Just received a job offer for a Security Analyst position

aspiringsoul

I applied for a Security Analyst position a few months ago, and I had almost forgotten about it before being contacted a few weeks ago. I was asked to perform an nmap scan on a "Test" web server of the organization and to report my findings. I submitted the report.

After a few phone calls and an assessment test, I just received the job offer today.

Benefits will cost more, but the Salary increase makes it worth the expense.

I'm expecting a counter-offer from my current employer....we''ll have to see how that goes. They have expressed interest in having me perform Vulnerability assessments/penetration testing for the company...

The opportunity seems to be in line with my career goals, so I'm inclined to accept it, but I think a potential counter-offer might give me pause...

renacido

aspiringsoul wrote: »

I applied for a Security Analyst position a few months ago, and I had almost forgotten about it before being contacted a few weeks ago. I was asked to perform an nmap scan on a "Test" web server of the organization and to report my findings. I submitted the report.

After a few phone calls and an assessment test, I just received the job offer today.

Benefits will cost more, but the Salary increase makes it worth the expense.

I'm expecting a counter-offer from my current employer....we''ll have to see how that goes. They have expressed interest in having me perform Vulnerability assessments/penetration testing for the company...

The opportunity seems to be in line with my career goals, so I'm inclined to accept it, but I think a potential counter-offer might give me pause...

Just an nmap scan, no pentest? Bah!

Just kidding, congrats on the job offer.

Make sure you research the company extending the offer. It might make the decision easier one way or the other.

Khaos1911

Congrats!

I'm in a similar situation, just got offered a senior analyst position in InfoSec with a gov't contractor, but I don't feel like I'm totally ready. I've used certain IPS/IDS and wrote rules, but never to the extent they are looking for. So I'm definitely hitting the books and my lab trying to get up to snuff. They extended a verbal offer and it'd be a 19.95% salary increase, I'd only work about 10 mins (more like 8 mins) from my home (currently 30-35 mins from current job), benefits are decent, but what really has me excited is getting involved with more technical things and new technologies that I just can't do at my current company and it'd take forever to become a senior Analyst there, the senior guys at my current spot have been in those positions atleast 10+ years and I can tell they aren't going anywhere. My biggest fear is day 1 expecting to be the know it all "super expert" and being embarrassed that I'm not. I interviewed well and told the truth in both my interviews, so....Anyway, leaving the comfort of the familiarity of my current employer is really tough, but I know it's time.

aspiringsoul

I can relate to you Khaos. I just earned the CEH at the end of April, and I have absolutely no experience with performing penetration tests/vulnerability assessments outside of a lab environment.

The opportunity that I'm facing is this...take a Security position with a firm that specializes in Information Security, or stay with a Consulting firm and possibly have the opportunity to be the "Go to Security" guy. I would essentially be the first Consultant to conduct Penetration Tests/Vulnerability assessments for the firm....at least that's the impression that I have so far. My current employer has treated me very well, and I really like my boss. That's what makes this a difficult decision for me, but I know that I have to make the best decision for my career.

Congrats on your passing the CISSP by the way!

Mike-Mike

look at this KY success, nice

I say take the new role. I rarely have faith in what a company promises you will get to do at some point

renacido

Are you guys sure of what your duties at your prospective new jobs will be?

I'm a Sr Security Analyst at a mid-size company. Security Analysts in the common infosec definition are doing day-to-day traffic analysis to monitor for intrusions, event correlation/triage, intrusion/malware analysis, incident response, security assessment/audit/testing, vulnerability management, etc. For the most part it is Blue Team network defender stuff, the penetration testing they do is on their own network, client systems, app servers, etc to identify and prioritize vulnerabilities, insecure architecture, and other deficiencies they need to address.

Danielm7

aspiringsoul wrote: »

The opportunity that I'm facing is this...take a Security position with a firm that specializes in Information Security, or stay with a Consulting firm and possibly have the opportunity to be the "Go to Security" guy. I would essentially be the first Consultant to conduct Penetration Tests/Vulnerability assessments for the firm....at least that's the impression that I have so far. My current employer has treated me very well, and I really like my boss. That's what makes this a difficult decision for me, but I know that I have to make the best decision for my career.

I think you should take the new job. You'll be in a security firm, which means you'll be surrounded by higher level security people and always learning from them and growing. If your current job even gets around to offering security services and makes you the "go to guy" you'll likely never have any guidance from anyone higher than yourself. I know that means you can make all your own decisions, but you also won't have anyone there to tell you that you're doing the wrong thing either, growth in situations like that can be very difficult as you have no one around you to bounce ideas off of.

JoJoCal19

Take the new job. Accepting any counter offer from your existing firm, especially on the hopes of things that they promise you, has more of a chance of not ending well, than working out. Besides, if you're interested in security then you need to take the offer with a company that specializes in security as you will have much more potential for growth in security there. Learn as much as you can and master your job, and then move into another role there, or move up and on.

scaredoftests

Take the new job! Since your old job knows that you were looking, things will be odd. Congratulations!!

the_Grinch

Yeah, do not take the counteroffer it was bite you in the end. Especially when your company doesn't currently offer the service. There is nothing to stop them from saying they performed a business analysis and found that the ROI would not be there. In the past, when I worked at an MSP, they were more apt to hire outside the company then to put the time in for someone within the company to learn the trade.

Khaos1911

renacido wrote: »

Are you guys sure of what your duties at your prospective new jobs will be?

I'm a Sr Security Analyst at a mid-size company. Security Analysts in the common infosec definition are doing day-to-day traffic analysis to monitor for intrusions, event correlation/triage, intrusion/malware analysis, incident response, security assessment/audit/testing, vulnerability management, etc. For the most part it is Blue Team network defender stuff, the penetration testing they do is on their own network, client systems, app servers, etc to identify and prioritize vulnerabilities, insecure architecture, and other deficiencies they need to address.

This.

It sounds like you are reading the job description of the Senior position I have verbally accepted. I'll be doing "traffic analysis to monitor for intrusions, event correlation/triage" mostly, but I'm just nervous. I've been with the same company for many years and have only been in infosec for about three (and some change) of those and to have already been offered a Senior level role has me feeling insecure as fudge. I know it's just the thought of change that has me wondering...but I fully believe in myself when it come to getting up to speed on everything I'll need to know.

I think what threw me off was the hiring manager mentioned the other senior guys tend to act like they know everything and that nobody is good enough to work with them and they are tough on interviewees. I'm ok with that, let me at them.

tmurphy3100

Just curious what type of role were you in before? I am trying to figure out the stepping stones to get into a Security Analyst position.

Levithan

So does this mean since I know how to use Nmap I can be a security analyst too?

Congrats BTW!

renacido

Khaos1911 wrote: »

This.

It sounds like you are reading the job description of the Senior position I have verbally accepted. I'll be doing "traffic analysis to monitor for intrusions, event correlation/triage" mostly, but I'm just nervous. I've been with the same company for many years and have only been in infosec for about three (and some change) of those and to have already been offered a Senior level role has me feeling insecure as fudge. I know it's just the thought of change that has me wondering...but I fully believe in myself when it come to getting up to speed on everything I'll need to know.

I think what threw me off was the hiring manager mentioned the other senior guys tend to act like they know everything and that nobody is good enough to work with them and they are tough on interviewees. I'm ok with that, let me at them.

My advice:

1. Brush up on Blue Team skills, incident response, malware analysis, common exploits (top 10-15 CVE's and how they work, CVSS).

2. Do some good labbing at home: packet analysis with Wireshark; set up some snort rules and then run some scans and attacks and look at the alerts; set up Metasploitable and do some vulnerability scans against it with metasploit.

3. Read up on the current threats. Consume threat intelligence daily, spend 30 minutes reading about what attackers are doing, what their targets and tactics are, etc. The company hiring you may be a likely target of APT's or specific attacks (IP theft, banking trojans, PII theft, DOS, political hacktivism, cyber warfare, etc).

Ask smart questions at your next interview. What do they use for SIEM or log aggregation/retention? What is their IPS/IDS tool of choice? What do they have deployed for endpoint protection? Then study up on their toolset.

Good luck

aspiringsoul

The position basically entails conducting Vulnerability Assessments /Penetration Tests and then writing reports to provide to Senior Management, Board of Directors, etc...

They asked me a lot of security/networking questions, and they liked the fact that I have experience with Nessus.

The CEH and the fact that I'm enrolled in a MS:ISA program were probably what gave me a competitive advantage. The CEH doesn't get a lot of love on these forums (and I understand why), but I do feel that it did help me land the offer.

aspiringsoul

tmurphy3100 wrote: »

Just curious what type of role were you in before? I am trying to figure out the stepping stones to get into a Security Analyst position.

My first position was a Network Administrator role, my current is a Technology Consultant.

The Security+ is a good first step for you. If you're considering an online Masters in Infosec program, I would recommend taking a look at Dakota State University and Western Governors University's programs.

I highly recommend going for the CISSP once you meet the requirements.

aspiringsoul

renacido wrote: »

My advice:



1. Brush up on Blue Team skills, incident response, malware analysis, common exploits (top 10-15 CVE's and how they work, CVSS).

2. Do some good labbing at home: packet analysis with Wireshark; set up some snort rules and then run some scans and attacks and look at the alerts; set up Metasploitable and do some vulnerability scans against it with metasploit.

3. Read up on the current threats. Consume threat intelligence daily, spend 30 minutes reading about what attackers are doing, what their targets and tactics are, etc. The company hiring you may be a likely target of APT's or specific attacks (IP theft, banking trojans, PII theft, DOS, political hacktivism, cyber warfare, etc).

Ask smart questions at your next interview. What do they use for SIEM or log aggregation/retention? What is their IPS/IDS tool of choice? What do they have deployed for endpoint protection? Then study up on their toolset.

Good luck

Thank you for your input!

renacido

aspiringsoul wrote: »

The position basically entails conducting Vulnerability Assessments /Penetration Tests and then writing reports to provide to Senior Management, Board of Directors, etc...

They asked me a lot of security/networking questions, and they liked the fact that I have experience with Nessus.

The CEH and the fact that I'm enrolled in a MS:ISA program were probably what gave me a competitive advantage. The CEH doesn't get a lot of love on these forums (and I understand why), but I do feel that it did help me land the offer.

If someone actually masters the skills and knowledge of the CEH curriculum and doesn't just study to beat the exam they're well equipped to identify and analyze 99.9% of vulnerabilities and security weaknesses that are exploited. The problem with CEH is there's no lab portion for the exam.

Mike-Mike

aspiringsoul wrote: »

The CEH doesn't get a lot of love on these forums (and I understand why), but I do feel that it did help me land the offer.

This is the most important thing. I thought studying for CEH was disappointing, but hey, if you learned something, and more importantly, it helped you get a job, then that is a good cert

MrPieMan82

Ask when they need the answer by. If you don't get the other offer by then, accept. If the other offer comes afterwards, quit and take that job.

Tyb

I would take the new job and congrats on it. I interviewed last week for a Security Analyst position, I thought the interview went well just a waiting game now.

TheFORCE

Take the job, not the counter offer. Unless they give you a really sweet deal.

aspiringsoul

Tyb wrote: »

I would take the new job and congrats on it. I interviewed last week for a Security Analyst position, I thought the interview went well just a waiting game now.

Good luck to you! Hope you get it!

The funny thing was, the person that I interviewed with is a graduate of WGU's MBA program.

anoeljr

aspiringsoul wrote: »

Good luck to you! Hope you get it!

The funny thing was, the person that I interviewed with is a graduate of WGU's MBA program.

How cool is that? Things always happen for a reason.

Cyberscum

aspiringsoul wrote: »

The opportunity seems to be in line with my career goals

Accept without hesitation and never look back.

Mike-Mike

So it's been a few weeks, how do you like the new gig?