlight: 1) the job market for cyber is historically bad right now, if you are not currently employed I would highly suggest getting the easiest job you can while you look for roles in cyber/IT 2) With point one in mind, it is extremely unlikely you get a SOC role without prior experience through cold-applying (definitely possible with some networking) so I would also suggest you look for roles in IT (support/desktop tech, jr. admin, "Geeksquad"-type roles) because you will have a much easier time transitioning to cyber with this background

It depends for a SOC - if you are located in the US then you will typically lock into a shift, 1st, 2nd or 3rd. There is always a shortage of people willing to work 2nd/3rd shift (when that is their native timezone) so it does suck but it much easier to get a SOC job if you are willing to work evening/graveyard.

would it worth putting that i'm on a graveyard shift right now in my cv then? i really dont wanna work another graveyard but thats on a minimum wage. if i get paid £40k a year then the circumstances would def change

It helps for sure - recruiters tend to beat around the bush when it comes to fact that a role could be graveyard so it takes away the awkwardness and helps you stand out a bit. Since it seems like you are in EU I would also recommend you apply to 2nd/3rd shift roles for international/US companies. Visa complications aside we find EU folks as ideal candidates for graveyard because their waking hours tend to align with overnight hours in the US and thus are seen as more reliable

ahh!! i understand what you mean. i have never researched for working in an American company if i'm honest. how much would you roughly say the pay would be per year?

It can vary a lot depending on the terms of employment, most US companies will underpay EU employees compared to US employees because cost-of-living in the US is astronomically high compared to a lot of countries. On average most entry level SOC positions pay around 70-90k USD but again that is pretty commensurate with the cost-of-living here in the US

@ancient prairie do you mind giving some feedback on my situation?

hello dears, maybe someone with tricks or tips how to join a linux job without certifcates in linux?

feel free to dm me if i m offline

thanks so much for this!! i will look into it. much love

Gave +1 Rep to @ancient prairie (current: #51 - 234)

Hello, 👋
I am a beginner in cybersecurity and I wanna learn it in deep. I have some basic knowledge of data communication, networking 🛜, programming languages such as C,C++.

Can anyone tell how I can get into cybersecurity??

Go read #start-here and Breaking In to Cybersecurity in Reddit.
After reading that, you might also went to take a look at:

• The problem in getting into cyber - https://thisisanitsupportgroup.com/blog/entry-level-cybersecurity-jobs-hiring-reality-2026/ (READ THIS!)
• Into about cybersecurity jobs - https://www.eccu.edu/blog/beginner-roadmap-to-cybersecurity/
• What is it I need to know in cyber? - https://roadmap.sh/cyber-security
• I went to really learn by myself! - https://github.com/Hamed233/Cybersecurity-Mastery-Roadmap
• I went to pay (a lot of money) for good materials and certifications - https://www.sans.org/mlp/new-to-cyber
  If you are in this server then take a look at tryhackme Cyber Security Learning Roadmap

Hello. I don't post much and just had a question. And I really hope it does not bother anyone at THM cause I love the platform, love the people, love the people on there. Just considering giving up on my cybersecurity job search after about 5 years. I recently canceled my THM renewal. I am curious to anyone who has gotten a cyber job how they worked THM or HTB into their resumes/interviews/calls/etc. The platform is great for hands-on and really allows you to not do tons of lifting with VM's, but all I see these days is "you need a home lab, projects, etc". THM has a great SOC lab and many other tools to explore. Thanks, Bob

Don't quit because the job market sucks right now. I'm in the same boat, but it hasn't stopped me from improving my skills in the field. Do odd jobs related to cybersecurity or IT support. Also, maybe look into AI Security. I'm moving into that area since AI is the norm now. See this moment as an opportunity for self-growth in these crazy times imo.

And, if you have a virtual machine like VirtualBox, practice and practice...meaning break the system down and look for vulnerabilities in the virtual machine.

Yeah but that doesn't make you a professional in Cybersec I meant the people who actually work for a company.

Me too, i am also new to cybersecurity and would love to learn deeper. well that's a great start for you since you have knowledge of networking and more.

Thank you for the vote of confidence amtradr. Not to go into my entire story, but I've done two camps ($21,000 and 52 weeks ), Sec+, CySA+, medium site, lot of little projects. I do have virtual box, but I've only done some light vuln testing and wireshark and such. Worked for 3 cyber/network companies as a CSM, but as for my "home labs", I have not built out a SIEM. I had planned to install Wazuh or Elastic on my ubuntu machine before end of spring. With all that being said, it's been a 5 year investment and 25k+ all told. Also rejected by 1500 apps. I am 48 and starting to just think about other non tech jobs and investing my time into trades/etc. Like to have skills I can put to use out of the gate. Out of my two camps, the hire rate for actual cyber jobs was 5/165 graduates.

Gave +1 Rep to @rotund cargo (current: #3717 - 1)

Honestly, that's awesome work on your resume! And age is age. I'm 40 years old (in 2 weeks) and still looking to improve in areas where I feel like I'm slacking in cybersecurity. An example is I'm doing the operation-takeover, but I'm taking my time to understand the concept and tools related to the challenge, like the port that is being used in the challenge. And yes, non-tech jobs are good while you still focus on your cybersecurity or related interest.

So there you go - focus on the defensive side in cybersecurity! And, stay in tune with the current cybersecurity atmosphere. And if you have completed THM challenges, post them on LinkedIn (advertise yourself). That's what I'm doing - posting my intake on recent articles related to cybersecurity and completing THM challenges.

STAY FOCUS!

Thanks bud. Appreciate it. And happy early birthday. You pursuing any certs as well or all hands on?

Gave +1 Rep to @rotund cargo (current: #2415 - 2)

Thanks! I have the main certs from CompTIA - A+ to CySA+. Right now, I don't want certs anymore. Just focusing on the labs now.

Gave +1 Rep to @sharp maple (current: #3718 - 1)

I want to focus more on the lateral movement and Active Directory labs but stay current with the newest labs.

What about you? @sharp maple

I was studying for SSCP, but stopped and pivoting to MSFT/Azure. Just to split up the day from the hands-on.

Nice! Stay focused on both agendas! That's what I'll be doing with CompTIA's SecAI+—expanding my knowledge in the area while completing the challenges.

I worked as a Jr NOC for about 2 years and PCNA from snapone is all i got from that company

I was working in Home Automation and realized i wanted in on the cybersecurity industry, felt like what i was doing was right at the time but the ceiling was only so high

I am nervous with all the AI becoming bigger and how far behind I am

3 years ago I could have taken the 3 core Comptia +'s and snag a solid job or parttime intern. I feel its almost impossible to get a job even with the core certs, getting tougher on myself since it almost feels outdated, is AI Cybersecurity what i should lean into after learning the basics of cybersecurity

im also 25 years old and worked for that same company for 3 years

First off, you’re young which is great…more time to adapt to future in the field! And if you want to stay current with AI cybersecurity, find a textbook or free tools. I’m constantly finding ways to stay current with the subject such as Mythos.

If you can develop a plan that allows you stay in the zone with AI cybersecurity then you’re golden.

Finally, everyone is nervous about AI but that nervousness shouldn’t hinder your or anyone’s growth for the future.

Hi! how much was the CySA+ certification?

'thank you for this

i needed that reassurance

Hello guys
I have a question...
I'm very interested in cyber security especially pen testing but I don't know where to start learning... Is the tryhackme pre security path good for a solid start or i should look somewhere else?

Got alot of pressure with my family and gf atm

I don’t remember. Took it last year. But that certificate shouldn’t be the only. If you haven’t taken the THM’s certificates, go for it. That’s on my list but for now I need to work on my weak areas.

PreSec and CyberSec101 is a great start

That’s call life but don’t let outside pressure dictate your learning and growth

Godspeed, you the man

i think it might be around 500

If you want to take it, go for it. That’s all I can say, but look outside of that area. Personally, I think THM’s certificates are better. They’ll get that recognition soon in the industry.

i see...that's why i feel like try hack me certification should be ok too...it is just no recognize 🙁

👍

hi , im a complete beginner in cybersecurity , I 've started about 2 days ago and currently on cybersecurity 101 , I'm also studying another major as a backup and want to have cybersecuirty as a primary career . Since, im a international student finances are a bit tough for me to pursue this in college , I've made some roadmaps on LLMs that require no/less money as possbile , however im a lilttle unsure about the roadmaps and require adivce from some experienced or Seniors in this field wether im doing it the right way or not .

nothing better than HackTheBox

in terms of challenges -- pretty sure its free

but only completing hackthebox surely wouldn't suffice to gain entry in any junior position role , would it ?

True. And only completing THM rooms will also not suffice to gain entry to a junior role.

You need to do a combination of things. Building skills is important and gaining certs through THM or in industry proves professional awareness that gives a company confidence you can learn and be disciplined in your approach.

The big thing these services allow you to do is network with people and connect to others in industry.

Ultimately I think it takes a mixed approach.

1. Build skills through THM and HTB
2. Gain certs and professional credentials
3. Apply to jobs
4. Network
5. Write about what you do on LinkedIn
6. Get professional experience

It’s difficult because it takes time but the time will pass anyways. I’m in my first job after college and grinding for many years. I use THM to build experience in things I didn’t learn before.

i see, thats the advice i seek ,

So you mean to say , i should always be looking for oppurtunities to grow my skills , but i'm completely cluesless about netowrking with people , Also i've been looking at hack the box and will probably be going with that at the same time considering their wide range of certs

i've also been posting my self-study journey on linkedIn in chances that it may serve as a sometype of cv/resume when i start applying for jobs . However, i have no following or connections of any kind neither i currently posses any knowledge to do so .

what i've been seeing pretty much everywhere with LLMs as welll(if someone's self-learning) is go through these sites like overthewire,THM,HTM is to start building the base skills and keep growing in them while also completing certs and building some type of home-projects to show up for my lack of professional experience in the field

Yea I mean everyone always says get sec+ then do a really hard cert in a security domain of interest

CEH(certified ethical hacker) or something of similar difficulty

Sounds like you’re grinding bro, hell yea 😎 be sure to keep it fun. Easy to get burnt out if you’re aren’t living a little every day

Thank you , started a couple days ago and have been glued to my laptop try to finish the rooms ASAP while also daily activities. . Even so much that i've been kinda getting addicted as the same when im spending time with gamimg..
thank you for your advice

Gave +1 Rep to @upbeat estuary (current: #2415 - 2)

by any chane do you any advice on building network/connections with people in the industry

Just talk to people, everyone is kinda awkward with socializing but it gets easier

Hello chat

no like , should i just start commenting on linkedin posts or what ?

Go to events related to interests and talk to 3 people then go home

It’s generic advice but can’t beat the fundamentals tbh

I’m a newbie into cybersecurity

Worth a shot

got it , i'll start afterwards im confident my skills have developed enough

What matters is conversations that are real, so whatever makes that happen is what you should do.

If comments on LinkedIn lead to that, then it’s worth it.

so we can say , this chat is also building connections right ?

100%

alr , thanks good samaritan

Fs fs, happy grinding I need to sleep 😂😴

alr , ty again , rest well

What if you have social anxiety

Even online when reading your comment from yesterday feels cringe

“The time will pass anyways is peak advice”

hey i want to make connections to some defensive or blue team guys how can i ? my main purpose it to get knowledge about how the job market is and how can i able to handle it and also wanna know what's my current level, i should clear one things i am not a beginner i am a intermediate level

gotta make it work somehow ig

Currently im in talks with the CS team at my company, im a system engineer but trying to move into CS finally. Anybody got experience with OT/ICS CS? Any tips on what to go over or any rooms tailored around OT environments?

Hey, I'm currently in an apprenticeship as a software developer. I'm trying to learn as much as possible at the moment. In the future I want to move more into the Cybersecurity direction. Really cool would be red teaming/penetration testing but that goal feels really really hard to reach atm. I have a little Home setup (win11 pc, raspberry pi running a small home Assistant and some docker containers and Im writing a lot of software in my spare time). I am reading and listening a lot of media about Cybersecurity and try to use my IT knowledge that i gain from the apprenticeship to understand and learn some attacking vectors. Do you guys have some tips what I could do next to maybe gain more practical experience (legal I don't want to get busted). Or do you have experience with the switch from software development to Cybersecurity? Are companies even interested in developers for positions in security? Are there any good certificates or something that could help me after the apprenticeship.
Looking forward to hearing from you.

yo why does Capability Score keep going down from 50% to 33% to 16%

Is it okay that if you have 2 years of part-time experience and graduated this year, you include all your experience (while not mentioning it's part-time) and you don't include the timeframe of your education on your CV, so you don’t look like a recent graduate when applying for mid or senior roles that require 3+ years of experience? Or is that a red flag?

not really recommended ? But a friend of mine had really really good skills to pull of a senior level role, and he did lol

Hello everyone,
I am currently a SOC L2 but my goal is to move into pentesting.
I have a 6 years background of web development with php, JavaScript and python.
I also try to do bug bounty, still with no success, studying and sending some cv’s mainly for remote openings.
Any tips that could improve my chances?
Thank you

People in the industry are here. Search the server for things you're interested in, reply to people's messages. You never know who you'll meet.
With how competitive the job market is, it's a huge advantage to build a network with like minded people. Can't recommend it enough.

i see and defenitly agree with you ,
i've attended a couple job fairs and becuase of my study visa restrictions i cannot work full-time . I wasn't able to network a lot because of the variety of job markets there , however I caught a little grasp of how in-person networking may work .
Right now since I'm building my base skills here ;
Should I just wait until I'm almost confident enough go start trying my luck for professional experience or should I start making connections right now as I go ?

Also i would like to ask , if i start making connections right now ( if thats okay to ask ) ,

how can i keep those connections strong until i started seeking professional experience ?
should I start looking on youtube or any another source of information ?

i've been dedicating about 4-6 hours per day apart from other work,daily activities and other college academics , so im hoping to have learn all of the resources from at least THM and be about midway on certs from HTB within the year . However , i do feel like a may forget a thing or two about small stuff like imap/TLS/POP35 that isn't talked about much in the material , is it normal to forget a little much about small stuff , I have made any kinds of notes or feel like something might be work noting down .

which cert its ur goal atm ?

I would like to do both red-blue team I've been thinking anything and everything related to red-team , i would like to spend a good amount of time with all kinds of material and in-field experience i can get ,and move to blue-team afterwards ;
OR
Try to get certs of both sides while splitting my learning time between the both.

Never too early to start connecting with people in the field. Not sure about your professional experience etc but I wouldn't wait. If you're interested in the field, naturally you'll want to make connections with people and discuss things you're interested in.
I wouldn't put too much pressure on it.
Forgetting a thing or two is fine. Answers are a Google search away.
I'd just find what interests you and dive into it. Take notes, make personal projects, research, complete challenges etc.

I would've started doing everything sooner , however being a international student from a 3rd world country sucks as per finances,
i've been a bit steady on self-finances for now and been able to start THM courses and look forward to gain whatever i can from whatever i can obtain while being in my limits

Tbf you must know a bit of both if you want to do either. Hope that makes sense.
Can't be a blue teamer without understanding how red teamers operate and can't red team without knowing some defensive aspects.

i only have around 3h per day min to dedicate.. im trying focus on PT1.. but im still on beginning, i put in my mind that i need get the minimum knowldge in idk 8 months, im still preparing to SEC1.. a little afraid cz im in transition of carear

got it , i was also thinking of building some projects after i complete the Cyber Security Learning Roadmap , spend some time on building home-projects before starting on to more extensive learning in the field

projects u said development?

yes , think what i meant to say was having extensive knowdelge in both fields , personally i love spending time on computers and see how doing i can modify / know how everything works and stuff.

i hope everything works the best for you , amigo
i've many job fields(low-paying ) in the last 2.5 years ,
Think i kinda relate to you , but for me everything and every job i did was for my survival and college funds .
What carrer field are you in right now ( if you don't mind asking ) ??

at this moment , I'm not sure what i mean by home-projects
but i think stuff like building and managing a home server with a firewall , Making an Pi-based ad blocker

from what i've seen on reddit/yt shorts/instagram

Let's talk

im Support Analyst on a ERP system.. but of a small company.. a little stagnant since i get my degree in Network Administration i stoped in time in this job

good for you , i think you might it a little much easier in networking and stuff as compared to me

Hello, I'm trying to make a resume over here, need some advice, I have 0 work experience
my projects are also not worth mentioning
Can I do something like setting up a vulnerable machine and try breaking it, like DVWA?
is that mentionable?

I am very disappointed in JOB Searching.

I have 6 months of SOC Analyst Intern experience, a Sec+ cert, doing the TRYHACKEME SoC L1 path, finished documenting my learning, and published in the Portfolio website

But still, I didn't get a single opportunity to show my skills in an interview or reply to an email, even though I have done many challenges in CTF on different platforms.

What can I do

How many job listing did you send your resume for? Are you qualified for the jobs you are sent your resume for?

If you sent to a good number, and are qualified and still don't get interviews then there is a problem with your resume. Look for someone to review it for you.

Yeah, I applied to 70+ JOB openings, still I get rejection i losing my full hope i Dont know why its happening. I spent 7 months learning and building my profile

I use AI to create a resume and check score against the JD

The job market is hard, that is true, but if you applied to 70+ listing (that you are qualified for) then you should have had some call backs.

That means your resume is problematic, which make sense, LLM is quite bad at creating resumes.

As I said, get a human to review it. JD doesn't helps as it is the same LLM.

O,kay bro, but i dont where I should go to get a professional review resume for me !!

can i share my resume to you ?

drop it in the chat as a pic but remove all the PII.

You can post it here after removing any personal identifying information

Okay

People can give advice if they feel inclined to.

i was just looking at work visas to go out of the country and i saw alot of cybersecuty and IT jobs, its makeing me consider learning all of this. but i dont think my response will intrest you much

Thanks for your reply! I’ve also seen good demand in cybersecurity. but none company are ready to sponsor visa for entry level role

have u looked on auslandapp, a lot of job postings i saw on it are really desperate

Yeah, thanks, I will try does they sponcer work visa for entry level role

Gave +1 Rep to @dapper sedge (current: #3725 - 1)

yes im very glad i can show you a new opprutinity maybe, but fyi the countrys you will mainly see are sweden switzerland and germany

but i got a question, it has to do with virsus and i think someone has a "honeypot" or whatever on my computer

yes defintely for entry i saw a couple my b i didnt read the whole thing

Question I was thinking of starting cybersecurity as I am done with my college recently. I did cse have basic knowledge which route should I go for? blue teaming or red teaming. I need to get a basic job too first which would be better as entry level. I mean I have did a bit of red teaming not much but a bit and enjoyed it.

If you don't want to dox yourself, I would recommend removing your full name at the top and the LinkedIn and personal website links.

Hi guys, i am writing this quite late considering when i joined this server but i just wasnt confident enough to ask.

I feel and am 60% sure that i have started quite late into cyber.(3rd year of college finished).

I feel like i have barely done anything eyecatching, i have attached pictures of relevent sections in my resume, not showing my name, but i have attached my github, linkedin, my contact number and email id (basic thing to do but mentioning just in case).

I will be honest and say i haven't properly understood every concept i have mentioned in the technical skills. I am completely confused as to how i should proceed in learning them, how i should learn the skills. i have 2-3 months of vacation right now before my 4th year starts ( nothing will happen there tbh, only 1 or 2 classes maybe and exam to be given ). I want to understand the best way i can utilize this time and skill up.
I also dont know what i want to get into, whether its ethical hacking( red team), or blue team, etc

Also i am kind of introverted too, can only speak without hesitation once i have spent enough time with someone ( just enough to know they are ok to talk to). Otherwise, i get nervous a lot, especially during presentations.

Even now i don't know if i have said everything i want to, but i hope someone can guide me properly.

Whatever you do, one page only, and look, we can talk a lot about the content of your resume. But you need to pick which job and job title you want to go for.

Right now it's general, and you'll have a very hard time getting interviews with a general resume. You might have luck, you might have, but it is not recommended.

I would recommend you to look in YouTube for videos about cybersecurity roles and professions. And look at the NIST NICE framework for security personnel. Look at salary tables and decide where you want to go. Look at your local market to be sure there is demand for that job in job title.

Best of luck to you.

I see, thank you so much man. Really appreciate the help. Will follow your recommendation. Also do you have any site or app to follow and check upon cyber hackathons or should i just regularly checkup on linkedin and X ?

Gave +1 Rep to @empty swan (current: #1830 - 3)

I personally don't do hackathons, but you do you

And for sure

I think they meant ctfs

^

Hi everyone,

I’m an aspiring cybersecurity professional currently trying to break into the field. I’ve completed a 6-month internship, earned Security+, and gained hands-on experience through TryHackMe. I also document my learning by publishing write-ups in my portfolio.

However, I’m not getting interview opportunities, and I’d really appreciate some guidance.

If anyone is willing to review my resume and share feedback or suggestions for improvement, it would mean a lot to me.

Thank you in advance for your time and support!

Didn't I review this one today? I think I did, good luck for more opinions in this server

https://tenor.com/view/theres-something-very-familiar-about-all-this-deja-vu-i-feel-like-ive-done-this-before-this-feels-familiar-i-feel-live-ive-been-here-before-gif-16489734

Hi Guys, i am writing because i am new to tech and i want go into cyber security career seriously, i don't any idea on IT, networking and other aspect, i would really all the need, assistance, advice i could get on where to start from the basics, maybe YT tutorial , i really have the desire and passion to be into tech. Thank you.

@lapis spade

Thanks i really appreciate.

Gave +1 Rep to @empty swan (current: #1482 - 4)

Hey everyone, just joined the server. I’m 18 and actively trying to break into cybersecurity. I’ve got my Security+ and Network+, about a year of helpdesk + AWS experience, and I’m starting to work through TryHackMe now. I wanna figure out what actually moves the needle toward a SOC analyst role. Any advice is appreciated.

At 18????? 😭

Yea lol, I went to a really good high school and was able to dual enroll in a cybersecurity program from the start of my junior year to graduation

And I also skipped kindergarten

If you're not studying, just apply for full-time roles as a SOC analyst. Security+ already lays a decent baseline for SOC, if you wanna up your defensive practices from the basics then SOC L2 and Advanced Endpoint Investigations path on THM are decent to learn from. Probably wouldn't recommend SOC L1 path since you might be mostly familiar with the content but worth giving it a go and getting unfamiliar rooms done. 👍🏽

I just stated this in a different channel but the best place to start when learning any of this is to go over the material covered in the CompTIA A+ certification. You don't necessarily have to get the certification but it helps to go over the information because it will give you a foundation to work from when moving toward security-related career paths. Check Professor Messer for a free A+ course, start with this playlist and then try the 220-1202 playlist after you finish it https://www.youtube.com/watch?v=AIfIA7hEgrw&list=PLG49S3nxzAnnes8ZGI-OBlKEukHCX46N8

100% agree with this. I almost soley used this guy for my Security+

hello everyone, I am new here

Career help...
I'm a beginner, I've done cyber 101, participated in a few ctfs. What career path should I pursue that will be relevant in the future because AI adding a lot of uncertainty.

try solving portswigger academy labs

Hello guys

I want to build a career in cyber security and I am currently in my 2nd sem fo B.tech

Could you guys please guide me what should I do in this summer break to start my journey

Like some sort of goal

I'll check it out

I'm doing that, for doing bug hunting

question: i know nothing about cybersec. I also have a tech background should i go for comptia sec+ or pettest+ . My goal is to become a pen tester

Both will serve you good, check what the job listing in your local markets look like. Maybe you will see they are demanding something completely different.

Personally I wouldn't hire a pentest with no defense knowledge/experience, but that is just me.

I think the best possible thing for you to do is to take THMs Pre Security path, then the Cybersecurity 101 path, and then they have made a path of paths (that sounds funny LOL) designed to get you into being a pentester.

Also, if you haven't, getting THM Premium is one of the best things you could do. They have a lot of rooms that are premium only, and the structured way they put out the learning is UNREAL!! It has been probably my second best purchase ever (second only to my amazing laptop 😉)!

All of the learning I just talked about is the AMAZING structure they have put together. If you haven't gone Premium yet, then do it right now. You def will not regret it!

And also look into companies like Cobalt, Synack, and Bishop Fox. These guy hire remote, and offer PTaaS (Penetration Testing as a Service).

thank you both of you

Hi everyone 👋

I’m just starting my journey in cybersecurity and aiming for Red Team / Offensive Security.
Right now, I’m at a beginner level (still building basics like networking, Linux, etc.).

I’ve started exploring platforms like TryHackMe to learn step by step.

I understand that mentoring takes time, but if any experienced person is open to occasional guidance (even small direction or feedback), it would really help me stay on the right path.

Also, if there’s any recommended roadmap or starting priorities, I’d really appreciate it.

Thanks in advance.

I am starting in cybersec as well. My plan is to finish pen tester roadmap on thm and then go for comptia sec+

Thk

I need recommendations on what certifications I should do for high pay, and no job experience (in any field), i say no job experience because according to my research CISSP requires job experience even though that is a very valuable certification

Recommendations with their benefits and drawbacks

Has anyone here taken SANS SEC504? What would you use to study?

https://youtu.be/eiRPXnvgQqw?si=QVt21YKch8wi9gST

Are there any hiring managers in here that could possibly give some guidance to people who already work in a completely different field and could advice people?

Hy everyone

I suggest not approaching it by simply looking at the pay, but whether it is something that you find interesting to pursue.

Also, do keep in mind that certifications, while helpful in getting interviews, are still being looked at conjunction with the experience.

You need to start in it support like everyone

You can’t scape helpdesk or it support

For 1-2 years and then jump to your first cyber role

what if you get a internship ?

yes you can you dont need to go thru that route as always
and you can get internship --> return offer

but many do :D

IDM is top career path trust me bro

I have a question for team leads and managers.

I'm updating my resume and I've switching to LaTex for proper formatting. I see there are two type of folks.

They either add a lot of experience or they go minimal and add less than 5 one-sentence bullet points.

Those who engage in hiring practices, what do you prefer to see? I try to abide by the 7 second rule to make an impression.

Thanks

Gave +1 Rep to @normal burrow (current: #1259 - 5)

Ok

I see

Just applied for my first 2 cyber security jobs. Wish me luck

good luck :)

luck

wish it

it

wish, dont type (and send)

Slm

Hi, I’m 20 based in EU specifically in Poland, aiming for a Helpdesk/IT Support role

Current:

• A+ Core 1 (exam end of April)
• TryHackMe (pre-sec completed + soc l1 40%) + OverTheWire (Bandit lvl 20)
• Building a small Active Directory lab
• Planning SC-900 → Network+

Starting CS studies in October. ~1 year military background.

Question:
What would you prioritize next to land a first IT job fastest? (skills, certs, projects, or job search strategy)

Thanks

i would focus a bit on networking and operating systems

mostly windows stuff since you will most likely get alot of questions regarding that on the helpdesk

i used to work with a company in katowice and warsaw, when you are a bit further along your journey and want to look for something SOC related send me a message i can check if they have positions

HI im coming towards the end of the SAl2 exam but ive really struggled with the VM's. On the following paths on the exam they did not deploy and I did what I could without the vm being deployed. This is very heartbreaking for me.

I struggled with the following :

Phishing Payroll VM (Medium)
Agenda Deception VM (low)

I do not want to start the final Vm named "no flight today" this is because ive had an issue with the vms and sla is about to expire. Please help with this issue as I only have 44 hours left of the exam.

Its taken me so long to do the exam but knowing the fact that im losing marks on the vms not being deployed is very disheartening and killed my morale. Splunk , edr and all the others were able to get deployed but on each vm section it just did not load up and the sla timer was going down.

can you anyone rost my resume

i will send here

thanks, added u

Gave +1 Rep to @dusk wedge (current: #44 - 259)

if u send it, im sure someone can review it

alright can i send right now

you might need to verify to attach embeds

embeds ??

iam trying to send here but i can’t how

yeah files

you need to verify

how to

verify

follow this?

okii

Just start applying. You are qualified enough already, but obviously keep studying

As @normal burrow said, if you've done A+, playing in an AD lab, etc, you’re qualified enough to start applying for Help Desk roles. Definitely keep pushing on Network+. Networking shows up everywhere in troubleshooting (applications, authentication issues, cloud, wifi issues, internet access, printer connectivity, file shares, etc.).

Btw, I run the career village at a local hacker conference and do resume reviews at various other hacker/security conferences. If you are interested in having your resume reviewed I'm happy to do it. Dm me and I'll provide more details (sanitizing the resume so you don't dox yourself, preferred format, etc).

Hey is there anyone that can help me in the journey of the cybersecurity as i am in 2nd year and i want to get internship in summer but i am not getting it can anyone help?

Hi guys, I'm new to cybersecurity and don't know what to do. I'm interested in red teaming, what should I learn and how do I do it? What free or low-cost resources do you recommend?

i would personally start with the a+,network+ and security+, from there you get a job and learn red skills, ejpt,pt1... till you get oscp while working

I've just finished A+, and now I'm studying for Network+. It's really interesting so far!

nice work

thanks I'm having a hard time because English is not my native language.

Gave +1 Rep to @keen mesa (current: #3733 - 1)

how long did studying for a+ took you?

I learned it in 1 or 2 weeks because when I read from English sources, sometimes I understood it and sometimes I didn't.

and u passed both cores?

2 weeks without english is hard

its not really hard just buy the udemy suscription and search for jason dion

"Yes, I've finished the materials for both parts. It was tough, but I used translation tools for the parts I didn't understand. Now I want to focus more on networking."

im learning from exam cram book

but started to think

im overlearning as fuck

for me udemy was the best

i better learn from text

better

i meant did u take the exam and do u have a cert haha

for me was 45 days

"No, I don't have the official certificate yet because it's expensive. I just finished all the study modules and labs on my own. I'm focusing on the knowledge first.

Understood

if u wanna take it

check getcertified4less

i bought my voucher for 190$

and not 265

just have to look consistenly to grab nice promo

Thanks for the tip, Danny! 190$ is much better. I'll definitely check that site when I'm ready for the exam. For now, I'm focusing on Network+ labs. Do you have any favorite tools for network analysis? I'm just starting with Wireshark.

.

yea i used wireshark butnow im focused on passing certs

for now im focusing on getting helpdesk role

so i set aside socl1 path im currently taking on thm

I see, prioritizing certifications for a job makes sense. SOC Level 1 seems interesting too, but foundational stuff first. I'll stick to Network+ for now to build a solid base. Good luck with the helpdesk role, man

thanks, good luck to you too

Gave +1 Rep to @devout lynx (current: #3733 - 1)

Thanks, if you want to talk about something, write. bye bye

Gave +1 Rep to @tight dew (current: #3733 - 1)

This price its for A+?

single core

yup

Its too hard? Level of difficult its like sec1?

it's the most beginner level comptia cert

fundamentals of networking, hardware, virtualization troubleshooting os

hello

and lil bit of security

and the exam consists of 2 cores

(2 exams)

and u have to pay for each one

Ahh ok, so why this is so Global.. its on my path, get A+ and sec+.. but its very expensive

Im waiting to better time

Ahh so something atound 500$ for both

yea

yea kinda sucks

but u dont have to do a+

depending on what are u aiming for

I want to focus on sec1 and after pt1.. . Next year ill for it

everything is change with AI.. imagine what it will be like for those of us in the I.T field... a lot will change in 5 years..

Hello friends

I have one question

Guys mujhe ethical hacker bana h mei abhi class 10 mei hu toh mujhe kiya karna chaye jisse mei eak hacker ban sakhu

google roadmaps for the role you want to get into and follow that

I can't understand the Google

Does having a 2-page resume at 3 years of experience hurt? Or is it just not preferable? I am thinking of putting all the important information in the 1st page, while adding details and more stuff in the 2nd page, purely for AI parsers to think its good. Any thoughts?

does it hurt your chances having 2 pages or is it irrelevant to the HR as long as they get the important info from page 1

Has anyone actually found a job recently???

Most of job postings want senior people with 5 years experience and comprehensive understanding of the NIST SPs and federal policies ….. all I got is CompTIA certs and a home lab

And a Bachelors degree in IT

Ong bro

Senior level experience with the pay of an intern

I'm tryna get a help desk traineeship in Australia, does anyone have any suggestions for where to look? So far I've just been applying on seek and megt. I'm also trying my luck with CyberCX

Does anyone here make up to a $100k monthly and how?
Please I’m genuinely asking.

ye w a 6 month bootcamp U finna be good w yo 100 fig a month🥀🥀

oh that said 100k/month not a year... 🥀

does someone where i can find promotion codes for tryhackme payment?

work in the industry for 30 years straight, and be very very good at your job. And be very lucky

even then in people with that amount of experience don't get paid that amount

unless they are like in the C-suite at a very large company

100k a month is just not reallistic, and why do you even need that amount

100k a year is enough for most people

Literally
Also if you are trash at spending you will always feel poor no matter the fancy salary

absolutely

Updated my resume full of new skills & i can't find a good tech/help desk job thts hiring + my car payment is past due , im so f scared

sending best wishes to u

are u in off sec ?

Hey everyone
I’m GreenBA, working my way into Business Analysis with a background in banking ops and ICT. I’m really curious about how AI and cybersecurity connect with areas like KYC and AML, and I’m hoping to learn, share, and grow with others here. I’d love to find a mentor or team to help me follow a structured path toward my goals. Outside of tech, I enjoy creative problem‑solving and even improvising recipes when I can. Looking forward to connecting with you all.

no, may i still send best wishes? or is this only occupation-related and not a talking channel

yes u can

what are u upto ?

bought me some red grapes to go home and do thm with

what ??

thm -tryhackme

i know what thm 🥲

then wdym by what ?? T^T ?

i bought some red grapes to munch on while i do my rooms :D

ohh i got it

are u interested in bb ?

bb .w. ?

bug bounty 🫠

oo im still quite early in my journey :'3 so no

how long u been in this field ?

likee a month? :3 i had some stuff goin on so i wasnt too focused

Hyy am interested in bug bountey but am a complete beginner

u can focus on networking and linux then web app and server

if u need any help feel free to dm me

month ? means u are new

Accept friend request brother . I will ask when I feel stucked

yess!

are u girl or boy ? and if u need help feel free to dm i will help if i can

oh im alright just stickin around here!

sounds good did i ask somethings🫠 ?

did u ask somethings?

...

gal, sorry i missed it :3

np, how old are u? i think 14 or 15 👀

im 21

lol

are u kidding with me no way u are 21

😶

why is 14-15 ur first guess 😭 ?

because u act like this tho 😓 the way u talk like 14 or 15

i like talking cutesy and with emoticons :3

ohh what do y think about my age ?🙂

uhhhh.... 35 :3

i am younger then u 🥲

how about..... 17

i dont think this conversation suits the channel's point :'3

really first 35 then 17

okay lets be freind

you said younger 😭

maybe, im not very talkative on this field

but i am we can be good friend and i am looking for connections so

yes but not 17 tho 😁

I see numbers so Imma say 22

How is this related to careers?

the career

well if anyone has some cloud/devops role let me know

thats what ive been saying 😭

What is cybersecurity

I want to know

to defense system from blackhat hacker

Ok and did you heard about veilcomm app

Do you know am social apps sells the data.?

noo

Do you know social apps sells your data

hello iam new in this server >>>..

I am also new here

Why you joined

i want to explore and get some friends and guidence in cyber field

Yes u can with me

I m a cybersecurity professional

thats great

But most of the people don't know about cybersecurity

can you guide me i am new i only know about how linux works

What kind of guidance are you looking for in cybersecurity? Most of the information is already available everywhere.

I don’t provide guidance on things that are already available on the internet.

oh!

I am a researcher and solver issues

are you working ?

Yeah i am working

in company ??

I have my own project company

I am working on social apps control

oh wow best of luck for your project !!

Thanks 😊 and you where you from

Gave +1 Rep to @obtuse prism (current: #3738 - 1)

You can try my project

thank you for approching but i am not intrested sorry

just a query but why ask what it is if you are a professional?

About what you want qury.

I didn't ask anything here

but u asked

About what can you clear this i will tell you then

nevermind

she meant you asked what is cybersecurity, why ask it if you are a professional working researcher

and that too in TRYHACKME server

I ask questions to get clarity. I can explore anything but most of the information already available online feels buried and lacks real value.

Yes I am researcher i am a solver

I asked that just to see what people here know about cybersecurity but the responses were the same generic internet level answers.

the shortest answer would be the act of securing the cyber space

that cyber space can be of a group a nation or an individual

Exactly so what things need to be secured in today’s time? Can you tell me?

Probably data

From what?

hello. can i get a few suggestions about coursework to start a career in cyber security?

getting into wrong hands

Which wrong hands? Can you explain?

You know what I can read your mind

But I would like to hear from you

Okay

It protects data from unauthorized people accessing it, attacks, theft, damage, and disruption.

Those are the wrong hands

Noo

That's why people don't know cybersecurity

WOW

That's my knowledge on it

Can you share yours

Sure

I won’t explain deeply but I’ll give you a hint you need to think about protection where you are giving your own data and information.

Okay

Waiting

Waiting for what? For those same people you’re giving your data to to tell you about it? Is that what you’re waiting for?

Just reread your text

Understand now

I have mission to stop all this systeam

To use their apps, they'll need your login info(e-mail, DOB, phone number,

Good

This is real cybersecurity

They want you to control

??

Sure

They’ve just blamed hackers but in reality your data is being taken through the apps you use.

You have to protect your data from developer

How

Maybe not giving them your real info

Just faking everything

Yeah its batter to delete it

If you can't then I have other option

Delete??

How?

What's that

The first step is to use tools and apps that give you full control over your data.

Like veilcomm app learn about it

Its a killer for these apps

Social apps

On playstore

Does it cover all social media apps

Please remember that THM certs are not industry recognized (aka you won't get hired from them) but THM is a solid recognized learning tool. if you are looking for industry standard employable, a mix of "hands-on" learning that THM supplies, Security + CompTIA. Unfortunately it is not cheap, but that is the IT industry. If you are really serious about working in IT, a Bachelor of Computer Science, at a recognized University 4 years. Again cost is the problem

Yes its covers all apps server side protection

Yes

Lmao

everyones , be it a company data or be it yours, ,, you gotta protect yours from other companies and companies gotta proctect from red ppl and so on

Yes exactly it’s about data but not protecting it from hackers. It’s about protecting it from the platforms we ourselves willingly give it to.

What you’re taught about cybersecurity on the internet is mainly about hackers that’s their domain. Your real problem isn’t that. The real issue is the data you’re giving away blindly.

yeah thats what i said,, you protecting yourself from the giant companies

its the companies that needs protection from hackers

unless you are a high profile member of society

I told you hacker is not main reason

yeah its the companies that takes your data

Yeah but which company

i am on insta then surely meta, and the 3rd party sellers that meta has business deals with
i am on discord so ofc the discord and their 3rd party guy who will buy this data of me to sell to advertisers

Good thats the real thing which you have to think and stop doing this again

That's what the real issue

How will you protect

as long as you are using FOSS apps and softwares, homelab for many hosting solutions and at somewhat degoogled phones you are goood

and a vpn ofc

surely you cant avoid it if you are a functioning member of society and dont wear a tin foil hat

you can control some level of privacy so you are not stupidetly giving away everything but you cant achieve 100% privacy unless you go tin foil hat level

you wanna use bank and banking apps and cashless stuff, you need those apps and they need security checks and they need google for that so you need google for that

you can degoogle at some level but some apps wont work at all

you can use vpn to mask your stuff from your isp but then your vpn provider has data

yeah right even i use custom rom still need google and its no 100% privacy

you can use aws to host your vpn but now amazon has your network traffic

me too and paytm just doesn't work

yeah same here which rom u use ?

and even if you escape software level, hardware is waiting for you

intel amd and all SOCs almost all of them has their own rootkit level stuff embedded hardware level

its a port of oneui8 from samsung s23fe for my phone model samsung a51 since its support died 4yr back and i like oneui

ohh is this aviable for redmi 10A ?

no i dont think so

okay

Look not everyone can manage hosting or VPS and you can’t host your data everywhere. For example you’re using Discord right now your data can be read there. That’s not real protection. What’s the point of hosting data at home when people are already using social apps?
Banking apps don’t share your financial data with Google. They use Google services mainly for device verification security checks and app integrity not for accessing user banking information.

yeah exactly
yeah what i am implying is you cant escape google even if you give up on social life and remove whatsapp insta discord anything

if you are using a app that is not from open source community and it is connecting to internet, high chance they got your data

But government banks don’t necessarily depend on Google they don’t require Google for their systems.

I dont know what kind of bank is that which needs google

they do use google for device integrity check

ofc you aint making a banking account by logging in from google

I dont think soo I dont have bank like this

can you install your banking app on a fully degoogled or rooted app

Offcure my real missing is to stop social apps

Not bank apps

how will you stop social apps??

I can because its my work

so like how?

The main problem is the social apps we use every day. They are collecting data like mosquitoes and we think that just learning cybersecurity means our data is controlled but that’s not true. The real mistake people are making is using social apps. The real data stealers are apps like WhatsApp, Facebook, Discord, etc which are linked to servers. That’s what needs to be controlled.

There are many thing you can delete them simple

If you can't then try to use tools like VeilComm they alredy on this mission

Tell them what you want and what you don’t want you can even ask them.

We have to stop using these apps social apps

thats the thing

1. we cant tell ppl to uninstall
2. its very hard for people to switch from these apps

whatsapp is like the WORD for messaging, i cant make them switch from whatsapp to signal so i gotta use whatsapp now

it will talke a maas level of awareness to change it

I think veilcomm can't force you for other app its alredy offline

Try to learn about it

well i suggest dont share any private data on this apps

if u wanna discuss importance topic then do it face to face offline

On social apps.?

yeah

i was in a long distance relationship and so yeah i just couldnt and it was not just me and her but the instagram algorithm who also enjoyed our moments

Yeah but what will you do if face to face not possible

Good

well i am single so i cant understand your pain dude XD

They are watching 👀

Veilcomm solve this issue perfectly i think0

We have to find out tools like this

what is veilcomm ??

somewhere on the hdd of insta/telegram and whatsapp also sometimes has the data that tells exactly how much in inches i pack soo yeah it was tooo late

Its a app on plystore

and what it does ?\

i could setup some p2p stuff but surely heat of the moment >> setting up p2p server

Search and learn about it i just used and I like this tool

VeilComm protects people’s conversations from server access when they use social apps.

They work with social apps with your favourite apps

Which you can't delete

ohh okay thanks

Gave +1 Rep to @lament dune (current: #3738 - 1)

I like them and their projects

yeah well today is such a boring day u know ?

But for new people this can be hard little bit

Noo

Not for me

Stay happy

what are u doing ?

I am working on nanotech with security

N=1 here, got hired as a pentester by an MSSP 3yrs ago with THM certs, know 5 others personally that got in without all that too. Just saying, I know it's not the norm but it is possible. I certainly don't have any magic answers but always push back on absolutes when i read them🙂

nice

Thnks

u ever try bug bounty ?

Yesh

share some knowledge bro

Can you clarify what exactly you want to know about it?
I will share it

anything u think u need to know for bug bounty

I think beginners should start with web security first then move into APIs and servers and mobile security step by step.

well dude i am not beginer tell me about explotation i am weak at this

Let’s narrow it down 👍 what part of exploitation do you feel weak in exactly.?

i am good at finding stuff like api routmap keys etc but when its come to check for vuln i dont do it and i go to ai then so what ai said then brun out but now a days i focus on understand and notice behave of system

Don’t rush 👍 focus on system flow API behavior and then think what can go wrong. That’s the fastest way to improve naturally.

You have to select one for you network aysteam, hardware systeam, software systeam.

okay, what i have to select ?

Go with software systems first web apps and APIs. After you get comfortable you can explore network and hardware systems.

ohh thanks buddy

Gave +1 Rep to @lament dune (current: #2432 - 2)

No issue I am here to help you and you should try to be the best in cybersecurity. Also secure yourself. My personal advice is for you they have your vulnerabilities try to fix it first

You are vulnerable

how ?

As I told you in my previous discussion my brothrr

ohh about social i got it

Yes yo0u have t0o0 show them that thay are not smarter then you