#cyber-and-careers

France 🇫🇷

big advice ty, I don't want to be the best just work for an ethic that correspond with me (I don't want to just break security of company and go to bed), but I keep it in mind and continue to search school, but if I didn't found one good I think I will keep time to improve my skills 👍

In 24x7x365 SOC jobs, how much do you actually work weekends/odd hours?

i worked 4x12hour day shifts, 4 days break, 4x12hour night shifts, repeat

Depends on the SOC manager and what they think is reasonable for shift rotation and scheduling.

Hmmm okay. Thanks guys. I have an interview but idk about the 24x7x365.

I agree with this. It's going to be heavily dependant on who is doing the scheduling, the SOC culture, and also the org culture. The new guy may be given shitty shifts and also have to work on the bigger holidays.

Can someone tell me how can I start hacking on Windows?

It can be done, Google is your friend. However, it would probably be beneficial for you to start with a Linux vm over trying to mess with windows when you're learning.

Any chance it'll resemble anything close to typical 9-5 M-F?

two 'easy' paths:

1. #start-here and use the THM provided attackbox in the cloud.
2. Install a hypervisor and run Kali in a VM, then do the #start-here paths

Probably not. Does it give shifts on the job listing?

Example would be if you go to a Northrup Grumman posting and it will tell you what shift the job is

for a 24 hour SOC? not until you reach sr engineer and don't have to be on the 24 hour rotation

As the new guy, expect to get shifts nobody wants

a 'fair' manager rotates everyone through 3rd shift. Don't count on not doing it or not being stuck on it if someone quits. Minimal coverage is just that.

Also true and why I mentioned culture earlier

I gotcha. Thanks for the insight Moose and juun!

do yall think i should save up for a bit and get ejpt (im only a teenager)
i know i can pass
i just dont have the money or the tools
I'm on a chromebook and my family is struggling to pay house bills and we have a rusted broken 2001 toyota so i dont want to waste 200 dollars if its worth nothing

Personally, I wouldn't

I forget if it expires, I think it does? Anyways, if it does, you'd likely be out of the useful window

if you don't have any other certs, net+ and/or sec+ are a much better start to an IT career

but don't worry about getting any certs until you are able to work full time

The material is free

It doesn't expire

if you are a minor, your focus should be to finish high school

Good to know

Is this also applicable generally?

I am planning to study for cert during college but if a security+ would be a better option then I will focus more for that

Can anyone tell me what is net+ and sec+

Certifications provided by CompTIA, here is a link 🙂 - https://www.comptia.org/certifications

Any ideas how should I start Career in cyber security?

Like coding first or linux first or hacking?

I'd recommend TryHackMe. As for 'coding, linux or hacking' - You can kind of learn them all in a streamlined way with THM. Above and beyond that, the CompTIA Security+ and CySA+ can help secure employment. Depends on your country.
Start with here:
https://tryhackme.com/room/jrsecanalystintrouxo
As well as the link above.

I m currently spending time on PicoCTF is it good?

Hey Guys, I'm going into Uni in the next coming year or two and am located in Aus, does anyone on here have a gauge as to where the best cyber-sec specialists are coming out of in Australia (Uni-wise)? I am open to any and all locations so if you know anything, it'd be greatly appreciated if you dropped it in a thread or reply. Thanks.

hey everyone, I just had a really quick question, and thought I would hear some peoples opinions. So I am currently a gr 12 high school student in Canada , and I want to pursue ethical hacking and cyber security. I applied to a ton of CS programs, but I also applied to an Information Technology program. I got a few acceptances back, and one of them was the IT program. What do you guys think would be better for pursuing ethical hacking and cyber security?

one thing I should also mention, the CS programs are through universities, and the IT program is through a college (it is a degree program however, you finish with a bachelors of information technologies).

when I look at the courses, I feel like the IT program will relate wayy more than the cs programs (when your are learning about data strucs and algs in the cs program, the IT program will learn about network configurations, and secure programming practices etcetc)

but then again, I dont know how employers will look at the IT program, as it is considered easier then doing CS

I asked this in general yesterday but I thought I would ask it here for a few other opinions

IMO IT relates way more to cybersecurity. Knowing how to program and how code works is immensely beneficial but much of what you SHOULD know sits more in the IT side

That said.. back when I went to college/university, there were no cybersecurity programs and only IT or CS. These days there are more cybersecurity focused programs. Reach out and see what you find

If you can find a side that gives you a double major or minor or certificate of completion that’s also resume food

Around me there is only a computer security course that I can do. I applied to it, but the thing is, the school has a very bad reptutation for STEM programs...So i dont rlly know if thats a good thing to do

As of right now, I am honestly leaning a little more toward the IT program

If school opportunities are low.. think about what you can get out of it even if school reputation is low. For cybersecurity it is very fortunate that currently your abilities and not a paper degree is important. Gather knowledge for certification exams that prove what you know vs college prestige. Remote opportunities also possible maybe?

yeaaa, I applied to some internships

I was just in a meeting that talked about what I learned through a certification course compared to a masters degree in cybersecurity (someone going for it) and they were highly disappointed they weren’t learning what the cert courses were teaching

Im only in grade 12 so most of the employers tell me to re apply when I am in uni or college cause I have really good skills

oh really?

thats so interesting

im still in gr 12 so I have a lot to learn still

To be fair I took SANS courses

I did a co op last yaer for cs/ethical hacking and I also did one this year for cs

so employers love it

even got a job offer for the summer at the cs place this year

wasnt really hacking tho....mostly arduino and microcontroller programming

the one I did last year was sm fun, it was at an actual cyber security company

Yeah 🙂 cybersecurity degrees are a very new thing. They don’t seem super high demand on job listings yet.. they’re mostly looking for certification

yeaaa fsfs

I love programming so I’m coming from that side of the two fields

experience in IT is also wayyyyyy more important than education

same with me, I still find programming interesting

u working in cyber sec rn?

No but I’m on the job hunt.

ohh interesting

graduated?

Just finished my certifications. And people who were in the same classes as me, same level, they’re already getting jobs

ouuuuu

whats certs did u do?

Yeah but no diploma, only certs

im thinking of doing the ejpt this summer

ohh icic

so no school after high school?

GSEC, GCIH, and GWAPT

interesting interestingggg

i was in the library and looking at some of the comtia A+ and security+ guides, and I hoinestly think I can do it if I put in some work

Someone also just got put in a senior role with no real work experience but the knowledge of certs. She’s kinda like holy cow. But they believe she’s ready. I hope I can be as lucky

yeaaa

ig its not only ab education, its ab work ethic too

especially in this field

Business is definitely something about everything… just when you think you don’t have to help customers, even your coworkers are customers you have to satisfy @_@

haha yeaaaa

I acc had a full time job last summer too

wasnt for STEM

i was a production assistant

Ooo nice!

It really opened my eyes to how education isnt as important as I thought

like yes it still creates opportunities

but its not only about that

A paper* you mean :3

haha yea

the operations manager there (my bosses boss)

he was making ab 170k

I think the best thing is to know your barrier to entry.

had engineers and everything working for him

even PHD's

Some work places expect you to at least have a bachelors in anything

and he has a college diploma in something not even related at all

it was for like network engineering or sum

yeaaa fs, I still plan on getting a bachelors in IT or CS

It’ll change just fyi.. likely they’re going to start changing job requirements you’ll see out there and require more specific degrees vs certs… it’s a little how the world works :/

yeaa fsfs its expected

Degrees open the field if you don't have experience. Cyber Security isn't an entry level area. If you don't have a degree, you're going to have to compensate with experience in an area like IT

so do u think CS or IT will be a better degree field? (for me wanting to work in cyber sec/ethical hacking)

Degrees definitely open the field. It is a barrier to entry 🙂 it shows you know how to study and learn too. It does a lot. Also it helps get you past HR

yeaa fsfs

CS is a good degree as it's broad and gives you a base understanding of the theory behind computing

wait want me to send u guys the IT program I got accepted to...cause to me the courses you will take relates wayyyyy more to cyber sec

I don't have a CS degree so I can't speak more to it

do you have a degree?

I have a bachelors of science in Computer Security and Information Assurance

interestinggggg

That’s awesome

https://www.centennialcollege.ca/programs-courses/full-time/bachelor-of-information-technology/

this was the it program I was thinking ab

After I got my degrees they just opened a program for cyber security at my university.. was kinda upset lol

awww unluckyyy

You have to be careful with Computer Security degrees

They are very hit or miss

the closest I have to a cyber security degree is a computer security program....from a school with a really bad reputation in stem

Totally agree. I just wanted to go to a place near home

They were accredited for X years by US gov or something.. I don’t really know if that makes it better..

Mine was too

It's just another list

wait so are u working in cyber sec rn?

We were going back and forth with UTSA for number one NSA center of excellence

Yes, I'm a Cyber Security Engineer

ouuuu cool cool

do u think websites like tryhackme will acc help u in the workforce?

also general question if you dont mind me asking...what does your general workday look like?

I’m bad at advice on this cause I don’t wanna get you in a rough spot. But if I see a class some place is teaching that seems like I’ll learn something I’ll gladly pay for it if I have the money. You also can think about roughing out your core classes and still look for opportunities

Sites like THM are good fun and can be used to extend your knowledge. They are not professional experience though

yeaa I get what you mean

would you say the skills learned on thm picoCTF, hackthebox and other sites are acc useful in the field?

SORRY IF IM ASKING TM QUESTIONS BTW

Basically how I see it. I want that hands on experience :/ I know the diff between learning accounting in the classroom and actually doing it for companies.. pretty sure the same goes for so many class related things

do you guys want to hop into a vc? this convo is acc really interesting

0700: get in the lab and get setup for the workday
0800: start answering emails
0900: start on the days taskings
1500: leave

Taskings are updating documents, troubleshooting software, planning infrastructure upgrades, facilitating infrastructure upgrades, etc

I’m actually at work :p uh.. waiting for people to get back to me

interestinggggg

do u ever have to perform pentests or anything like that?

oh haha npnp

I've only done a little THM. The most I've learned has been on the job first and foremost, my internship, and my homelab in that order

Looks like work is giving a pizza party Friday woo

u ever get any certs?

ayeeee

I have Security+

ohhhh, I was reading the study guide for that one once for fun

do u think its a good cert to start out with?

I have zero security work experience. Maybe the most I have is systems upgrade and coordination

I would like to think I have ok business skills.. but 🤷‍♀️

Yes, it's a good way to show you're committed to cyber security and its often a requirement for base level cyber positions, especially in government

I think it’s a good cert to start with too 🙂

I dont really have any professional experience at all....closest is my co op last year...I made client educational videos recreating attacks and stuff like thaat

intrestinggg

Just like A+ tells everyone you know what a computer is

haha yea

Ok I’m just kidding lol but yeah :3 it’s a great start

Im just tryna get through school rn :(

acc have a business proj im procrastinating rn LMAO

School comes first

yeaaa....just a pain sometimesss

I fell like they make genuinly intresting topics dull and boring

Endurance. Having the ability to get through the boring and come out with it is a skill tbh…

Topics generally have to be presented across a wide range of knowledge levels and learners

Which is why it may come off as easy or boring

Having met a lot of people and trained a lot of people… I can tell who doesn’t want to do the work :/

@haughty lintel just a heads up, random friend requests are against rule 1. I also don't accept requests from people who I do not know

ohh im soryy

can someone suggest a usable cyber security certificate thath is helpful for starting carier at his field

I believe what you're looking for is a certification. Certificates merely state that you have completed the material, nothing more. Certifications verify that you have completed the material and certify the results to other organizations. Certificates can be put in an extracurricular section at the bottom of your resume while certifications can go near the top in a certification section.

It's also important to know that without a degree you're likely going to need experience in order to break into cyber security. It's not an entry level field generally.

has anyone in here had a interview for a reverse engineering/malware analysis position before? what do they normally do in the interview? or is it the same as other kinds of tech interviews?

Well, i started with thm about 5 months ago. Learned how to use the most important tools, networking and nothing more. I have problem with boxes. Have you some advice what should i do now?

totally up to the company. some may send you binaries to reverse engineer and report vulnerabilities.

I would expect technical questions at the very minimum that an RE/MA should know. I know a few people who have been interviewers and they said although they don't provide samples, they do ask detailed technical questions

So so far I've only "moved up" in the process with one company interviewing for what seems to be a UI/UX internship. I apply in bursts daily so I didn't look close enough to see that this job isn't really programming. I saw that they wanted someone w/ Java, C/C++ or web language experience, but I feel like that's going to end up being a small portion of my internship. My goal was to get an IT/SE internship (been applying for help desk too), but when the hiring manager asked me if I was still interested, I said "i'm open to this experience" because this is the farthest I've gotten with any company.

I know something is better than nothing, but I'm guessing this role wouldn't be much of a boost to me resume

@flat sedge We've begun diving into Parallel Computing in school (doubt you remember, I'm in my final year of a Computer Engineering degree with a focus on Cybersecurity and I've been working as a Cybersecurity Engineer since October). It feels like everything I have learned up to this point has finally come together and I'm "getting it", this was realized while discussing distributed memory architectures with a friend and everyone around us staring at us like we're aliens.

That said, I am leaning more towards Practical Computer Science as Theory is very...mathy. Problem, I do not know where to look for roles in the field. Are they primarily in Universities and large tech companies like Intel? Can you recommend some roles I should be on the lookout for as a graduate? If you made it through all of that, know that I appreciate you as always!

"Practical Computer Science" usually rolls into software engineering. The better you get at the math parts, the more options are open to you. Security implementation requires a lot of background math to understand, and I cannot emphasize enough how important graph theory is to understand, longer term.

Okay, that makes sense. My view on it was a little warped apparently. I definitely enjoy the math in everything we're doing, until we get to the "quantum algorithms" and theoretical level. It's not that it's beyond me, I just don't get excited honestly.

So, I need to pivot into Software Engineering then. If my ultimate goal is to get into the security side of the house, is DevOps the place to look? I have had a few recruiters offer to talk to me about application and infrastructure jobs. Oh, and thank you for getting back to me, I really appreciate it. My school's resources are, uh, inadequate. I've added Graph Theory to the self-study planner.

Gave +1 Rep to @flat sedge

Quantum anything in production is decades away from being a reality - it's been "5 years out" for close to a decade, so don't expect that to happen any time soon.

IMO devops is buzzwordy business stuff. DevOps is more about automation than it is CompSci. If you want to do devops, start with something like minikube or minishift and start building a local CI/CD pipeline to deploy a dynamic webserver. Self hosted gitlab (gogs would be my choice) is a great way to put your whole pipeline into your lab.

Also getting a handle on tools like SonarQube and StackRox is important to understanding how to include security practices into CI/CD strategies.

That is an awesome idea, noted. I agree with "buzzwordy", I just don't know what else to call it lol.

So my very rough plan then is -> Application and Infrastructure Testing because I can leverage my current position and my degree -> from there continue focusing on the math bits and becoming a better Software Engineer.

Need to get rolling on some projects, especially the one you mentioned above as it will not only improve upon what I already know but I can also use it as proof of knowledge in interviews. Would making contributions to open source projects be a good idea, as well? Python and the like? Or would that be biting off a little more than I should be chewing?

All of that - having a portfolio (especially without a work history) can be a huge boost. Having upstream contributions to open source also makes you a better candidate to opensource companies - like Rancher, Red Hat, and SuSE.

Awesome. For some reason I actually did not consider looking at companies like Red Hat. Time for some LinkedIn stalking. Again, you have no idea how much I appreciate you sharing your thoughts with me. Thank you juun!

Gave +1 Rep to @flat sedge

You welcome

@cosmic ingot @pseudo creek oh that helps a lot thank you for the answers 🙂

Gave +1 Rep to @cosmic ingot

thank you for the answer it helps a lot 🙂 (so u get the +1 reputation)

I'm not sure the problem with devops is that it's a buzzwordy trendy fad, IMO the issue is that it's not exactly a specialization that you should study for and target in job search, etc. It's like studying and applying to be on the "purple team". There isn't really one to be on and there isn't (supposed to be) a "devops" team, devops exists in the form of the methods/procedures used to create harmonious operation between "dev" and "ops"

So there's (should) really either "learn operations/sysadmin and take into account stuff to make build processes go smoothly" or "learn dev and take into account infrastructure stuff" I guess

IaC is what we use (Infrastructure as Code) for that. It is a challenge for many people to figure out, how do you build, deploy, iterate, etc infrastructure. It is definitely a skill we need

Well, much like "agile", even though it is ostensibly a method by which to do a job, people still manage to hire people for "devops" in and of itself, so like 🤷‍♂️ don't let me discourage anyone aspiring to be a dev-op lol

we consider them full stack engineers and devops being one of many skills

Are work from home jobs disappearing now that the government basically said covid is over?

is that what you've seen on your searches?

Not so much.
WFH or hybrid working is a factor people are looking for, so it's a factor employers need to take into account if they want to recruit effectively

Not sure what other countries have said covid is over aside from the UK, but UK wise people are still wanting WFH. Prices outside cities are going up because people are WFHing

I was just thinking about applying for WFH jobs and didn't know if they were disappearing or not, just wanted to see other people's experience with it

If you're still finding them, apply for them

With gas prices increasing I think it's going to be a factor in keep people WFH

I kinda thought they were because 2 people I know have to go back to an office but I know 2 people isn't a way to gauge everything

We were told we have to go back

My car is breaking down every week and seeing the cost of filling up my tank go up by $5-$10 every week is really making me want to WFH, plus some crackhead stole a package I had delivered so being able to just get my packages when they arrive seems nice

Have a maximum percentage you're allowed to WFH

I'll probably never have the luxury of a wfh lifestyle, but I made sure to buy a home where it's pretty easy to get where I'll need to be if I ever ditch my car

Yeah i have 100 miles round trip for work because it's in the boonies

at least ya get more house per dollar that way

No, I live in population

Work is in the boonies lol

ah weird 😄

work doesn't have a shuttle or something for you?

You think USG would do things that make sense?

be the change!

seriously though is there no one that you can petition?

What am I going to petition?

I'm in the US, before Covid, I worked from home full time. It really depends on what companies will do but especially in the US, companies are hurting for employees and more and more employees are demanding more flexible schedules / work situations

i dunno a congressman or something

"your concern has been noted and will be brought up to the relevant authorities"

Tldr, go away

I just googled it and there's even 3 letter agencies with shuttles from marc stations

DISA employees, thousands of whom will have their jobs moved from northern Virginia, have expressed concern at past DISA meetings over transportation to the installation from the MARC line and Washington Metropolitan Area Transit Authority's Metrorail, said Bill McAlpin, chief of manpower and personnel system support at DISA.

I can't reveal more but not applicable

welp, hopefully the pay makes up for the drive 😄

LinkedIn:
Jobs in United States: 6,845,113
Filter to remote only: 802,939
Filter to Easy Apply: 106,092
Filter to FT/PT/contract (exclude temp, volunteer, intern): 104,998
Filter to entry, associate, mid-senior (exclude director, exec, intern): 91,260
Filter to salary $40K+ (lowest option) (i.e. there is a salary posted on the job listing): 34,358

Still more than I can ever sift through

hi guys , i need a feed back, I was planning on security+ and pentest+ i have vouchers right now that expires in August, but, cybersecurity is not an entrylevel to me because I do not have enough creditable IT experiences on resume. I am in middle of changing careers working in non skill labor in warehouse that banned devices, I hate that since I must use devices to have access to keep learning IT stuff everyday. Im looking for to start somewhere around $45k+ a year working in IT jobs. I was going for OSCP but I think I gotta get in blue team first, before going red. any feedback with this huge cybersecurity skill gap?

Get Security+ still

I know I always say it's not an entry level field but having something is better than nothing

You can keep the cert alive by continuing education credits and earning additional certifications

okay

I'd continue with the cert, specifically Security+ as pentest+ can wait, and then transition jobs if you can in order to gain experience

Doesn't necessarily have to be IT but it's a common starting place

it looks like sec+ only for government jobs right? im not good at getting clearances

No its not only for government

depends if i get lucky, i just found blueteam labs recently today so I can look around and see if I pick anything in blue team and work my way up since there are many blue team jobs available

https://cyberdefenders.org/blueteam-ctf-challenges/

"blue team" generally is IT in most cases afaik

Or IT in some capacity. If it's a larger department it would likely be filled with higer experience positions

Junior systems administrator, helpdesk level 1, etc is likely what you'd start at

i know.. i gotta start somewhere instead of stuck in warehouse a non skilled labor with no access in devices that block my learning experiences

Well i kind of agree with them and so will any job you go to

Learning is done on your own time, not company time

"B-B-But Moose! What about burnout?!" says everyone pursuing this for money instead of passion.

Lol I do wanna learn on company s time that I have passion and the money will follow

Learning from the job you're being paid to do is fine, that's experience. Doing your own learning on a company's time is kind of a shitty thing to do

Don't really care if the job is shit or whatever. They are paying you to do something and you aren't.

If i was a hiring manager, I would have reservations about hiring the person of they admitted to that

It depends on the job itself, I do learn,reading if I have extra time when the work gets slow

Unless given explicit permission, then you shouldn't do it

yes I do communicate , for security reasons, some people can just research and downloading stuff that they were not surposed to.

or surfing on the internet attracts hackers, trackers and such which is not good for the company

https://media-exp1.licdn.com/dms/image/C4D22AQHwq0YP7LJ8hQ/feedshare-shrink_800/0/1645190695929?e=1649289600&v=beta&t=mwJ3iQOr8gfhb_0BrN7-7Y-DCPVFwhzYj6esAW9N970

'threat intelligence gathering'

depends on the role, yes, I do like threat hunting

what about threat defensive intelligence? 🙂

what tryhackme path prepares you for the oscp exam?

None of the paths are OSCP specific. You should be able to complete medium to hard rooms on your own without walkthroughs or any other external assistance. Using the study materials created by Offensive Security is the best way to prepare for the exam.

Hello friends, is any one working as pentester ?

Hello everyone. Is it ok that i can hack medium and hard room with looking walkthroughs sometimes. Cauese i don't have experience. I started to learn a month ago. And it's ok that i sometimes looking walkthroughs?

If you are learning and understanding what you're doing then yes.
Your goal should be learning and understanding. Learn and understand how the attacks work.

Hi Guys , i am new learner in Cybersecurity , i had learnt osint in brief , i know most of the topics of ethical hacking and have some knowledge of bug Bounty , i know python and will learn c++ soon .

Now the main point is i want some really good certificate which i can post on my linked and which really have some value .
I know their exists CCNA , CEH , ETC . I can't afford the fees of these certification exams , so can anyone give a little brief of some certification exams realated to cybersecurity which are free . If they are beginners friendly that's great but if not then i will prepare for that . But plz suggest some good certification exams.

What is your budget ? I hear good thinks about CompTIA Security+ and Pentest + if you re on student bedget.

Not to mention THM (TryHackMe) courses are free too 🙂

I applied for a job a couple months ago and the recruiter reached out to me to schedule an interview. The link for the job description is no longer on their site. Would it be inappropriate to ask the recruiter for the job description?

Not at all, it helps to have a copy and they certainly should be open to it. You should also ask if the position has been filled and if any similar ones are available.

Okay perfect, thanks! They're wanting to interview me for the role so I'd hope it isn't filled yet!

Gave +1 Rep to @rugged delta

Fortinet

Unfortunately, most certifications aren't free and you may need to save a little bit in order to invest in yourself. Sec+ doesn't have too bad of an exam fee, students get discounts. On the topic of Fortinet, that is vendor specific and I don't think ive heard of anyone breaking in to Cyber with it. You're going to need some professional experience as Cyber Security isn't an entry level profession generally and it sounds like you're going for more of a red team which is even more niche. Degrees can cut some of the red tape but not all. IT is a common starting point for Security professionals. In regards to bug bounties, I don't recommend them unless you're doing them for fun and shouldn't be relied upon for stable income. The only way they will provide anything of value is if you are the one to release a CVE, which is rare. In short, it sounds like you need to do some thinking, come up with an actionable plan, and execute on the plan.

👍

One good way to get some free learning in is to join TryHackMe.com. Lots of free rooms Nad learning paths. You can go to #start-here to learn more.

Please reach out to me at bkeath@rapidascent.io if your interested

Please talk to @undone shore if you are actively recruiting - IIRC there is a dedicated #jobs-board specifically for this posts.

Posting a small text file also isn't sus lol

Will do!

It did it automatically when I posted in the job description, too much text lol

How does one know when they are ready for entry level cyber security work?

better yet, when does an employer believe an individual is ready? On Indeed there are over 65k jobs available. Im sure that will dry up at some point.

Im currently having a professional resume built for Help Desk work, which Ive done in the past. But I desire to move onto bigger better things

Apply

Applying for multiple jobs is a good barometer to see where you stand sometimes. If you continually get no responses you A) have to change how you're applying or B) you're not meeting the minimum criteria in the minds of the companies

sure but im having a resume suitable for a Help Desk Job because I have no IT certs

But I have completed some modules on THM and HTB. Not that it equates to much yet

You'll need certs

Sure which do I need first and foremost

Sec+ at the minimum

what after Security plus?

How many years of IT?

one year of schooling, one year help desk

and about 3-6 months working on cyber platforms

After really depends on what career trajectory you want to take

You may need more experience

That much I am sure of

so help desk is a good place to start again than

Since you're in IT, it may be possible to get your employer to pay for CCNA or other "IT" certifications

Realistically you're going to want to move a couple steps up in the help desk ladder

Assuming you're T1

I did IT years ago

Asurion Premier support solutions as a contracted verizon tech coach. But left in 2014

Im trying to make a comeback and I did a year at an IT school from 2012 to 2013

sporadic at best, but Im determined to land a Help Desk Job from home in order to build up more experience

Wait, so you aren't currently working helpdesk?

no, I said I am working on a resume to land one

Well Hired a professional to write one for me.

I was going to ask if you think I should do Sec + online or a testing center

@midnight monolith Do you mean studying for the exam or taking the exam?

both is a good answer

sec+ is pretty 'easy' cert. either is fine; if you can set up an isolated workstation to do the proctored exam at home, that cuts out a lot of the waiting and time spent on commute and sign in wait times

do employers know the difference between one done at a testing site and one test taken at home?

that wouldn't matter

the exam is proctored either way

most in-person testing sites use the same proctoring and monitoring as the online version

You might feel more relaxed at home. But I've taken my exams at a testing site

I like testing sites because I don't have to bend over backwards to make the apartment acceptable

Sounds like a particular setup would be invasive to privacy from home

it depends... I found the azure certs to be more invasive than say the off sec certs but it was all good. Pearson (Azure certs) required a closed room where they had a 360 picture of the entire room. If you got out of your chair, you forfeit your exam (kind of, I'm guessing you could stand up but you couldn't leave the room)

we are lucky in that we have a guest room / office that can be used

Did you need a 360 camera?

Lol

I tried a sans cert through proctoru but I had the absolute worst experience and contacted the company and told him that I needed to reschedule for an in-person proctor.

I'll never do an online proctor for one of these certs again

I got lucky when I took my sec+ exam, the testing facility was literally down the road from house. My friend who took it online told me about camera and how they want to see everything. Thank god

How was it bad?

What are the certs to boost my chances of getting hired?

I got RHCSA and preparing for CCNA, got a little background with thm and htb tho

hired for what? target your certs to the job you want

it was a hassle configuring my browser to have their proctor software see my camera, the person was annoying to deal with, I wasn't a fan of all the hoops I had to jump through, and honestly I really didn't want their software install on my system, even if it's a laptop I only use sometimes. the 360 camera issues and the other stuff people described just make this all very much a non-starter for me

https://tenor.com/view/no-randy-jackson-dawg-gif-12730917

in real life proctoring the worst I had to deal with is the proctor not realizing the SANS test is open book and they tried to argue with me

Thats helpful information, I will be going to a testing facility

Yeah, the proctor software sucks and I wouldn't install it on my main system either, so I use a spare laptop for that

But I've done two certs remotely and have not had any problems. It's pain in the ass though to clear the desk from all monitors and stuff and photoshoot the entire room

Now that I have bolted my monitors to my desk I probably have to do coming exams from my balcony 😁

if I've taken a college course over security plus information, how much do you think I should study pre exam, (my school is compTIA partnered)

Id check out Jason Dion on Udemy, he has some great stuff that helped me for the sec+. He has a course for it and practice exams.

The practice exams are very helpful

For Pearson and CompTIA stuff, I would recommend getting a practice test collection; the 'official' online test banks are really good at having a huge selection of questions. When you get a question wrong, go back to the reading and reason out the answer from the knowledge you have.

When you start getting 90%+ on the practice exams consistently, you are ready to take the cert exam.

ok awesome thanks @flat sedge

Gave +1 Rep to @flat sedge

no, but during the prep for the exam (20-30 mins prior), you need to take a picture of all 4 walls and if the exam proctor asks, you'd have to move your webcam to show you other aspects of the room

Tbf, offsec do that as well

You have to pick the webcam up and show them around the room / under the desk / etc

man, this internship search has been humbling

I have the discipline and interest but it didn't hit me how much technical skill I was lacking compared to the average applicant until recently. I always kinda knew but I guess I thought someone would've called it out earlier. Anyway, back to studying.

so im looking to get back into IT, need to get a help desk job. Is there anybody who is an expert with resumes?

I have one I want a real professional to look at and give a few pointers

Yeah the Balcony sounds like the best option for the whole world to see. Someone might be showing you flashcards.

AppSec engineer position open, (US/remote) Experience requirements are minimal, DM me for more info.

Of course your company will be paying for all my certs 😛

I have a question, for ppl familiar with hiring processes. Let's say I have a company for which I'm interested in like 3 of the jobs they have. Should I apply to all three or would that be seen as "shooting your cv all over the place" and therefore should apply to the one that interests me the most and if that falls through apply to the next. Same recruiter in this scenario.

I would, I've done the same

would apply to all 3 or would apply to just 1?

oh sorry, all 3

thx zoj, appreciated 🙂

I know that our hiring system works by you need to apply directly to the position you can get, so alternatively if they interview you, they can tell you to apply to 'this other position' but HR systems are just kind of odd in that you can't transfer a candidate to a different position

Yeah makes sense

time to go re-write my cv and get hunting XD

Job Postings in Help Desk IT seem inflated on requirements. Like Degrees and Certs for low paying positions. Would anybody apply for temporary positions?

I would say so, but kinda depends

Temporary positions are good for getting your foot in the door and for your resume imo

Can’t speak for help desk in particular as I’ve never had to take the A+ to get into it 😅 but job descriptions are usually just big wishlists anyways and you learn most of the stuff on the job

Im not quite ready for cyber position, so I guess this would be a great opportunity. Do I need to list software that I am familiar with?

like teamviewer, logmein?

rufus

@warm hinge

Post a redacted copy of your resume here

Lots of eyes with experience

only if the job listing asks for it but you could list the concepts / types of technology

👍

@tacit bobcat ?

Hello everyone, I am a newbie in this community, I would like to ask few question to get suggestion from your vision and experience. I am currently CS student and I would like to make a internship on cybersecurity for my future career but the problem is I am not sure what should I add to my cv that companies will be interest about me (should I try to get some certificates or should I tell them about my interest and so on...).

I know maybe that question sounds so stupid but I don't have anyone who is interest about cybersecurity so because of that I would like to ask to community 🙂

is sysadmin good job for beginner in IT ?

or should i work something else before that

can you recommend me some job that doesnt require that much

prefer netwoking, i love that

i'll check

thanks again

Thoughts on unlimited PTO policies for those that have had it?

It's a guilt trip to get you to not use PTO

If i took them up on it would I get fired? I don't really know how how it works

you wouldn't get fired, unless it's excessive

from what i've heard, it's more about the soft social pressures of 'oh we have these deadlines coming up... are you suuuuuure'

Like if I took 1 full month of a year

That's not uncommon

I wouldn't take a fullmonth all at once

It's 20 days of PTO which isn't bad

I like long trips

I should just go 1099 so I can not work 3-6 months out of the year. Defo need to be more established lol

that's a lot of benefits to manage

I know of companies in US that have mandatory PTO

I'm the strange one over here that doesn't take a full month vacation in the summer, rather a few shorter ones 🙂

The company I work for is one of them - I was naughty last year, got counselled with that I had to use all my PTO from last year by end of march - all caught up now though

Yep - it can cause some issues, but in general it's good.

I'd be wary of 'unlimited PTO' myself. I generally take 2 - 2.5 week trips per year plus various days off. I prefer shorter trips to refresh but also I get comments from coworkers doing that sometimes... but I'm like "hey, I got the time..."

ha so im looking for a job in it or somthin but i dont got a degree yet so any recomendations?

There aren't many jobs for "Pro Russian Hackers" these days I'm afraid 🙂

ayo its an inside joke

i totally live in america

I've only recently started studying here (pre-security path so far) and I'm curious about the Security+ certification. Would studying jr pentester path help with preparing for the Security+ exam? And what else can I do to prepare? I do still need to look at what the Security+ certification entails but just curious how to proceed.

Hey everyone, i got an email about this so figured I'd share https://www.sans.org/cyber-security-training-events/newtocyber-summit-2022/ check it the different

Saw this and thought it might spark some interest

What is the youngest age you would recommend applying for pentest jobs? Would it be better to finish school and then do it?
Is there legalities in some areas about minimum age?

Sorry for the few questions in one :)

would comp sci cover things like cybersecurity or is there a different major for that

Comp Sci is more computer theory and typically has CompSec minors. Computer Security degrees do exist, I have a Bachelor of Science in Computer Security, but they can be very hit or miss. You'll need to do research on each program

Experience matters more than age. Youngest you can apply is 18 but it's unlikely you'll be hired.

Pentesting is not an entry level field

That should be 16 sorry

all the 'fun' parts of security are an application of computer science. A compsci degree will better prepare you for a huge range of careers, from extremely mathematical to extremely practical. For whatever my opinion is worth, I think CompSci is a much better ROI than a BS in CompSec

Do actual research though, compare multiple sources and look at what industry trends are, and have a plan before you go to a university

I will say, my degree was literally the CompSci major with 2 math courses removed and replaced with Cryptography

They were so similar that we weren't allowed to double major

That's not always the case though; part of the problem is that CompSec really isn't standardized in the same way that math or CompSci are

Right

If I see BS in CompSci on a resume, I'm pretty sure I know what I'm getting from that background. With CompSec, that's anything from 'we spent years learning network, infra, splunk and learned all about managing sec programs' to 'it's CompSci with 3 different electives'

Yeah we had concentrations which differentiated us from the CompSci

We had Digital Forensics and then Information Assurance Management

CompSci I think had more coding classes in those spots

I forget

A. Alces Americana based on your advice I changed my mind, I'm doing sec+ 😄 I wanted to ask you though, what's after sec+? So my motivation is to improve at ethical hacking rather than getting the shiniest cert from HR point of view. Based on your expertise what is after sec+?

comp sec has a few pros and cons. I am in my second year of uni in a computing security program. While yes on a resume it may be off to some it depends really. A lot of comp sec programs give co op or internship opportunities you may not get elsewhere. Especially the NSA accredited centers. Often giving high paying government positions in the end. It can also be different depending on the recognition of the school. For example I am going to one of the more prolific schools on the east coast that is known for their comp sec program. At the end of the day its all relative and you just need to have passion behind what you're doing

if you aren't going after HR gate, I'd look at PNPT https://certifications.tcm-sec.com/
If you are going after HR gate, then OSCP

Thank you so much, I have been looking at that certification. I will go after that one for sure.

Gave +1 Rep to @pseudo creek

if you are expecting high paying government positions... you might be in for a surprise. If you go into a specific program for specific internships, sure that is up to you. My company hires mostly Comp Sci but a few Comp Sec people. We have work with 3 letter agencies and generally pay higher than any gov positions you'd get...

I think the argument that Comp Sec is so variable is valid. I've seen people coming out of Comp Sec programs who don't touch a computer other than to write papers... On the flip side, you get the complete opposite where they may learn specific software (FTK as example) but don't understand the basics/foundations.

Hi all! I've been working as a red teamer/pentester for the last couple years and I'm looking to spend some time on the blue side, preferably in a DFIR type position. This was my first position in security, before this I spent time as a network/sysadmin guy. I'm not sure how realistic it would be to jump straight into DFIR so I'm considering making a stop in security operations. Any suggestions on certifications to help facilitate this move? I already have Sec+ and I passed the CISSP exam, just need to get a couple more years of experience before I can apply for it. I'm looking to make a move some time next year so time and money are not a problem. I was looking at BTL1 from Security Blue Team or eNDP from elarnsecurity. Any thoughts on these certs? Thanks!

I'm not longer in blue team circles, but people talk positively of BTL1 on various discords. If money is no problem, SANS classes are really the way to go but I'd try to get your employer to pay. When I was doing some light DFIR work, I was sent to SANS classes.
I'd also look at DFIR Diva as she has a lot of resources
https://dfirdiva.com/

I'd take a look at the GS scale. In terms of pay, you're likely better contracting through a prime. This also gives a safety net in case the project goes under. In terms of benefits, gov hands down.

yeah you get more vacation days with gov... also the healthcare used to be better, not sure if that is still true?

Afaik, it is

but I also say that as someone who gets 6 weeks off/year

DOD Civ usually gets it better than Mil

Not sure if it's both TriCare

yeah mil benefits seem to have gone downhill

Does anyone have some suggestions for some boxes in particular to do for a CTF job interview prep?

but truth be told, generally if you are in your 20s, chances you get good use of your healthcare benefits is probably fairly low... most companies health benefits will meet your requirements

In my area of the U.S. CS does not get you any brownie points unless you're going into a strict dev position

I.E. I work at a mortgage bank and we DO use devs but thats pretty small and we'd prefer people who are strong "people" types than just hard core engineers.

Maybe thats a east coast thing but full on research roles arent a big thing atlaeast in my city. Just not a big push for scientests and architects lol

literally every role requires a ton of soft skills on top of your tech skills. You can destroy our website but we literally wont hire you if you cant hold a basic convo.

It's not that the benefits have gone down, it's the fact that the VA is a mismanaged pile of garbage and will do everything in their power to deny medical benefits

Not to mention Mil not being able to sue for medical malpractice. Which I'm half and half on

Do you guys think there's becoming more of a requirement for people to have degree's in cyber security (specifically entry level)?

getting interviews w/o degrees is tough

Yeah, it's more of a get past HR thing right?

if anything it's shifting in the opposite direction, but someone with a degree will have a much easier time

Even with a degree and a security clearance I had a hard time

I applied to about 100 places and got 2 actual interviews. Then a few phone cons for a bit of the others

Of course, after I had accepted my current job, companies started to reach out about interviewing

just got a job offer at as a position for a field technician , i'm basically going to be driving to places and repair printers and computers all day. is this something i should consider when attempting to start a career in info sec?

Do you have other prior experience? A degree?

I do not, I went to a magnet high school and graduated that with a proficiency in engineering and computer science but other than that , nothing college wise

What do you mean "is it something you should consider?"

like does this job title provide some credibility for when i advance in my career path?

sorry if my wording is awkward

Field support is a valid start. What's the career path like? Does it provide opportunities to expand beyond that role? Would you be better served getting more post-secondary education to jump over that kind of entry level? It's very common to get trapped in those roles for longer than intended

Yea, experience is experience and working in your field is good. Like @flat sedge said Field Support is a solid Entry level job. Now think about what you want to focus on and possible take whatever certification is needed, i.e CompTIA+. The higher level jobs will usually want some sort of Cert.

Reading all these interesting discussions makes me quiver. Do I stand a chance in this career?
I have a background in Zoology and 15 months of experiential learning with the curriculum of a master's degree in cybersecurity. I take some paid courses with EC-Council to optimize my practical skills.

Is there more I should do? Or I should reconsider joining Cybersecurity?

If you aren't looking for work in an area that encourages EC Council, the consensus is that their training and certs aren't worth much from a professional standpoint

Hello everybody!! To all the non-IT folks that are looking to change careers into cyber… THERE IS HOPE!

I got a job for Junior Pentester/Consultant in Canada!🚀

Just like most of us I was discouraged after sending hundreds of resumes and about 5 months into the process, I was getting first and second interviews but no offer.

Then, I changed strategy into Networking. I looked for people in my country that had the same certifications I had (eJPT and Pentest+) and started adding them and letting then know I was applying and if they had any tips to let me know.
Then after about a month one of them told me about a role that was not even posted yet. They liked my resume and I only had to do 1 interview with the Hiring Manager and Director all at once. No loops and hoops with the HR.

Just wanted to let everybody know dont get discouraged. Keep on applying, keep on learning. It took me about 2 years on constant tryhackme, hackthebox, labs, courses, certifications. Its no easy but its possible!

I'm currently looking for an internship and have been looking at pentesting internship offers from companies that sell pentesting services, and my god this is so hard to get passed the technical interviews imo since the questions I get asked vary a lot in term of difficulties, ranging from how large can a port number get (with a HR person refusing my 2^16 - 1 answer and telling me it's actually 65535...) to having to speak about some vulnerabilities I never heard about (last question I had about that was to talk about the dangers that could come from the Bluekeep vulnerability that I had never heard about prior to the interview), does anyone have any advice regarding this ? I'm currently doing the JR Pentester path (I did pre-security first) but at a pretty slow pace tbh...

Thank you @wintry dragon. You gave a message of hope.
I find the courage to continue.

Gave +1 Rep to @wintry dragon

@flat sedge Thank you for making this clarification. I should channel my energy better to other things. Meanwhile, can you suggest a path I can follow, please?

Security is huge. Having some domain knowledge is a huge bonus; at the bare minimum, i would recommend Net+ or CCNA, and Sec+.
Understanding the basics of security tools, like what a SIEM is, what it does, what vulnerability management is, GRC, firewall policy management, et al, will give you something to talk about in interviews.
Do some looking around to see what jobs are available in your area, and what the requirements are on those listings

bluekeep was a relative big vulnerability that lead to code execution through RDP on Server 2008/Win7~ machines. It was a test to see if you're aware of major vulnerabilities that APTs and Pentesters often target.
There's a ton of historical exploits that you should be aware of, I would highly recommend looking up some historic exploits. The Apache Struts vuln was a big one that affected a lot of people. Heart Bleed is another good one.

Generally you should know a handful of enterprise products and some of the major vulnerabilities that they may be vulnerable to. You'll be testing against these products day in and day out! As for advice on 2^16 -1, does nmap accept 2^16-1 as a command line argument? If not, you better not say it to a recruiter. They want the raw numerical answer, not the "I know that the maximum length of the port header in a TCP packet is 2 bytes long, therefore it's..."

when am I good enough for cyber security work?

after a few weeks of try hack me 🙂

If you can deal with abstraction and rigorous methods well enough to get through a life sciences degree I think you'll be fine lol

The modesty is good though, just cultivate it into a relaxed humility and not imposter syndrome 😛

hey guys, i got my hands on Marty M Weiss Sec+ book. did anyone use it, how did you find it?

Hello everyone. I hope you are all doing well. I am learning cyber security and ethical hacking rn using Tryhackme. I am new to this field and I have many questions in my brain about how to start a career after learning it. Is having a certificate so essential for getting a job? And which one do u advise me?

From what i gathered by reading this channel, sec+ is pretty much the go to certificate. You could get a job without one maybe, but it is harder to pass the HR checks.

Thank you. Btw is there any way to reduce the cost of the certificate?

Gave +1 Rep to @lavish cargo

unless you are a student in the US i believe there isnt, but maybe someone knows more than i do

okay, thank you for the info

Gave +1 Rep to @lavish cargo

Security+ is certainly a great entry to the field of cybersecurity and reasonably priced at $381 and is the first cybersec cert a lot of people will go for. Some alternatives like SSCP and CCSP are similarly priced, perhaps a bit more or less expensive. As you explore the field and find your interests, you might encounter certs from many providers specialising in different roles and there are people here happy to discuss those with you as well

Thanks for your comprehensive answer, at least it gives me some leads as to where to look at to perform better in interviews.
As for the 2^16 - 1 thing, I understand the point of vue that the recruiter may have taken if I look at things that way, thanks for that too !

Gave +1 Rep to @languid hearth

By the way if there are any recruiters in cyber here that happen to have some examples of technical tests they asked during some interviews, I’d be happy to have some of the questions so that I can somehow target my learning to get passed this step !

tbf i would argue your answer is better than 65535 in some ways

because i can guarantee a lot of people don't know why there's 65535 ports (in either tcp/udp)

https://tenor.com/view/monkey-look-the-other-way-look-away-awkward-weird-gif-17246188

It would depend on the job you're applying for, your career goals, the company and their requirements. a lot of the technical tests will be based on the kinds of problems you expect the role to deal with and your own previous technical experience

Oh man, I want to be cool and not have a name.

Hello, everyone! I am learning ethical hacking and cyber security. I use tryhackme and udemy course to learn it. I want to start preparing for the certificates, but don't know which one I need to start with first.

Pentest+, eJPT, SEC+, CEH, or OSCP?

Thanks before.
And is the TryHackMe lesson good for the pentest+ certification exam?

Good practice

Sec+ is a good foundation for security. I'm going to give an alternative order that I think would benefit you more. First, take Net+ or CCNA. This will give you a good foundation of basic networking principles and stuff you'll see in the real world. Then, move to Sec+ as it's the foundation into the cyber security space. Lastly, I personally wouldn't take Pentest+, eJPT, or CEH. CEH isn't a valued cert outside of India and you don't need both eJPT and Pentest+. eJPT material is free which will give you good practice for the OSCP, which is the entry level Pentest cert. You'll need to use the Offensive Security materials as well but the eJPT can put it in a different light if you aren't understanding.

Keep in mind that Cyber Security isn't an entry level occupation. Without a degree it's going to be hard to break into the space and you may have to work in something like IT to gain experience before making the switch. The same goes for pentesting as it's a niche within Cyber Security. This means that you may even need a bit of cyber experience before transitioning again.

Do you think it would ever be possible to jump straight to SOC rather than something more general like help desk or IT support?

No degree and coming from an unrelated industry (pipeline construction) of that makes a difference. I guess with a degree you can jump a few steps in the beginning

Possibly? I'm not exactly sure as I haven't worked in a SOC. Depending on how you were employed on the pipeline, you may be able to jump to corporate with the company you were working for. It would give you an edge in understanding what was actually going on with the alerts.

Thank you for the info. I f I get the Cyber Security degree, do I need to take these exams?

Gave +1 Rep to @stoic cave

Yes

I mean can they help me If I already have degree for this

You'll need them. Learning doesn't stop with a degree

Companies use them to verify base levels of understanding

Thank u so much for the info

Then I have to take network+ afte this sec+ and then oscp?

If you're in a degree, it heavily depends on the classes you're taking. I had a degree and no certs but had a security clearance when I was hired after college.

u have cyber sec degre?

I've asked that question a few times but the company uses an MSP and are not interested 😅

I got Sec+ after I started working. I would have had an easier time getting hired if I did have Sec+ though as it fills DOD 8570 reqs

This year I will probably go to Taltech for Cyber Sec Engineering degree. Can it help more than just computer science for getting a job in the security field?

Computer security degrees can be hit or miss

You really need to look at the program to make sure it's alright

I have a Bachelor of Science in Computer Security

cool. Thank you again man, for he info

Btw how much time do you think is necessary for security+ exam?

It's different for everyone

I think 6 months is the average?

I procrastinated a ton, I got the voucher when I was still in college. In terms of hard core studying, it took me about 2½ weeksish but that's because it was pretty much a recap of my degree

Would not recommend

Thank you.

Btw had you took network+ before sec+?

No

My college networking course was us prepping for CCNA but you didn't get an exam voucher at the end. So. I didn't take it. I would personally take CCNA over Net+ but that's just me. I haven't taken the new exam though

thank you.

I would recommend you to read this free magazine from Hakin9, a respected magazine in the field to learn what you might or might not need.
https://hakin9.org/download/hakin9-open-become-hacker/

If you want something more in that line, I would also recommend the Tribe of Hackers books by Marcus J Carey
https://www.amazon.com/Marcus-J-Carey/e/B07MFWJPGV

they're all good advice from professionals about how they got into their particular niches in the field and how they went about getting experience and qualifications. Things are 'usually' easier with a degree or with certifications and definitely with both, alongside IT experience and cybersec experience of some kind.

There are a lot of opportunities out there so I would suggest you go onto a jobs site like indeed or linkedin and have a read of a few of the job descriptions and what kind of qualifications they want.

I like the idea of pentesting but I'll be honest I really enjoyed splunk 1/2 rooms. I'll take a look at the resources.

I've been combing job adverts for a month or so and it seems like everyone wants 3 years experience and a degree, I get that job adverts are more like wish lists but it's pretty disconcerting.
I'm a life time learning with an insatiable thirst for knowledge (of all kinds) so I think a career that actively encourages you to stay up to date and constantly learning and growing is perfect. Plus SOC and incident response/support is similar to working during emergency outages in pipeline construction (long shifts, high pressure, problem solving etc)

I wouldn't worry too much, they base their desires off of the pool of people who actually apply and having a degree is not always a requirement. Pentesting jobs are in demand by cybersec people cos so many people want to be paid to hack but there are so many other opportunities and having good general knowledge of security will help.

You can always put an intention to do certain certs in your application and then make sure you show progress on them once in the door. Most companies will require you to get some sort of continuous education qualification within 6-12 months of starting if you're not already up to their level and the first 1-3 months might mostly involve shadowing other people so you don't get too overwhelmed right away, with access and responsibilities gradually granted as you show your value

That's interesting, never considered putting "studying for XYZ" in an application.

I feel like I need to get a qualification under my belt because "200 hours on tryhackme" doesn't feel good enough even for entry level

just a reminder that this thing is something people who are "new2cyber" might want to check out

1pm GMT on a Thursday. All these courses are difficult when you work full-time 😅

I register and then watch the recording that they provide to those who signed up

I did not know that was an option. Thank you

Hello, if you're hiring you can ask Muiri to place it in #jobs-board for you when he's around in #general. This channel is more for career help

Thanks! 🙂 I'll do that! Cheers!

Hi everyone, I have recently graduated from SUNY Albany. I am seeking a career in Cybersecurity but, I haven't had any luck landing an interview as I feel I lack experience due to COVID. I am new to this server and was wondering if anyone had any tips?

What's your degree? You're likely going to need a certification or two before you start getting interviews. I graduated two years ago and I applied to about 100 positions over the course of 3 months after graduation. I only got two full interviews and 10 ish call backs. CCNA and Sec+ are your two best choices. Keep in mind that Cyber Security isn't always an entry level area. Previous experience in something like IT is often needed but not in all cases.

might want to look at this https://www.sans.org/cyber-security-training-events/newtocyber-summit-2022/

Basically, you'll want to cast your net far and wide... apply to IT help desk, SOC analyst and other entry level IT positions

also, certs like Security+ will take you far

My degree is in Homeland Security, Cybersecurity, and Emergency Preparedness with a concentration in Cybersecurity. I have obtained a couple of certifications and have been considering taking Sec+. Thank you for your insight, I will definitely take it into consideration.

Gave +1 Rep to @stoic cave

Do you have a Security Clearance?

Not currently. I'm not really sure how to obtain one.

You have to get sponsored

Sponsors are employers who do classified work for a myriad of agencies

Or the agencies themselves

Thanks for the help. I'll definitely look into it!

Gave +1 Rep to @stoic cave

If you want to stay in Government with a clearance, you definitely could use the Sec+ cert. That one fulfills a lot of the DoD requirements. Do a search for DoD Approved 8570 Baseline Certifications. You will find a chart that will lay out the requirements

Hey guys, I recently applied at cyber jobs and from the first interview the company (Ncc group) made me an offer for a junior security consultant position, which involves a 6 month training and I believe that it would help me expand my knowledge (which I was planning on doing once I finished university but at least now I will get paid for it). I received an e-mail from another company (waterstones) for an interview about a senior pen tester position, however I believe that my knowledge and experience it’s not up to that level yet and I am debating whether I should at least make an attempt for that interview or just go with the company that already made me an offer

I got this from a hiring manager I'm acquainted with regarding the OSCP

It’s the only cert that I would take as proof someone could actually do a pentest/red team job

Yikes 😆
Pentest, maybe, red team, not on your life.
Also far from the only cert that proves foundational competence. But meh, rather they think that way about one I have than one I don't I guess 🤷‍♂️

I cannot confirm nor deny that they are a he, but yeah I get it

Oops, apologies to them
That's what I get for replying whilst still half asleep

Not red team? Sorry to interrupt the conversation but could you explain this point?

OSCP is very foundational. It gives you the practical skills you would need for entry-level pentesting, but absolutely does not give you the skillset you would need for red teaming / adversary emulation.

Hell, OSEP (the next one up) still doesn't really go there.

So OSCE3 would be the proper way to prep for Red Team? Or am i incorrect?

Uh......

No, OSCE3 is still just pentesting, albeit more advanced pentesting

Woah! And people are hyped about OSCP. It's so darn pricey at this point 😫

😐
Okay, then how would you recommend we prepare ourselves for pure Red Teaming? I was so much delusional uptil this point that OSCE3 was all we needed to learn to get better at Red Teaming

The PEN-300 materials make the PEN-200 materials look like a 5 year old's school homework, but the courseware still explicitly says that it is not a red team cert

*(sweating knowing i have to do this in the future)*🤣🤣

SANS have an actual red team course. CRTO is pretty good for the basics too, in terms of the direction it comes from if not the difficulty.
As far as I know, it's still mostly a trial and error / experience thing. You transition into red team from senior pentesting and just start messing around to see what works. That's certainly how @thick sable has done it.

no harm, literally 95% of the people with my job identify as male

Is it true that sometimes employers pay for our SANS training as well?

That ejpt after OSEP doesn't really make sense

Yp did that

Now am a red teamer

I get domain admins every day

yes. (I paid for the A+ myself)

Ejpts materials are kinda like oscp, won't really give you much

Great to hear that man! Share your knowledge so noobs like me can get a better idea :)

Do ejpt first then oscp after solving htb machines thoroughly

You, uh, know that eJPT is the one that people use to hype themselves up for OSCP/eCPPT right?
It's the extremely easy one people start out with to make the learning curve less steep.

This is the reason why certs are so expensive -- they don't expect you to pay for them yourself.
Most people who do certs have companies paying them through it.

If you want the smaller step up, yep. It's good learning materials, for sure.

You just spend time learning and loving what you do

Gave +1 Rep to @undone shore

I got lucky in getting some things that I wanted specially approvals to initiate a red teaming engagement as a beginner

Wow! Sounds like a money grab. But for this, i need to complete Masters in USA after my graduation, then i think i can have that excellence so employers can pay for my training

Once it succeeded it was an open path for me

Gib job

Hey a question to anyone pursuing education in USA.. What are some good universities if i want to get a Masters in Cybersecurity after my graduation? I searched and narrowed it down to CMU (Carnegie Mellon University), University of Washington and University of Texas

Anyone care to contribute or correct me? Please do as you guys have more experience than me as you reside there and i am from India and planning to pursue further education in USA

Get real on the job experience before going for a masters. Masters are for management typically and by getting it too early it prices you out of entry level positions.

You guys reckon it’s possible to get an internship if you’re no longer in college?

Trying to find my first position in this field somehow

In the US, no

So unable to get internship experience but not enough experience for entry level position

A predicament it seems

Thank you for the reply

Gave +1 Rep to @pseudo creek

The learning material for eJPT is currently free too as part of a starter pass. It's not a bad thing at all to pursue a starter cert in any field but you shouldn't expect to be up at the level an organisation needs when hiring for those positions with the starter cert. Do the eJPT with the intention of doing OSCP/eCPPT and further. Work at it like it's your passion

you need to look at jobs like it help desk, soc analyst and such

Yeah I can’t seem to get anything out of an entry level SOC application might just have to do tech support

Things like this

We’ll see

Thanks again

tech support is a great entry into IT

which is a great entry into cyber

Wouldn't it raise my stock as a candidate though? And yes i'll sit for my campus placements in Sept-October. I'll get a job hopefully in my preferred role. Then next year after an experience of a year, i'll prepare for GRE and various exams

No, it won't. There is such a thing as being over qualified which is what this would be. Companies are more likely to pass on you as your cost of hire is higher than someone with a bachelors and some experience

If you're going into management or past 6ish years of experience, it's a different story

Oh okay. Didn't think of this. Thank you for guiding me though! Appreciate it 😇

Gave +1 Rep to @stoic cave

yo guys im going for Exam SC-200: Microsoft Security Operations Analyst cert, would people recommend it?

Hye i did my CEH certification, I have web development experience, can someone guide me to get a job in foreign other than my country which is india.

if you want to work in another country, best plan is to try to work for an international company in your country and look for transfer opportunities

Thank you, but i m don't have job, there is very less demand of penetration tester in my country

Hard to find@pseudo creek

Hey guys.
I'm new to cybersecurity

Suggest me a certification pathway/roadmap journey

Roadmap to my knowledge.
eJPT-->SEC+-->CEH--->eWPT

Any suggestions please?

What's your overall goal

Do you have a degree?

Where is your home country?

Hai.
This is Dhivakar from India
I completed my B.tech in CSE

I applied for PG Cybersecurity in Canada.
The course starts on September 2022

I'm perplexed about the roadmap/career path in Cybersecurity.
Whether to go for Offensive or defensive side.

@viral oyster please refer to rule 1

Ooops.
Sorry

I'm not sure what a PG is

And looking it up it doesn't give me faith that it's a reputable thing

Masters*
Masters in Cybersecurity

Are you actually traveling to Canada?

Yes..

I just want to start my Cybersecurity journey before the course begins.

I'd finish your education first

You're certs are likely to expire before you'd get out of the program

Do some self studying but I wouldn't pay for anything just yet

Yeah..
"self studying"
Where to start?
What to start?

Good start would be #start-here

pick a path on THM

check the INE material thats free for eJPT

depends how much you knwo already

Sure.
Thanks 👍

Gave +1 Rep to @stoic cave

how worth is a master in cybersec if you come from another field? Is it better to spend some time to get a certification or should i do it cause ill need it anyway later

a master in cyber is only worth it if you have a few years of experience in cyber and are looking to advance to lead / management position... otherwise, certs are the way to go

Hi. I want to contribute to an open source project to learn something new, put myself at test and write something valuable in my CV. What project would you suggest?

Pick one that you are interested in

Contact the maintainers and see what they would like you to start on

Also remember that it doesn't necessarily count as professional experience, it's an extracurricular activity

Would you say the microsoft certs sc-100/200/300 and 400 are worth it for a blue teamer? Or are there others that are better?

Hello everyone. Can u recommend any university that offers bachelor degree program for Cyber Security engineering, Information security or Information technology in Germany?

They are relevant if you plan on working in an AD/Azure environment and you want to develop those skills a little bit. You should get comfortable with a lot of the MS technologies if you're going down this route and perhaps be a well-rounded admin

wrong channel

apologies

@viral oyster what's the cost of cybersecurity in canada

You can use CYBERHEAD to check in Germany and how their contents are structured (Very useful if you want to go technical or focus more on management/risk handling) https://www.enisa.europa.eu/topics/cybersecurity-education/education-map/education-courses

Hi @daring lodge, I have the SC-200 cert, seeing the SOC/SIEM I work with is Sentinel so yes if you work with it for your job I would recommend it.

appreciate the response

@daring lodge also see the response from so_much_for_sublety just above here. #cyber-and-careers message

ohh didnt see that thank you

Gave +1 Rep to @sinful kayak

what did you use to study for the exam btw

https://docs.microsoft.com/en-us/learn/certifications/exams/sc-200

thanks for the help

Gave +1 Rep to @sinful kayak

Hello Team

Thank you for sharing.

Gave +1 Rep to @sinful kayak

Does anyone here have any type of experience with government related work and/or contracting that requires a clearance ? I’m just looking for some advice 🙂

Yes

Do you mind if I DM you? @stoic cave

I'd rather it stay here, as it benefits the community

Okay that’s fine.

I was just wondering what your experience was like regarding transitioning from the government sector to the private sector? Moreover, going from a direct agency to a private contractor. I’m currently a student with clearance through a program, and I was offered a full time position. I just don’t know if 1) the work I’m doing is exactly what I want to be doing 2) if I can manage my time well in par with school.

I have an offer through a private contractor that allows me to use my current clearance (minus the rest of the logistics from the company itself), it’s more internship oriented though. I just feel like working more government in a longer route will eventually lead to a lot of infringements on my privacy. I’ve heard it’s more “soother” in the private sector.

You have a clearance, you have no privacy

Especially because I’m a student, and I drink occasionally. Somehow, I randomly received an addendum that I had to sign saying I practically vow to stop drinking since I’m under 21. I have no idea how they found out, but it’s just weird.

I mean, they'll expect you to follow the law if you want to keep your clearance -- regardless of how dumb the law is

I mean to what extent does that even go to?

Same as drug testing for clearance 🤷‍♂️

There is no bounds

If they want to know something, they'll find out

Obviously, I’m just saying it’s weird how they found out when I didn’t post anything on social media or report it.

And if you lie, you lose it

Yikes, remind me not to move to the US
Here at least they need a warrant first

This stuff is so complicated, I wish I researched this more. I feel like an oblivious college student lmao

Afaik, the clearance is a partial wave of rights. They may need warrants to search things but they are allowed to ask you questions

You have tickets. You have zero expectation privacy from government background checks and ongoing investigations related to those tickets you hold, regardless of whether you are direct-government employee, working as an independent cleared contractor or as an employee of a vendor contracted to (however many times abstracted) prime contractor.

And if you lie on the questions and they already know the answer, you're fucked

Because its perjury

They will ask you questions to things they already know. Being honest is much more important than 'passing'.

Well, I don’t exactly plan on lying. My entire plan is to do government work, that’s why I took this opportunity because it looked very appealing for someone of my stature.

They will also want to interview your friends and family, and possibly others, who know you in both professional and personal capacities.

I just assumed it would be different in the private sector, the same way there’s different type of clearances

Nope

No

A clearance is a clearance

They already have, that was the initial onboarding process. It was pretty weird

If it's more "lax" in private, the hammer is coming

They will do it again, basically every time your employer jumps you to a new program.

Oh crap, I didn’t know that

Maybe that’s how I received that addendum

Depends

Would it be ideal to just like

waive off my clearance till I graduate or something?

You'd have to jump to an entirely new contract afaik

Is that a thing

Potentially even a different customer

No

Your clearance is active for 2? years and then inactive for 6

I get a different placement every 6 months so idk

Fuuucking hell

So regardless, I’m just going to have to abide by it & make sure I don’t get it suspended because I wouldn’t want it to affect me in the long-run.

You're also probably under CE, which means if anything got posted to social it would have outed you too

But yeah, don't drink and don't torrent

Some investigators don't care and some really care

I realize the internship you took was probably too good of an experience to pass up. However, you probably should have done a little more research on clearances before accepting

I mean they’re offering a full-time offer & the pay is really well. I don’t have any regrets, I just don’t understand this whole “spying on me” thing.

TORRENT?

Well I just use my college wifi on a VPN & a proxy

Not traceable

You're forgetting the part where you attested on your sf86 that you haven't illegally downloaded/acquired digital assets or however it was worded

(And admitted to it in a public channel)

Also, everything is traceable with the right resources 🤷‍♂️

Torrents are fine, as long as you can demonstrate that the material you downloaded is all public domain or purchased, and that's just the transmission of the vendor (such as humble bundle bulk downloads)

Which is muddied if you try to obfuscate it at well

being absolutely upfront about your torrent use (even if illegal) is better than hiding it

because they will find it

No way, I find this very doubtful. There are so many ways to make sure a torrent does not trace back to you. I do not think they would go to such great lengths just to make sure I haven't downloaded any illegal torrents.

This doesn't affect me whatsoever. As I mentioned, Discord doesn't connect to me personally.

I didn't even read any of those documents. I just signed them to get the documentation over with. It likely would've been smarter if I did read them, but once again: oblivious college student lol

I don't think you understand the gravity of power you're playing with. You can literally be charged with a crime(s). They will find out you torrent, because you can't lie about it. They can find this discord account, because no public account is private along with a myriad of other things. Not reading the SF86 is more than just an oblivious college student, it's fucking stupid. You literally signed a contract with the government and didn't read it. Ima log off before I say something stupid but just know this, you fucked up.

That's what you think

Locard's principal holds just as true in digital world as it does in the real world. Every contact leaves a trace. With enough determination and resources you can track virtually anything, and no one has more resources than the US government

It just does not logically make sense they would go to those lengths to enforce illegal torrenting ? Even now, people rarely get fined for it.

I didn’t NOT read it, it was more just make sure I completely understand the extent of the contract. It’s not like I told myself it would be completely relevant, I practically proof read it relatively quickly.

How did I fuck up though? I’ve been fine for a while now, I was just curious in terms of any differentiation between public/private sectors.

You will have a thorough background check done as part of SC. Whether they care about the torrenting is another matter, but the chances of them not finding every aspect of your digital life is... slim.

That’s the thing, the main process in which I go through everything (polygraph, drug testing, background checks, contact info, etc.) has been completed for a while now. Even through the process, I was never questioned by my investigator by anything.

I have no idea if that means the background check is done or not with the US system -- I'm not American.
Again, the point is that this is unlikely to be true.

The background check is never done. US moved to a CE system. CE is continuous evaluation which means you're always being evaluated

Maybe you’re right, but the probability of it affecting me whatsoever is extremely low.

Wrong

Ooof

You have a TS/SCI im assuming, which is one of the highest clearance levels. You are under a microscope

This I know, I’ve heard about that. I just don’t see how a platform like Discord could possibly affect me internally.

Alright, you do you

I'm done arguing

I wasn’t arguing with you, just seeking advice, that’s all. Don’t take it the wrong way lol

I’m pretty young to the government scene, so everything you say is something I have been taking note of. I’m just trying to integrate my own thoughts into this, it’s just overwhelming to think I’m “under a microscope” like you said.

Sorry if you took it the wrong way.

Yeah the FBI agent memes aren't a lie. That's what makes a joke funny, is when it's partly true. I've seen military entrants get ELS'd because they omitted highschool suspensions, I would definitely worry about using torrents when you are under a government contract. I likewise didn't read into mine but I keep to fair use and purchased content. You should follow the advice you were given, it can spare you a lot of trouble! 😉

A background check is done with every initial investigation. That includes going from Secret to TS/SCI since you need a different type of investigation. The CE program comes in after you have completed your investigation and received your eligibility.

Right, they already had eligibility so they would be in CE

Oh, I didn't read that far. I thought they were still doing their investigation portion.

And from my understanding at that point your life is just a rolling background check lol

Yeah, they were already eligible

Pretty much. CE catches a lot more things in my office than the reinvestigations ever did.

hey guys

you ever hacked microsoft?

What’s the first certificate I should aim to reach

As a beginner

Could someone give me an order

They would recommend

Maybe do COMPTIA NETWORK ++

depends.....what path are you pursuing?

Wait til you travel internationally...
Lots of us have lived in this world, some for decades, it isn't something you want to play around with, just be honest, not being honest is really the worst thing you can do

Hey guys I'm looking at an online bachelor's course for Cybersecurity that's on a discount. can I get someone's opinions on if the content looks good?

you have not given a link to it

Hey, I asked the same question and people recommended me that:

.

This was useful answer for me

well it depends, if you know nothing about computers and are looking for an entry level job, A+ is a good choice, if you have some knowledge/related degree, Network+ is a good choice to show network knowledge and get your foot in the door for an IT job. If you have something like a Comp Sci degree or can show IT experience, Security+ is a good choice

https://www.iu.org/bachelor/cyber-security/ I don't remember the rule on links so here it is

can you tell us your overall goals? Get a job in your current country?

Yeah. Restart my career. I left an NGO day of pandemic. In my country, they give an inordinate amount of importance to having a degree in the industry you want to work on.

ahh ok, honestly it is hard to gauge because someone in your country may have a better feeling if an online degree would be considered suitable. Overall, the curriculum doesn't look bad but you don't know the rigor and how well it would be accepted.

and I'll say that site you link is very forceful when I went to visit saying it wasn't the right place to look if you are in NA/Europe and gave me a different link which has definitely less marketing tactics

I see

The price and the online part is really what draws me to it. But I also really like the contents of the classes when I go through the course catalogue. The only local university I found that has online options is just too expensive for me.

I think in Germany Saarland uni is a good choice too. It is public uni so there is no tuition fee

I'm not from germany or EU so free tuition fee doesn't apply to me

no, in Germany unis are free for everyone

just check their websites

only public unis

@hexed magnet have you read about The Open University in London? They offer cybersec and more

Hi all, I'm thinking of switching into a CompSci degree. Do employers prioritize a CompSci degree that's a BA or BSc? Or is having a degree and a good portfolio more than enough?

I'd personally be weirded out by a Batchelors of the **Arts** in Computer **Science**

My university offered both as well. For whatever my opinion is worth, a BA in CS is not rigorous enough in math to be computer science. It's much closer to a CIS or IT admin for business degree

I'm not weirded out by a BA in CS mostly because the first college I went to only offered BAs (they didn't have CS at the time but they had Math, Physics, Chem). If your goal is Cyber, a BA in CompSci is fine

It's an odd setup. The core courses and maths are all 1:1. The only difference is the literal 'science' courses like a physics lab would be liberal arts courses instead. The skills should be close but I imagine we all look at BSc at bit more highly than a BA

honestly, I'd be surprised if anyone noticed...

I'd definitely compare the tracks to see the differences

Im just popping in but Im in my last semester on the BA for CS but I knew going into college I wanted to focus on cyber security so I was able to minor in that as well. I also didnt understand the benefit of the BS compared to BA at my school, it just seemed like extra work for no reason.

And it was only a couple less CS courses for the BA

For this school here's an excerpt

The core portion of the degrees themselves are identical. The key differences are in the secondary requirements. the BA requires 21 credits worth of humanities, natural science and social science while the BSc requires 24 science credits(9 are covered by the basic degree, another 3 in the honours) and a 6 credit lab course(part of the 24) as well as a minimum number of credits not-related to your major(don't recall the exact number off hand). If you do honours, the BA is 36 upper year credits(3rd or 4th year) with a minimum of 18 at the 4th year level, BSc is 42 upper year credits but no 4th year minimum. In terms of value, the BSc is a little more valuable. Some grad programs require a BSc and some employers will assume you've done more math even though the math requirement is basically the same.

We offer BA and BSc degrees – both providing you with the same computer science and math expertise. In the BA program, you’ll complement your studies withLiberal Arts courses (e.g., humanities and social sciences). In the BSc program, the complementary courses will be in the sciences (e.g., biology, chemistry, physics)

I don't have chem or physics so I'd have to go and get a credit online over the summer to go into BSc, but I have years in college/uni in other programs that would probably help me fast track the BA

ahh yeah I get ya, I'd do the BA then and any electives you do have, try to spend them on CS classes

Anyone taken the burp suite exam recently?

Hi guys
I'm getting ready for OSCP, and made this on notion (still working on it)
https://sn0w.notion.site/OSCP-c8a6d62f0f6746058d828d4947f8320e
can you guys check it out?

gatting rady

for o-es-ci-pipipi

I think this is really cool for getting ready. I used onenote and a spreadsheet to record most of it.

All of my tool usage is in onenote but an excel spreadsheet helped with quick lookups

Day one at my new job 😄

lets goooo, how is it?

It's great so far, I think I am finally progressing towards a cybersec career

Just got my OSCP last week.

multilingual, willing to relocate globally if the opportunity is juicy, but for the most part looking for something fully remote full-time, junior pentester position or similar.
can do any background check or do a security clearance if needed for the position.

if anyone knows of anything, slide in DMs

Getting a job across borders is very complicated; typically, an employer would need to sponsor you prior to hiring to make you eligible to hire.

I live in a country where the average salary nation wide is $1200

This is extremely rare; your best bet is to look locally for outsourcing vendors, and work to transfer to the country you want to work in

working locally is just not an option, so gonna have to put up with that trouble ig

which country ?

czech

okok thanks for the information 🙂

Gave +1 Rep to @brazen yew

and yeah already said, I'd be willing to relocate

i doubt you'd be able to get security clearance in any other country then

sucks but it'll be what it'll be

uk at least for the minimal level of sc is 5 years of residency

There are a LOT of tech jobs in CZ. Specifically look for tech firms that have an international presence. Several IBM subsidiaries have offices in CZ, for sure, and I know several BPOs have various functions there as well.

I'll look into it, thank you. The reason im skeptical about it is because these companies would pay Czech people Czech salaries, meaning some guy with similar CV to mine would be getting paid 3 times as much as me in a different country, and that is accounting for COL to salary ratio

Gave +1 Rep to @flat sedge

sorry to disappoint but that's how salaries work

That's actually a situation we dealt with when I took on my current position. Based in the US, my salary was significantly higher than my CZ co-workers - QoL is similar, budget had to be re-allocated to normalize for the regional employment.

And, when you apply for a job with an international company, your odds of getting through the door are non-zero if they have a local office you could work from, either on-site or remote. Many times, companies aren't able to employ anyone in a country without having an office to do payroll out of.

makes sense

what are BPOs btw

Business Process Outsourcing

any tips on CV writing btw? I don't mean what to put on the CV, i mean literally how to write it. was thinking some kind of PDF editor?

or should I just throw some upwork freelancer $70 to do it for me professionally?

I use the awesomeCV latex template

then i render my resume into a PDF - keeping my resume as source code is a cool little add-on that most of my recruiters have commented on

ty

where do you keep the source code tho 😄 you send it with the PDF as a separate file?

or how do they get to see the source code

I keep the redacted source code on a public git service. The original, unredacted source I have on a private git server I host in my homelab.

i see ty

out of curiosity, how many applications do you think the average position that I'd be after gets? I imagine it has to be a small fraction of what a "normal" job gets (accountant, truck driver, w/e)

like if a "normal" job gets 500 in the first month

stuff that requires OSCP cannot be more than 10-40 per month, no?

just thinking if its worth it to care about ATS

I couldn't say; I have no basis of comparison. I do know that the company I work for usually gets a couple hundred applicants for every opened job req

I see, thanks

may I DM please?

About?

resume stuff

If it doesn't dox you, I would prefer you post questions here, I'm not the only person with experience reading resumes 🙂

okay sure, I don't mind.

im 25 now. age 24-25 I spent studying pentesting, got my OSCP

age 19 I graudated with a graduate degree in mechanical engineering

age 19-24 I was in professional esports. meaning I never held a "normal" job

is there any point in putting in what I did age 19-24? on one hand its gonna look weird if theres a big gap, on the other hand its completely irrelevant. the only tangible thing I took away from esports that could be applicable in such a position would be working in / leading a team under serious pressure

I would put it in for continuity. Emphasize applicable skills (especially soft skills) that you learned during that time

ok thanks ^^

Gave +1 Rep to @flat sedge

I'm currently doing a graduate degree in mechanical engineering, how did you graduate at 19? I will be 21 this year and graduate

Im from czech, its a different education system than what "graduate degree" means in US, which im guessing you're from?

nope, I'm in pakistan(india kinda)

I've never heard of graduates below 20 before

ah okay. here its you finish elementary at 15, and then either trade school finish at 18 or "graduate" finish at 19. then at 18/19 you either enter the workforce or do another 4-6 years of study at uni depending on what you're after

I see, a very progressive system you've got there

graduate schools are usually business, economics, mechanical engineering, electrical engineering, design or architecture etc.

trade schools are well...self explenatory...welding, carpenting etc.

That's one way of describing the country

yeh, I mean for most people, who're unfamiliar, it's easier to explain

Hi gays

Hi everyone

People normally say "hello everyone".

Like Ununebunu did

ohh im sorry gays

I'd have hoped the first time was a typo, but there we are

Why are you addressing people that way?

i saed sorry to all people in the room ?!

Out of interest, what do you think "gays" means? 🙂

@flat sedge I got Asghar Ghori's RHCSA study guide, you recommended another one but I can't remember what it was for the life of me. Would you mind sharing again?

Sander Van Vugt

Happy

well done ya muppet...

Thank you!

Gave +1 Rep to @flat sedge

Is there any kind of course out there that teaches you sys admin related things?