Personal computing discussed

Moderators: SecretSquirrel, notfred

 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 5:24 am

Hi guys I have a question which is not really related to technical stuff but I'd just need some advice from you guys. In these days I've been thinking about my future plans. Let me introduce myself first, my name is Stefano 20 years old from Italy even if I recently moved to Australia, I've done an high school in Italy to become an electro technician, but I just realized now that I like computer sciences much more, and when i worked as pc assistance I enjoyed it way more than my usual job, plus I've always been attracted and addicted to IT stuff.So I was thinking about changing my plan... In the past 2 years I've been independently studying and practicing cybersecurity on Kali Linux (pentesting, exploiting, backdoors, payloads, network security, bruteforce ecc... ) and Linux in general, so I would really like to start studying seriously on computer sciences , but since I don't really like programming I'd like to work on cybersecurity, but I have absolutely no clue about how hard is to get into this field and if it's worth it about the money(I don't really care about earning a lot of money, but I'd love to do a work that I like and at the same time earn decent amounts). So I'd really like to hear some opinions from you guys, even if you're not working on this field. And if it would be worth it to start studying seriously cybersecurity, would you advice me to start some courses? I'll soon move to Melbourne so I guess they could have valid courses, do you have any course to advice me? Ps : if you know some good book about cybersecurity that I could buy please let me know! PS :thanks a lot guys you are awesome! PSS: don't know if its the right section but i didn't found a proper one
 
Aranarth
Graphmaster Gerbil
Posts: 1103
Joined: Tue Jan 17, 2006 6:56 am
Location: Big Rapids, Mich. (Est Time Zone)
Contact:

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 6:53 am

Cyber security is being a window screen installer. No matter how well you seal the windows, flies always get in.
Or like building prisons, no matter how well you build it, you are still housing people with infinite time and the smarts to figure out ways to get out.

Cyber security is just the reverse, you have an almost infinite number a people, with a seemingly infinte amount of time and patience, with the smarts to try EVERY method to breach security. Often your weakest link is the boss' secretary who happens to know all his passwords because he can't be bothered to remember them himself.

I'd rather not have that job... :D
Main machine: Core I7 -2600K @ 4.0Ghz / 16 gig ram / Radeon RX 580 8gb / 500gb toshiba ssd / 5tb hd
Old machine: Core 2 quad Q6600 @ 3ghz / 8 gig ram / Radeon 7870 / 240 gb PNY ssd / 1tb HD
 
seankay
Gerbil First Class
Posts: 170
Joined: Wed Jul 20, 2016 5:43 am

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 7:57 am

Stefano, I think it is really brilliant as a field cause it is something which is continuously rising. I suggest you to check out this website (I discovered it six months back) and they have some great courses and resources which might help you out: https://www.infosecinstitute.com/
Though I'm not directly associated to this field but it definitely is something I am very much interested in!
 
DragonDaddyBear
Gerbil Elite
Posts: 740
Joined: Fri Jan 30, 2009 8:01 am

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 8:08 am

A degree is great for getting your foot in the door.  The way I view it is like this: the degree gets you past HR, your certifications get you an interview, your skills get you a job.  I strongly encourage you get a BS in something.  If you're smart enough for it, I suggest going computer science because it will open a lot of doors for you.  The other choice is going into system administration.  I also suggest working on the CEH (Certified Ethical Hacker) certification.  If you're REALLY into it, OSCP (Offensive Security Certified Personnel).  That's a PITA of a cert.  Those are good certifications to have when looking for work in the penetration testing field.   You can also start working on the CISSP now.  It's been said it's an "inch deep and a mile wide."  That's true.  Is the defacto cert, but it requires 5 years of proven experiance (otherwise it's an associate, not professional, until you get the experience). Regardless of the route you choose if have noticed the best security people tend to be the most well rounded.  Focus on a degree for now, worry about certifications after and just nerd out as much as you can in the mean time.
 
Glorious
Gold subscriber
Grand Admiral Gerbil
Posts: 10907
Joined: Tue Aug 27, 2002 6:35 pm

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 9:02 am

KnightyKnight96 wrote:
So I'd really like to hear some opinions from you guys, even if you're not working on this field.


A) It's the new hot buzzword thing in IT, so for the next 3-5 years there will be a lot of excitement about it.
B) Because it's so prominent, all sorts of applicants will be attracted to it.
C) Since it's new, there won't be a pre-existing pool of "credentialed"/"Qualified" people to fill those jobs, so they are very open to entry-level people who take a few classes. Which is a double-whammy, since most of the groups being formed to do it are likewise new. Thus, when the executive freshly charged to staff this group has to pick from experienced people who are interested in the general idea, those people are not "credentialed" and they also have an annoying tendency to say "no, are you stupid?" and "well, maybe, but did you consider A,B,C" whereas the new folks ARE credentialed and very eagerly say "Yes, Absolutely! My book tells me how to do that! Let's go!".
D) All these groups are therefore filled with inexperienced go-getters who, at best, fulfill their mandate of implementing cookie-cutter policies with good intentions, or, at worst, arrogantly break everything and look down on those dealing with the real world with disdain for being "insecure" and "obstinate".
E) The industry moves on, and the bad taste from the experience means that anyone with "cybersecurity" stint in their work history can either hope for it to fade into obscurity or try and avoid the stigma.

Rinse, Repeat. :(


My advice is to not chase after the buzzword of the day. Find something that you're good at in a field that interests you, and then try and become great at it.
 
Glorious
Gold subscriber
Grand Admiral Gerbil
Posts: 10907
Joined: Tue Aug 27, 2002 6:35 pm

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 9:06 am

Losergamer04 wrote:
I also suggest working on the CEH (Certified Ethical Hacker) certification. If you're REALLY into it, OSCP (Offensive Security Certified Personnel). That's a PITA of a cert. Those are good certifications to have when looking for work in the penetration testing field. You can also start working on the CISSP now. It's been said it's an "inch deep and a mile wide." That's true. Is the defacto cert, but it requires 5 years of proven experiance (otherwise it's an associate, not professional, until you get the experience).


I wouldn't waste any time or money on certifications like that. In a few years, as I said, hoping for them to be obscure/obsolete might be the better outcome.

Losergamer04 wrote:
Regardless of the route you choose if have noticed the best security people tend to be the most well rounded.


The best security people aren't working in "Cybersecurity" and they're either reluctantly "credentialed" or not credentialed at all.
 
DragonDaddyBear
Gerbil Elite
Posts: 740
Joined: Fri Jan 30, 2009 8:01 am

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 9:30 am

Certifications are a great way at gaining a baseline knowledge in a particular subject.  To me, they are a tool for learning.  However, they are perceived as valuable by employers, meaning they are worth perusing for a person who is trying to get a job.  Don't get me wrong, I've come across a lot of CISSP people who didn't know a damn thing.  I'm not condoning the certification wars that seem to be going on.  But they do have a purpose. The advice I gave was based on real experience from real employers.  It's what worked for me. 

Regarding the "best" people in cyber security: I think that's a very broad statement to make.  To clarify, when I said "well rounded" I was thinking of all IT, not security.
 
cheesyking
Minister of Gerbil Affairs
Posts: 2678
Joined: Sun Jan 25, 2004 7:52 am
Location: That London (or so I'm told)
Contact:

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 9:37 am

Losergamer04 wrote:
The other choice is going into system administration. 

This was my immediate thought, if you want to be a good poacher then it probably helps to have been a gamekeeper first. 

Security is about a lot more than just technical stuff and it would help to have worked at a few different places to you have some experience of how things are done in the real world. 

Degrees certainly help with interviews so time spent getting one isn't going to be wasted... you might even learn something useful too. I'm not sure what degree would be best especially if you're not that into programming but what a degree should give you is a solid base to build your actual skills on top of so maybe it's worth suffering the programming side of things to pick up the useful stuff. I did computer engineering rather than comp sci but I wouldn't recommend that route even though it was fairly light on programming (too much calculus, none of which I can remember).
Fernando!
Your mother ate my dog!
 
Glorious
Gold subscriber
Grand Admiral Gerbil
Posts: 10907
Joined: Tue Aug 27, 2002 6:35 pm

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 9:44 am

Losergamer04 wrote:
However, they are perceived as valuable by employers, meaning they are worth perusing for a person who is trying to get a job.


As a way to get your foot in the door, maybe. I think you might be better served by differentiating yourself in other ways, but yes, there is clearly some value as some employers are indeed looking for them.

As long-term qualification? No, I really don't think so. They don't age well at all, and after a certain period of time I routinely see people de-emphasizing or outright eliding that they ever had certain ones.

Losergamer04 wrote:
Don't get me wrong, I've come across a lot of CISSP people who didn't know a damn thing. I'm not condoning the certification wars that seem to be going on. But they do have a purpose. The advice I gave was based on real experience from real employers. It's what worked for me.


Perhaps it did, but overall it's not very beneficial to the industry at large as you even seem to acknowledge.

As I said, as an entry-level tactic it perhaps has some merit, but there are significant concerns, especially if you are personally paying for training/tests.

Losergamer04 wrote:
Regarding the "best" people in cyber security: I think that's a very broad statement to make. To clarify, when I said "well rounded" I was thinking of all IT, not security.


You can expand my statement that way as well, and I would hold to it just the same.
 
DragonDaddyBear
Gerbil Elite
Posts: 740
Joined: Fri Jan 30, 2009 8:01 am

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 10:00 am

Glorious, you seem to be picking appart my statements without actually contributing your own thoughts. We all have different views and opinions. I am giving my thoughts based on the current state of the industry that may help this person land a job, regardless if I agree or like it.

I would appreciate it if you would stop arguing with me on reply to the OP and just say you disagree.
 
cphite
Gerbil Elite
Posts: 952
Joined: Thu Apr 29, 2010 9:28 am

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 11:52 am

Glorious wrote:
Losergamer04 wrote:
However, they are perceived as valuable by employers, meaning they are worth perusing for a person who is trying to get a job.


As a way to get your foot in the door, maybe. I think you might be better served by differentiating yourself in other ways, but yes, there is clearly some value as some employers are indeed looking for them.


So basically what you're saying is what he was saying, but you disagree with him?  Honestly man, do you just argue for the sake of arguing or what?

As long-term qualification? No, I really don't think so. They don't age well at all, and after a certain period of time I routinely see people de-emphasizing or outright eliding that they ever had certain ones.


Which, again, is basically what people are saying.  They're a good way of making it known that you've at least put some time into the subject.  They do not, in and of themselves, make you an expert - but they mark you as someone who's at least studied the material.  

In terms of getting a job, they're something that a lot of employers look for; and having or more of them might get you an interview.  I don't see anyone suggesting that they're good for any long term purpose.

Losergamer04 wrote:
Don't get me wrong, I've come across a lot of CISSP people who didn't know a damn thing.  I'm not condoning the certification wars that seem to be going on.  But they do have a purpose. The advice I gave was based on real experience from real employers.  It's what worked for me.


Perhaps it did, but overall it's not very beneficial to the industry at large as you even seem to acknowledge.


The benefit they provide is twofold.  One, they give people who are interested in the industry a basic idea of what folks need to know; and two, they give employers an indication that the person they're talking to has actually spent some time learning about the subject.  The only real problem with them is that they're often perceived as indicating someone as an "expert" in something, which can lead to unrealistic expectations.  But there is nothing inherently wrong with certifications in and of themselves.

As I said, as an entry-level tactic it perhaps has some merit, but there are significant concerns, especially if you are personally paying for training/tests.

 

The same can be said about any education up to and including a college degree.  It can help you get a foot in the door, but it doesn't guarantee success, and at some point you have to consider the costs versus benefits.

For example, over the years I've worked with people who have higher degrees than I do, or who went to much more prestigious (read as "expensive") schools than I did, who ended up doing the same jobs I was doing for around the same money.  And, I've worked with people who didn't even go to college.  Does this mean college is worthless?  Heck no!  All it means is that college can be a useful stepping stone into a career, but it's neither a guarantee nor a necessity.  
 
Glorious
Gold subscriber
Grand Admiral Gerbil
Posts: 10907
Joined: Tue Aug 27, 2002 6:35 pm

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 12:15 pm

cphite wrote:
So basically what you're saying is what he was saying, but you disagree with him? Honestly man, do you just argue for the sake of arguing or what?


I'm sorry, what do you imagine you are doing right now with this particular comment, in all honesty? :roll:

---

OP was talking about "studying seriously" and "taking courses" for "Cybersecurity". That, to me, sounds like potentially paying money for yet another ephemeral certificate program that is provided with the guise of making people more amenable to employers. Which, oddly, is exactly how everyone responded: Look at these certs! :roll:

That is not "perusing" certificates, as Losergamer04 said. Nor is it necessarily a "degree" like Losergamer04 said, and if OP keeps emphasizing his repeated desire for "cybersecurity" but to avoid "programming" it almost certainly won't be.

But what falls into that niche, those cert programs, are a very bad deal, in my opinion, and the people who provide them are practically predatory in some cases. So, what? I can't provide some advice that might ward someone away from falling into that trap? Should everyone just cheer-lead certs because they might not be all that bad (which is curiously said mostly by those who have them?)

I also believe, as I said, that the cert-cult is bad for the industry. So, yes, I am opposed to them in general.

I didn't recommend going to college either, by the way, but you responded by invoking that as some sort of false equivalence. So, are you even arguing with me, or are you just inventing arguments now for the sake of arguing?
 
NovusBogus
Silver subscriber
Graphmaster Gerbil
Posts: 1270
Joined: Sun Jan 06, 2013 12:37 am

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 8:03 pm

I personally don't work in information security, but my take is that many of those that do are doing it wrong by focusing on big scary 'walls' rather than risk mitigation once someone inevitably gets through, and when that special someone blows the Internet sky-high in a few years the whole industry is going to experience a massive purge. So if you do it, make sure you understand where the real threats lie and how to deal with them--social engineering and the like--and not just be all ermagerd look at mah certs and mad nmap skillz, I'm toooootally down with guarding the keys to the kingdom.

Education wise, at least here in the USA a BS in something technical is more or less required to get past the HR robots. You'll also probably need to work helldesk for a few years because that's how most IT guys start out.
 
Airmantharp
Emperor Gerbilius I
Posts: 6126
Joined: Fri Oct 15, 2004 10:41 pm

Re: Help!Need some advice about cybersecurity work!

Tue Oct 25, 2016 11:45 pm

Aussies don't mind hiring foreigners/immigrants for their military, and cybersecurity is blowing up as a military career field- as an aside, you'll get certs (they'll pay for bootcamps and the like), and you'll be encouraged to work on your education.

If you're amenable (can at least pass the physical and are in shape/can get in shape), military training and service can be a great way to get experience and build a set of credentials, and can be helpful if you haven't yet gotten your citizenship (assuming that that's a goal).

Also, if you're doing more than basic IT and you're shying away from programming... you're in for a world of hurt. You can get your BS in anything related, just make sure you get a decent understanding of C++, Java, SQL, and scripting languages like Python and Visual Basic. You'll not likely be building applications, but you'll need to be able to understand how they work and how to string pieces of things together to accomplish various tasks.
Canon 6D|24-105/4L |70-300/4-5.6 IS USM|50/1.4 USM|50/2.5 CM|50/1.8 STM|85/1.8 USM|Samyang/Bower 14/2.8|24/2.8 IS|Sigma 150-600 | C
Canon EOS-M|11-22 IS|22/2|EF-M 18-55
 
juzz86
Gerbil First Class
Posts: 132
Joined: Thu Mar 28, 2013 5:37 am
Location: Australia

Re: Help!Need some advice about cybersecurity work!

Wed Oct 26, 2016 12:27 am

Agree with the good Airman above.

The ADF/DoD would be the quickest, easiest way to get into the field. You'll probably want the Signals Directorate

There's a very good chance they'll send you to ADFA for a Degree first. Assuming you pass you pay nothing for it, base salaries are generous and the benefits for military personnel in this Country are fantastic - having a lifelong best mate in the Air Force and a Cousin in the Army, they and their families are very well-kept. And rightly so, for the line of work. One of the few places I have no qualms sending my tax dollars :)

The minimum service duration for the ADF is usually four years. As Airmantharp stated, you'll need to be of good fitness to pass - you do the generic physical training regardless of discipline (with a few exceptions - I don't know about ASD).
7700K, 32GB, 980Ti, 960 EVO, PG278Q - DG-87
 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Re: Help!Need some advice about cybersecurity work!

Thu Oct 27, 2016 4:25 am

HI guys! Thanks for all the replies,ive been pretty busy at work the last days so i couldnt respond quickly,but with this army thing you kinda gave me a great option,but i don't actually know if is hard to get into the army...but that would be really awesome!Do you guys have any infos about it?
 
Airmantharp
Emperor Gerbilius I
Posts: 6126
Joined: Fri Oct 15, 2004 10:41 pm

Re: Help!Need some advice about cybersecurity work!

Thu Oct 27, 2016 8:03 am

KnightyKnight96 wrote:
HI guys! Thanks for all the replies,ive been pretty busy at work the last days so i couldnt respond quickly,but with this army thing you kinda gave me a great option,but i don't actually know if is hard to get into the army...but that would be really awesome!Do you guys have any infos about it?


Not being an Aussie myself (served in USAF), I don't have more suggestions than to start researching based on what you've been given above. In the US, you'd start with a recruiter- but a fair bit of warning, if the AU works anyway like ours, you're going to want to talk to people who do the job before committing, and you'll not want to visit a recruiter without getting a good feel for how all of this works. You may also want to seek out someone to visit a recruiter with, preferably someone who is serving or has served.
Canon 6D|24-105/4L |70-300/4-5.6 IS USM|50/1.4 USM|50/2.5 CM|50/1.8 STM|85/1.8 USM|Samyang/Bower 14/2.8|24/2.8 IS|Sigma 150-600 | C
Canon EOS-M|11-22 IS|22/2|EF-M 18-55
 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Re: Help!Need some advice about cybersecurity work!

Thu Oct 27, 2016 10:06 pm

Airmantharp wrote:
KnightyKnight96 wrote:
HI guys! Thanks for all the replies,ive been pretty busy at work the last days so i couldnt respond quickly,but with this army thing you kinda gave me a great option,but i don't actually know if is hard to get into the army...but that would be really awesome!Do you guys have any infos about it?


Not being an Aussie myself (served in USAF), I don't have more suggestions than to start researching based on what you've been given above. In the US, you'd start with a recruiter- but a fair bit of warning, if the AU works anyway like ours, you're going to want to talk to people who do the job before committing, and you'll not want to visit a recruiter without getting a good feel for how all of this works. You may also want to seek out someone to visit a recruiter with, preferably someone who is serving or has served.

Ye I definitely want to ponder cause it's a big change of path, and I also want to talk with someone who is already in.
I thought about taking some certifications first to have more chances to be taken, I've been advised these certifications :
1. CPTC – Certified Penetration Testing Consultant
2. CPTE – Certified Penetration Testing Engineer
3. CompTIA – Security+
4. CSTA – Certified Security Testing Associate
5. GPEN – GIAC Certified Penetration Tester
6. OSCP – Offensive Security Certified Professional
7. CEH – Certified Ethical Hacker
8. ECSA – EC-Council Certified Security Analyst
9. CEPT – Certified Expert Penetration Tester
 
Redocbew
Gold subscriber
Gerbil Jedi
Posts: 1600
Joined: Sat Mar 15, 2014 11:44 am

Re: Help!Need some advice about cybersecurity work!

Thu Oct 27, 2016 11:08 pm

What is it about programming that you don't care for?  I'm not sure security is going to be your field either if you don't want to deal with writing or investigating software.
Do not meddle in the affairs of archers, for they are subtle and you won't hear them coming.
 
yeti
Gerbil
Posts: 36
Joined: Sat Jun 06, 2015 10:23 pm

Re: Help!Need some advice about cybersecurity work!

Fri Oct 28, 2016 12:50 am

Another little hurdle for you will be the need to be an Australian citizen. Fortunately you don't need to give up your US citizenship, but I don't how long you'll need to wait.
Do your research! Possibly look at the equivalent in the US armed services (or NSA? don't know if they're military or not ) first, see if you can meet all the requirements then check the ADF/ASD requirements to see which ones are similar or don't need to be worried about.
 
Jigar
Maximum Gerbil
Posts: 4906
Joined: Tue Mar 07, 2006 4:00 pm
Contact:

Re: Help!Need some advice about cybersecurity work!

Fri Oct 28, 2016 1:38 am

I am from IT security field i suggest you do some digging about Web application firewall, they are all the rage today and its a recommended solution for any company/firm to mitigate DDOS/hacking/vulnerability exploitation attempts.

People doing research in this field are paid very well :wink:
Image
 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Re: Help!Need some advice about cybersecurity work!

Fri Oct 28, 2016 2:59 am

I said i don't like programming but im aware that i'll need a basic knowledge of java,php,python,Ruby Ecc... :)
 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Re: Help!Need some advice about cybersecurity work!

Fri Oct 28, 2016 3:00 am

Jigar wrote:
I am from IT security field i suggest you do some digging about Web application firewall, they are all the rage today and its a recommended solution for any company/firm to mitigate DDOS/hacking/vulnerability exploitation attempts.

People doing research in this field are paid very well   :wink:

Sounds a great tip,do you advice any book/course?
 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Re: Help!Need some advice about cybersecurity work!

Fri Oct 28, 2016 3:01 am

yeti wrote:
Another little hurdle for you will be the need to be an Australian citizen. Fortunately you don't need to give up your US citizenship, but I don't how long you'll need to wait.
Do your research! Possibly look at the equivalent in the US armed services (or NSA? don't know if they're military or not ) first, see if you can meet all the requirements then check the ADF/ASD requirements to see which ones are similar or don't need to be worried about.

I'm notfrom US Tho
 
yeti
Gerbil
Posts: 36
Joined: Sat Jun 06, 2015 10:23 pm

Re: Help!Need some advice about cybersecurity work!

Fri Oct 28, 2016 8:26 am

KnightyKnight96 wrote:
yeti wrote:
Another little hurdle for you will be the need to be an Australian citizen. Fortunately you don't need to give up your US citizenship, but I don't how long you'll need to wait.
Do your research! Possibly look at the equivalent in the US armed services (or NSA? don't know if they're military or not ) first, see if you can meet all the requirements then check the ADF/ASD requirements to see which ones are similar or don't need to be worried about.

I'm notfrom US Tho

Sorry my bad! We've plenty of Italians here(if you're Italian;-))
But as the other posters have mentioned programming seems to be needed. Try to speak to as many people as you can in the field in which you're interested in... PM those in this forum if they know the requirements(and if they invite you or you ask nicely of them), both the pieces of paper and the actual skill set they reckon you'll need in the career. (Even if the pieces of paper only apply within their country, at least you can then compare with what available in yours, which gives you an idea of what to aim for)......the skills will be universal, quite frankly they are what your immediate boss would be looking for in the job.
 
Crackhead Johny
Gerbil
Posts: 19
Joined: Thu Jan 24, 2002 7:00 pm

Re: Help!Need some advice about cybersecurity work!

Fri Oct 28, 2016 11:46 am

KnightyKnight96 wrote:
but since I don't really like programming I'd like to work on cybersecurity,

About that...
What do you mean by cyber security? DR/BCP, pentest, auditing, FW work, architecture, management, etc?
If you do pentest you will end up doing some work and it will really help if you can do some code/scripting. Heck even if you are a firewall guy being able to automate parts of your job is a really good thing.
As for infosec I have been doing it a long time in different ways. Get in where you can (probably help desk) and try to keep moving towards where you want to be.
A degree. Yeah, here in the US that is a good way to go into debt for life. HR likes a 4 year but beyond that they do not care what it is in or if it took 4 years. Find the fastest cheapest one you can if you care about this (remember IT and infosec move forward so fast that school learning tends to be very outdated). You are self study from here on out and you will be until you retire (or get replaced by a program)
Which will get you further: 4-5 years in college working on a compsci degree so you can go get a help desk job, 2-3 year in a help desk job with a 2 year technical degree,  or 2-3 years in help desk jobs and then 1-2 years in mid/top level support positions/specialties?
Working: Stay at jobs you like as long as you can afford to (starting out any step up will be a good step up). Always be looking for new jobs which are a step up until you get to where you want to be. I mean that on your first day at a job update your resume and get it back out there. Infosec pays well because it is mercenary. Network like a mother ****, your connections are your next jobs and important people take their best with them when they go someplace new.
Do not start a family until you can quit living the airplane lifestyle. Even settling down may be stressful to your partner(s) if they only see you 1-2 weekends per month... or once per quarter.
Certs: CISSP. You can only get this with 5 years experience so keep that in mind and do not talk to people who say they can get you one with 0 exp (get all the info you can from those people and report them to ISC^2). This is a management infosec cert and by that I mean, this will give you a broad enough understanding to understand what your people are talking about. After that HR doesn't know what the other infosec certs are. GIAC used to be great for people in the trenches until they removed the practical from their tests so that they could be boot camped/cram exam'd. For other certs if you need a prettier email sig, look at PMP, ITIL and other big certs. HR recognizes big certs even if they have no clue what they are. You can even consider getting a Must Consult Someone Else (arguable value). Also keep in mind that many big certs have annual fees and CPE requirements that you have to keep up with even if you are not working (if you are working get your employer to pay your fees and send you to training conferences each year).
 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Re: Help!Need some advice about cybersecurity work!

Sun Oct 30, 2016 1:03 am

yeti wrote:
KnightyKnight96 wrote:
yeti wrote:
Another little hurdle for you will be the need to be an Australian citizen. Fortunately you don't need to give up your US citizenship, but I don't how long you'll need to wait.
Do your research! Possibly look at the equivalent in the US armed services (or NSA? don't know if they're military or not ) first, see if you can meet all the requirements then check the ADF/ASD requirements to see which ones are similar or don't need to be worried about.

I'm notfrom US Tho

Sorry my bad! We've plenty of Italians here(if you're Italian;-))
But as the other posters have mentioned programming seems to be needed. Try to speak to as many people as you can in the field in which you're interested in... PM those in this forum if they know the requirements(and if they invite you or you ask nicely of them), both the pieces of paper and the actual skill set they reckon you'll need in the career. (Even if the pieces of paper only apply within their country, at least you can then compare with what available in yours, which gives you an idea of what to aim for)......the skills will be universal, quite frankly they are what your immediate boss would be looking for in the job.

Ye you're right! I already started with some programming and I'll study all the languages that I need (python, Php, Javascript, Ruby, c# ecc...) and meanwhile I'll try getting some certifications! Thank you!
 
KnightyKnight96
Gerbil In Training
Topic Author
Posts: 8
Joined: Tue Oct 25, 2016 5:06 am

Re: Help!Need some advice about cybersecurity work!

Sun Oct 30, 2016 1:07 am

Crackhead Johny wrote:
KnightyKnight96 wrote:
but since I don't really like programming I'd like to work on cybersecurity,

About that...
What do you mean by cyber security? DR/BCP, pentest, auditing, FW work, architecture, management, etc?
If you do pentest you will end up doing some work and it will really help if you can do some code/scripting. Heck even if you are a firewall guy being able to automate parts of your job is a really good thing.
As for infosec I have been doing it a long time in different ways. Get in where you can (probably help desk) and try to keep moving towards where you want to be.
A degree. Yeah, here in the US that is a good way to go into debt for life. HR likes a 4 year but beyond that they do not care what it is in or if it took 4 years. Find the fastest cheapest one you can if you care about this (remember IT and infosec move forward so fast that school learning tends to be very outdated). You are self study from here on out and you will be until you retire (or get replaced by a program)
Which will get you further: 4-5 years in college working on a compsci degree so you can go get a help desk job, 2-3 year in a help desk job with a 2 year technical degree,  or 2-3 years in help desk jobs and then 1-2 years in mid/top level support positions/specialties?
Working: Stay at jobs you like as long as you can afford to (starting out any step up will be a good step up). Always be looking for new jobs which are a step up until you get to where you want to be. I mean that on your first day at a job update your resume and get it back out there. Infosec pays well because it is mercenary. Network like a mother ****, your connections are your next jobs and important people take their best with them when they go someplace new.
Do not start a family until you can quit living the airplane lifestyle. Even settling down may be stressful to your partner(s) if they only see you 1-2 weekends per month... or once per quarter.
Certs: CISSP. You can only get this with 5 years experience so keep that in mind and do not talk to people who say they can get you one with 0 exp (get all the info you can from those people and report them to ISC^2). This is a management infosec cert and by that I mean, this will give you a broad enough understanding to understand what your people are talking about. After that HR doesn't know what the other infosec certs are. GIAC used to be great for people in the trenches until they removed the practical from their tests so that they could be boot camped/cram exam'd. For other certs if you need a prettier email sig, look at PMP, ITIL and other big certs. HR recognizes big certs even if they have no clue what they are. You can even consider getting a Must Consult Someone Else (arguable value). Also keep in mind that many big certs have annual fees and CPE requirements that you have to keep up with even if you are not working (if you are working get your employer to pay your fees and send you to training conferences each year).

Ye I think I'll learn to script to have a better knowledge of how program and databases actually works and to be able to script tools that might be useful to me, and I don't even know how to thank you for all the precious advices that you just gave me, I signed everything and I'll keep working hard to become a great pentester :D

Who is online

Users browsing this forum: No registered users and 10 guests