IT Certifications and Careers (Official Discussion Thread)

Sane · Aug 31, 2022

JT-Money said:
I've worked in several but those jobs stink and are mostly outsourced to the lowest bidder these days. There are a ton of free or cheap training resources out there. Or you can just download trial versions of SIEM software and install it on a home lab setup. I frankly would only do this type of work for a few years and then get out. The turnover rate in these type of jobs is through the roof.

Qradar101 | Blue team challenge.

Qradar101 is a blue team lab that falls under the Threat Hunting category, and will cover the following subjects: SIEM, Threat Hunting, IBM, QRadar

cyberdefenders.org

19 CURATED HANDS-ON LABS FOR THE JUNIOR SOC ANALYSTS TO HELP YOU STAND OUT IN AN INTERVIEW

You have conquered the CompTIA Security+, and now you are starting the job hunt. You are worried that you have no idea how to use SOC Analyst tools or what they are. This article will cover the top tools used in the SOC and places to get hands-on experie

www.thecyberunion.com

Splunk Boss of the SOC

Splunk Boss of the SOC

bots.splunk.com

Free and Affordable DFIR and Cybersecurity Training

Free and Affordable Training Resources with a Focus on DFIR / Blue Team. Digital Forensics, Incident Response, Malware Analysis, OSINT, Programming, Linux, and more.

training.dfirdiva.com

Damn is it that bad. :lupe:

I'm looking to get into cybersecurity, I thought SOC would be good entry point.
what didn't you like about SOC jobs?

Illmagic · Aug 31, 2022

KageDaBeast said:
@Illmagic I haven't gotten a SOC role, really just helpdesk like ya self, but check out this YouTube channel https://youtube.com/c/TechTualChatter. I follow breh on Twitter, he pretty much went from the helpdesk to NOC and then SOC.

You can VMware workstation pro to have multiple VMs at home, but that can get pretty costly with RAM, memory etc. You could get a cheap desktop and use that as a server and then join all your laptops / other devices to that server. Suricata is a free option you could install, and you could even use Linux Server for your desktop.

You in school? At my community college, we have to take this work based learning class where we work with local companies on something dealing with/in our major & they were able to find me this Technology Support Specialist role at a local school, where I'm doing repairs, monitoring all devices on their network, training employees on cybersecurity, plus other little (free) projects I can think of.

Thanks Im def gonna check that channel out. Nah not in school anymore. I went years ago.

JT-Money · Aug 31, 2022

Sane said:
Damn is it that bad.
I'm looking to get into cybersecurity, I thought SOC would be good entry point.
what didn't you like about SOC jobs?

Most companies with a SOC don't know what the fukk their doing. You end up staring at the same alerts everyday and performing the same repetitive tasks over and over.

These companies aren't going to make any real changes to secure the environment. And will task the SOC with the impossible task of stopping every attack. Despite the fact nobody else in the company could give a shyt about security. You'll mostly end up on an island with no real resources or power in the organization. Working yourself to death for people who will turn around and blame you when they get owned. Plus they don't usually pay shyt.

StretfordRed · Aug 31, 2022

Currrently doing forensics consulting for a major big player company, it’s and these places aren’t all what they’re drummed up to be.

I think I’m going back to a smaller focused company. Experiences some racism and shytty managers too. They definitely don’t make the place hospitable.

I been talking to a few guys and gals who left and complained about the cliques and they have similar issues.

Another huge issue of cliques in cyber security are military cliques. Dudes be cramming chats with stories of military gigs and people outside
Of the US/military circle are just like :unimpressed:

Anyway, CV freshened. Time to get interviewing again

Mirin4rmfar · Sep 2, 2022

Sane said:
Damn is it that bad.
I'm looking to get into cybersecurity, I thought SOC would be good entry point.
what didn't you like about SOC jobs?

Here is my perspective, you get in where you can man. I have been working in a soc for close to 4 years now. It was the best move for me because I lacked experienced. I was rejected a million times before I landed a soc role(senior role at that).

If you want to work in a SOC, find a big MSSP. They manage fws, endpoints, ips and perform security analyst etc. for hundreds of clients. and have the manpower. You see so many issues and change request that you get lots of exposure. They will also pay for your certifications so you can take advantage and move on.

********************************************

I would not work at so and so companies soc unless it is a major company like AT&T, Verizon etc. You need manpower, these smaller companies dont have it so they outsource it to MSSPs. It's impossible to know everything. Some clients I talk to, they do it all with and when shyt go wrong, they are under stress by upper management. They don't give a shyt you exist until shyt goes wrong and don't see the hundreds of issues you have resolved.

My only complaints has been rude clients but I have only had to deal with that like 3-4 times. The other thing is Customer Success Managers and PMs can be a pain in the ass when clients call them. They put unnecessary pressure on technical resources.

Company I work is moving away from that side of the business but it was a good experience for me. A lot of people have moved on some technical work, some project managers, some become risk management , sales engineer, systems engineers etc. lol who knows where I will end up but I dont want to be in the soc forever :mjlol:

. There is this team all they do is pull reports from clients, go over their vulnerabilties, tell them this is their most critical, do some research online and go home n fridays at 2:00, 3:00 pm lol. So they Cyber Security doesn't have to be stressful.

*************************************

Unfiltered · Sep 3, 2022

JT-Money said:
Most companies with a SOC don't know what the fukk their doing. You end up staring at the same alerts everyday and performing the same repetitive tasks over and over.

These companies aren't going to make any real changes to secure the environment. And will task the SOC with the impossible task of stopping every attack. Despite the fact nobody else in the company could give a shyt about security. You'll mostly end up on an island with no real resources or power in the organization. Working yourself to death for people who will turn around and blame you when they get owned. Plus they don't usually pay shyt.

Also some of them use custom software so you're not even learning anything like wireshark which is crucial, SOC is a dead end job.

Alvin · Sep 4, 2022

Anybody here do COBOL? Heard they are in demand now

JT-Money · Sep 4, 2022

stick2dascript67 said:
Also some of them use custom software so you're not even learning anything like wireshark which is crucial, SOC is a dead end job.

The only reason these companies create a SOC is due to cyber insurance mandates. If not for that they wouldn't even bother.

Why a SOC Has Become a Top Requirement for Cyber Insurance

A SOC is now becoming a top requirement as the cyber insurance bubble is fading away.

www.cyrebro.io

Truefan31 · Sep 6, 2022

So a family member is about to graduate with an undergraduate in cybersecurity. Any ideas on the best paths for him?

Sonny Bonds · Sep 6, 2022

Truefan31 said:
So a family member is about to graduate with an undergraduate in cybersecurity. Any ideas on the best paths for him?

Did he do any internships?

Truefan31 · Sep 7, 2022

Sonny Bonds said:
Did he do any internships?

He hasn’t yet. He’s still about a year away from graduating. Just trying to help fam out with the best path. I know a degree isn’t the end all be all in the IT world but maybe he can get his foot in the door somewhere and start getting certs?

He’s kinda tryin to figure out the best path. He’s young (22). He even thought about the military after college and/or getting security clearance.

Any ideas on possible internships?

Mirin4rmfar · Sep 7, 2022

Truefan31 said:
He hasn’t yet. He’s still about a year away from graduating. Just trying to help fam out with the best path. I know a degree isn’t the end all be all in the IT world but maybe he can get his foot in the door somewhere and start getting certs?

He’s kinda tryin to figure out the best path. He’s young (22). He even thought about the military after college and/or getting security clearance.

Any ideas on possible internships?

He should apply for internships. I would aim for companies like Deloitte, KPMG, PWC, McKinsey, Bain, EY, Accenture, Booz Allen Hamilton, Amazon, Google etc. The key is to give yourself the best career start possible with companies where there will be lots of growth potential and ability to move around. At least that's what I would do if I was fresh out of college now that I know better

Also, he can look into cyber security development programs.

Cyber Security Development Program Associate - 2023 at Capital One - US

Learn more about applying for Cyber Security Development Program Associate - 2023 at Capital One - US

www.capitalonecareers.com

These programs are typically 3-4 years. If he is agressive, get all the key certs while in the program by 26 he can hit six figures easy. They key is to start at good companies.

Honestly, even if he has to start at a smaller company, by year 1, I would have aimed for the companies above.

Truefan31 · Sep 7, 2022

Mirin4rmfar said:
He should apply for internships. I would aim for companies like Deloitte, KPMG, PWC, McKinsey, Bain, EY, Accenture, Booz Allen Hamilton, Amazon, Google etc. The key is to give yourself the best career start possible with companies where there will be lots of growth potential and ability to move around. At least that's what I would do if I was fresh out of college now that I know better

Also, he can look into cyber security development programs.

Cyber Security Development Program Associate - 2023 at Capital One - US

Learn more about applying for Cyber Security Development Program Associate - 2023 at Capital One - US

www.capitalonecareers.com

These programs are typically 3-4 years. If he is agressive, get all the key certs while in the program by 26 he can hit six figures easy. They key is to start at good companies.

Honestly, even if he has to start at a smaller company, by year 1, I would have aimed for the companies above.

That’s great info appreciate it. I take it most of these companies out there have a cybersecurity internship/development program to get in the door?

Slic Ric · Sep 7, 2022

Why are recruiters (not even actual client) HELL bent on video calling recruits? :mjpls:

Obreh Winfrey · Sep 7, 2022

Slic Ric said:
Why are recruiters (not even actual client) HELL bent on video calling recruits?

Where they do that at?

IT Certifications and Careers (Official Discussion Thread)

More options

Sane

All Star

Qradar101 | Blue team challenge.

19 CURATED HANDS-ON LABS FOR THE JUNIOR SOC ANALYSTS TO HELP YOU STAND OUT IN AN INTERVIEW

Splunk Boss of the SOC

Free and Affordable DFIR and Cybersecurity Training

Illmagic

Pro

JT-Money

Superstar

StretfordRed

Afro-European

Mirin4rmfar

Superstar

Unfiltered

The Dan Bongino Show (Mon. – Fri. 12p-3p ET)

Alvin

Superstar

JT-Money

Superstar

Why a SOC Has Become a Top Requirement for Cyber Insurance

Truefan31

Superstar

Sonny Bonds

Superstar

Truefan31

Superstar

Mirin4rmfar

Superstar

Cyber Security Development Program Associate - 2023 at Capital One - US

Truefan31

Superstar

Cyber Security Development Program Associate - 2023 at Capital One - US

Slic Ric

All Star

Obreh Winfrey

Truly Brehthtaking