First InfoSec Job ! Thank you TechExams !

Hello,

First of all I would like to apologize for not being more active of this forum, even though I'm reading it daily; socializing in English is not my strongest.
So let's jump in ...
I would like to officially thank the TechExams community ! I found this forum when I was at a crossroads in my career and has helped me a lot since. Reading through almost every post and building on your advices and knowledge has helped me in finding a goal and finally achieving that goal. After only 2 years of IT experience, I've recently got my first InfoSec job, as a Vulnerability Assessment Engineer with a big company. I would like to give special thanks to YFZblu for his wonderful post on interview tips. I actually studied everything he said there before the interview

I know this is a tough field and many are struggling in finding a job. You should realize from the beginning that security is not an easy field and you have to do a lot of individual search and reading. In comparison with other roles, you have to stay current on a larger spectrum of technologies, as well as security trends, vulnerabilities etc. Every day you should read the latest news about technologies, security, vulnerabilities found and many more. Some say only this could be a full time job in itself. Nevertheless it pays to be informed at all times. Below are a few recommendations for anyone trying to enter this field, all based on my personal experience.

- Learn both Windows and Linux. Regardless of which you emphasize on, you should learn at least the foundations of the other one. You should have a basic understanding of both OS's security mechanisms and how they might behave given the same situation. Also knowing the pros and cons of using one over another helps a lot.
- Get a good understanding of TCP/IP. No matter what your role is, you need to know TCP/IP. By reading the exam objectives I think Network+ will suffice, however I recommend CCNA, as I feel it goes a little further. Anything above CCNA knowledge will most definitely help but it's not a requirement.
- Learn the basics of security. Either by studying for Security+ or individual reading from other sources. Read Hacking Exposed 7 . I highly recommend this book, it should be a requirement for any security oriented role (although I think everyone in IT should read it). The only caveat is that you should already know a few security concepts before reading it, as it might be hard to digest for a beginner. Don't worry if you need to read it twice, it will probably help you. Another book I found useful is The Basics of Hacking and Penetration Testing
- If you have the possibility and prefer a more structured approach you could sign up for a course. I've enrolled in PTPv3 by eLearnSecurity when it was released. Although I didn't go through their certification process, the knowledge accumulated from their course is very valuable, especially if your end goal is pentesting. You should benefit from it even if you don't want a pentest career. In the near future I plan on reviewing the material and start the certification process.
- Read blogs, research papers etc. Daniel Miessler's blog is very useful, especially his post on InfoSec Interview Questions.
- Never stop reading / learning. I can't remember if I read it here or heard it from a training video but there's a quote I came to love. "Luck is what happens when preparation meets opportunity." by Seneca.
- There's probably more but this is all I can think of right now.

Thank you again and good luck to you all !

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

Khaos1911

congrats!

the_Grinch

Congrats! As a side note, I find your English to be pretty good.

zxbane

Congrats and great advice for others as well.

Snow.bros

Congratulations!!!

JoJoCal19

Congrats on the new role!

MeanDrunkR2D2

Congratulations, and as others have stated, your English is very good. I know many native speakers who cannot write English as well as you do.

Master Of Puppets

That's awesome! Congrats!

5502george

Sweet! Congrats.

JasminLandry

Congrats on the new role!

anoeljr

Congrats on the new job! Hope you find it fulfilling!

joneno

Congrats and good luck on the new job.

Danielm7

Congrats! I'm starting my first full infosec position next Friday too, very excited. There really are a lot of great renounces on this forum. The threat you linked in your post is one of the ones I went over here, very helpful.

Another thing I have posted here before, but is worth repeating. Be very aware of the current big, public secure threats in the news right now. I went to my final interview a few weeks ago, less than 2 weeks after ShellShock hit the news. They told me they were also trying to also hire a Sr level security analyst. They asked him about current threats, big things in the news, anything interesting, etc? He was currently working as a Sr Security engineer too, he had never even heard of it, and at that point it was already on Yahoo and CNN, so "normal person" news. They said it just showed a general lack of passion or ability to keep up on current trends in your career.

colemic

Congrats to both of you on your new positions!

coffeeluvr

Congratulations!

Itrimble

Congrats on the new position.

MSP-IT

I came to say that I was also impressed by your English speaking ability, but it looks like it's been said a few times already.

Congrats on the new job!

Zoovash

Thank you a lot! This is a great community to be a part of.
Most of my English speaking / writing fear comes from the fact that I never really had to use it

But that's all going to change now, since my manager / teammates are not locals.

UnixGuy

Congrats! That's what I want to do, I want out of the sysadmin hell!

LinuxRacr

Congrats, and thanks for the nuggets of info!