Requesting Infosec Career Advice
andy_is_happy
Registered Users Posts: 2 ■□□□□□□□□□
I have ~5 years IT experience and currently hold a level 2 systems support position at a medium sized company. I’ve come to the conclusion that continuing down the Microsoft path toward system support/administration does not make me happy and no longer appeals to me. I am now trying to define a new path to a career that I can truly be passionate about and enjoy.
I have always had a broad interest in information security but I have never been able to define a specific role to pursue. This is where I hope someone can give me a little guidance. In no particular order are a few items I find very interesting: Open-source intelligence, link-analysis (Maltego), operations security, cybercrime and threat research. After searching job boards for these terms I have found roles similar to threat intelligence analyst. This seems like an awesome position but in no way am I close to qualified. Are there similar or junior positions in this area? What other positions should I look at and consider working towards? Any advice for progression in this area?
Any advice would be greatly appreciated. Thank you!
I have always had a broad interest in information security but I have never been able to define a specific role to pursue. This is where I hope someone can give me a little guidance. In no particular order are a few items I find very interesting: Open-source intelligence, link-analysis (Maltego), operations security, cybercrime and threat research. After searching job boards for these terms I have found roles similar to threat intelligence analyst. This seems like an awesome position but in no way am I close to qualified. Are there similar or junior positions in this area? What other positions should I look at and consider working towards? Any advice for progression in this area?
Any advice would be greatly appreciated. Thank you!
Comments
-
Cyberscum
Member Posts: 795 ■■■■■□□□□□
Join the Air/Army/Navy in an Intel Analyst position with an IT specialty. You will get the training and certs you need to kick ass in the civilian world....
That's the quickest way I can think of -
ramrunner800
Member Posts: 238
In the environment I work in the way onto the threat intel team is through excelling as an intrusion analyst in the SOC. A position like this gives you an understanding of attacker TTP's that is the knowledge base that lets you start doing the intel side of things. Certs like OSCP can also help with developing this knowledge.Currently Studying For: GXPN
-
andy_is_happy
Registered Users Posts: 2 ■□□□□□□□□□
Thank you very much for your replies. Getting my foot in the door at a SOC seems to be my next logical step. Does anyone have any suggestions on what I should focus on obtaining(knowledge, certification, etc.), preferably through self-study, in order to have a chance at a level 1 analyst job in a SOC? Thank you again for your advise.
-
SaSkiller
Member Posts: 337 ■■■□□□□□□□
At a minimum you need to demonstrate an understanding of computer security, network attacks and defense.
The Sec+ you have is good, i'd look at the CEH and see if you can combine it with a CPT challenge. While you are studying, keep wireshark open and view your attacks across the network. After you get your certs, i'd look into getting into security onion. Utilize the knowledge you have learned and play your attacks against a target in a network protected by SO, and analyze the alerts. Then go to some known malicious websites and do the same thing. Learn snort signatures. If you can figure out how to represent this on your resume, and talk about it in an interview, you should have no issues.OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.