Having a rough time...

si20si20 Senior MemberPosts: 471Member ■■■■□□□□□□
I went from a SOC job paying 40k, to a 18k digital forensics job to being unemployed. What a year it has been. And to make matters worse, I keep getting lied to and strung along by potential employers. These past few weeks, i've had the following happen:

  • I went to an interview with a multi-national company for a linux interview. I'm doing my Linux+ right now so I was really enthusiastic. When I got there, the guy said "we've called you in about your security knowledge, not really Linux. Anyway..." and went on a 20 minute rant about how I didn't have any infrastructure skills but my security would be of use. He *promised* to call me and 2 weeks later - he hasn't.
  • I applied for an IT Admin role - looking after servers etc temp contract paying a high salary. I passed the two interviews only to be told the project was on hold. Damn.
  • I applied again to the company who had the IT Admin role, only this time for another role they had. I was told it was an IT Management role - managing a group of 8 users - job done. Easy. I get on the phone with them and get the following scenario question: "We have a large printer in the office and it has broken. The 3rd party supplier has been out but cannot fix it, they refuse to help. What would you do?" - owch. Stinger of a question, right?? What would I do. The office printer is broken and 3rd party support wont help? Erm. Well, you're a billion dollar company. So I said: "You'll have to purchase another one and install it ASAP, get the order placed as an emergency and assign a member of the team to set it up". No. The answer the interviewer was looking for was ".....just send the prints to another printer". icon_rolleyes.gif Wow. I was furious. What a stupid, stupid question. The interviewer didn't tell me there was two printers and didn't answer any questions I had.

Following on from my last bullet point. Fast forward to today. They invited my to my 2nd and final interview for the IT Manager role. The interviewer asked me another scenario question: "You have one member of staff manning the 8pm til 8am shift. He calls in sick at 12 mid day. What would you do?" I said: "Are the other members of the shift available?". His response: "I don't know, you're the manager, what would you do?" I then said: "Well i'd call up the other members of the shift team and ask one of them to cover just this once and assure them that it wont happen regularly". The answer he said he wanted: "You cover it."

This guy.....frustrated me. I felt like the trick questions were condescending and quite dumb. None of the IT Managers i've worked for knew how computers work; let alone enough to do a 12 hour shift on them that wasn't their shift to do. So anyway, after the interview, I ask one of the guys what happened with the IT Admin role I applied to. He said that the project was cancelled. Nice. I didn't get an email or a call - I had to ask, in person, after applying to a SECOND job with this company.

If I get offered that role. I'm going to refuse it. I just thought i'd put this thread out here. Even if no one reads it, when I do get a job I can look back and remember the struggle i've gone through.
«13

Comments

  • mzx380mzx380 ITIL, ACA, CCNA, Linux+, VCP-DCV, PMP, PMI-ACP, CSM New YorkPosts: 453Member ■■■■□□□□□□
    We've all been there my man. Just don't lose hope and keep improving yourself during this difficult period and before you know it, you will look back at this moment with satisfaction

    Here is what I went through in 2016 as well if it will help:

    http://www.techexams.net/forums/jobs-degrees/123500-my-whirwind-year-things-i-learned-2016-a.html
    Certifications: ITIL, ACA, CCNA, Linux+, VCP-DCV, PMP, PMI-ACP, CSM
    Currently Working On: Microsoft 70-761 (SQL Server)
  • eric.thomaseric.thomas Posts: 12Member ■□□□□□□□□□
    What did you do in the SOC?? So are you looking to get into Linux now??
  • si20si20 Senior Member Posts: 471Member ■■■■□□□□□□
    Thanks mzx, I appreciate it. Hopefully something will come up before Christmas. Such a bad time to be unemployed.
    What did you do in the SOC?? So are you looking to get into Linux now??


    Reviewed alerts, ran reports etc I hated working in a SOC and struggled to leave because 99.9% of the skills aren't transferable to any other field of IT (depending on what you do in a SOC of course). No i'm looking to get into a Windows-based role. I'm just doing the Linux+ because I like Linux and was curious to learn more about it.
  • RemedympRemedymp Posts: 834Member
    We will be hiring in the UK in a few weeks.
  • DatabaseHeadDatabaseHead CSM, ITIL x3, Teradata Assc, MS SQL Server, Project +, Server +, A+, N+, MS Project, CAPM, RMP Posts: 2,469Member ■■■■■■■■■□
    Part of being in IT. I remember being off work 4.5 months then another stretch of 2 months. It can get rough I know.

    Like others have mentioned keep your head up you'll get something.

    This is actually a good thing, once you get a gig you'll appreciate it so much more.

    Agree bad time to be unemployed, if you don't get something early December, brace yourself for a January job. Most people don't hire in December, budgets are depleted and lots of VACA being used.
  • NavyMooseCCNANavyMooseCCNA CCNA R&S, ITIL, Security+ ZZ9ZZAPosts: 543Member ■■■■□□□□□□
    Good luck securing a new job! Employers have no respect for people going through their hiring process anymore. I really dislike the answer the "manager" was looking for when he said for the manager to work the shift of the guy who called in sick.

    'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil

  • shochanshochan Senior Member Posts: 850Member ■■■■■□□□□□
    Have you ever thought of opening your own biz? Maybe being networking road warrior of sorts?
    OR https://www.mturk.com/mturk/welcome
    Have you contacted all your local headhunters in your area? Craigslist, local paper, or publishings in the help wanted sections...Hell, try Uber if available. I have restaurant/bar experience, so if times ever got really bad for me, I could go to a local pub and work.
    2019 goals -> CySA+ (Sept)
    "It's not good when it's done, it's done when it's good" ~ Danny Carey
  • No_NerdNo_Nerd Posts: 168Banned
    Been there ....

    On a positive note you have OSWP, OSCP those have to help right? Like shochan said why not open your own cyber gig ?
  • gespensterngespenstern Posts: 1,243Member ■■■■■■■□□□
    Oh, boy. I don't remember already did I advise not to leave the SOC position you absolutely hated but still it was a job that paid money with lots of free time that could be spent on getting certs. And now you are looking for pretty much anything like "IT manager" which for me would be even worse than any SOC position I could imagine.

    Again, I would advise against as it will be a gap in your security job history that will be painful to explain down the road. I wish you hadn't left but now I think it would be beneficial to still stick to security if you feel that it's a career you want to pursue.
  • RepliconReplicon Posts: 124Member ■■■□□□□□□□
    Its a tough position, but hang in there and don't loose hope, I know it easier said than done but just apply to other positions, study if you can in meantime or start new cert just to keep your mind away and keep an eye on the email, an offer will pop up ;)
  • PJ_SneakersPJ_Sneakers CompTIA, EC-Council, ISACA, (ISC)², Microsoft USAPosts: 879Member ■■■■■■□□□□
    Can you go back to the SOC? Even part time?

    Part-time work you dislike is better than no-time work.
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Posts: 3,985Mod Mod
    Wish you the best of luck. With your credentials maybe a pentesting role?
    Goal: MBA, March 2020
  • Russ5813Russ5813 Posts: 123Member ■■■□□□□□□□
    That company seems like they lack self-awareness with respect to what it takes to lead people. I suppose it'd be a paycheck, at least, but I hope you find something better soon. Are there any small businesses in your area that could use some IT/Security consulting?
  • OctalDumpOctalDump Posts: 1,722Member
    It does sound like a bad run. I don't think you should second guess your decisions, from your other posts they seemed like the right thing to do at the time.

    I have a thought about how you can handle those questions. If you give a whole bunch of different options, like "I'd get them to print to a different printer in the office, or if they can't change this, I'd change their default print queue. I'd assess the impact, and if I am authorised and it is financially justified by the productivity loss, I'd buy a new printer for the duration (£30?), or if it is available, I'd use a third party print service (this might be a good option if it is an expensive printer with special features), or I'd escalate up my management chain for authorisation. Or if available, I'd take a spare printer from the IT departments disaster recovery stock, or I'd go home and get my printer to keep running." A shotgun approach can make it more likely that you hit the "right" answer, but also shows that you can think of alternative courses of action, perhaps some that the interviewer hasn't thought of, and that you are focussed on resolving the issue appropriately (within whatever policy or procedural limitations they have).

    But that comment on the staff member calling in sick, that's a crazy solution. Totally insane. If the organisation is vaguely mature, they'd have a process in place for this already. It's not like people calling in sick is some rare, fanciful event. I'd expect that they'd have a designated "on call" back up person.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • YkguyYkguy Posts: 6Member ■□□□□□□□□□
    Not trying to be judgmental but I think the questions were designed for logical thinking. For example, the printer scenario is pretty obvious. You don't just run out and buy another printer. A billion dollar company surely has procurement standards and likely a standing offer contract with a printer vendor. If you worked in a corporate environment, the easy and quickest solution is to send print jobs to another printer. Buying one will stay take a few hours to buy and install etc.

    Secondly in regards to coverage, i would have answered something like " I will cover it myself and when I have a moment, I will call staff to bring someone in etc." That way you are showing customer service and not creating more delays by calling others first. You may not be able to do much but you at least you are trying. Maybe they are getting a perception that you don't do menial jobs so maybe that's why they passed on you. Maybe try not to overthink it next time.
  • tmtextmtex Posts: 326Member
    I have been playing this game for almost a year and a half. Pass HR phone screens, they say your the best ever, never hear another word. recruiters are the worst, worse then used car salesmen. They will send you out on interviews that you have no business being there, they fail to tell you that you need to know this, have X years of experience in this/that and your embarrassed during a panel interview being ripped to shreds.
    I don't understand the Phone screen other then basic screening or salary, but the full interview ???
    I have also dealt with the trick "what would you do in this situation" but fail to give more details
    Just today I did a HR phone screen. She loved me. She made the comment of OK you "seem like that perfect fit" I will pass you on to Joe the hiring manager and he will be calling you next week, will you be open ? I will never hear another word, Joe wont call/email.
    Many more examples I could give

    As far as a rough time, I was making 107K now at 54K. I have the ex wife paying the electric bill (I am the custodial parent)
  • DatabaseHeadDatabaseHead CSM, ITIL x3, Teradata Assc, MS SQL Server, Project +, Server +, A+, N+, MS Project, CAPM, RMP Posts: 2,469Member ■■■■■■■■■□
    I'm thankful for the position I have, post like this humble me.....
  • skswitchskswitch Posts: 50Member ■■■□□□□□□□
    si20 wrote: »
    I went from a SOC job paying 40k, to a 18k digital forensics job to being unemployed. What a year it has been. And to make matters worse, I keep getting lied to and strung along by potential employers. These past few weeks, i've had the following happen:
    • I went to an interview with a multi-national company for a linux interview. I'm doing my Linux+ right now so I was really enthusiastic. When I got there, the guy said "we've called you in about your security knowledge, not really Linux. Anyway..." and went on a 20 minute rant about how I didn't have any infrastructure skills but my security would be of use. He *promised* to call me and 2 weeks later - he hasn't.
    • I applied for an IT Admin role - looking after servers etc temp contract paying a high salary. I passed the two interviews only to be told the project was on hold. Damn.
    • I applied again to the company who had the IT Admin role, only this time for another role they had. I was told it was an IT Management role - managing a group of 8 users - job done. Easy. I get on the phone with them and get the following scenario question: "We have a large printer in the office and it has broken. The 3rd party supplier has been out but cannot fix it, they refuse to help. What would you do?" - owch. Stinger of a question, right?? What would I do. The office printer is broken and 3rd party support wont help? Erm. Well, you're a billion dollar company. So I said: "You'll have to purchase another one and install it ASAP, get the order placed as an emergency and assign a member of the team to set it up". No. The answer the interviewer was looking for was ".....just send the prints to another printer". icon_rolleyes.gif Wow. I was furious. What a stupid, stupid question. The interviewer didn't tell me there was two printers and didn't answer any questions I had.
    Following on from my last bullet point. Fast forward to today. They invited my to my 2nd and final interview for the IT Manager role. The interviewer asked me another scenario question: "You have one member of staff manning the 8pm til 8am shift. He calls in sick at 12 mid day. What would you do?" I said: "Are the other members of the shift available?". His response: "I don't know, you're the manager, what would you do?" I then said: "Well i'd call up the other members of the shift team and ask one of them to cover just this once and assure them that it wont happen regularly". The answer he said he wanted: "You cover it."

    This guy.....frustrated me. I felt like the trick questions were condescending and quite dumb. None of the IT Managers i've worked for knew how computers work; let alone enough to do a 12 hour shift on them that wasn't their shift to do. So anyway, after the interview, I ask one of the guys what happened with the IT Admin role I applied to. He said that the project was cancelled. Nice. I didn't get an email or a call - I had to ask, in person, after applying to a SECOND job with this company.

    If I get offered that role. I'm going to refuse it. I just thought i'd put this thread out here. Even if no one reads it, when I do get a job I can look back and remember the struggle i've gone through.


    This scenario is what scares people into staying into same position for years. But that's not you. You took a chance and went for it. Good on your part. Things don't work out 100% of the time. And that's okay.

    The resume grind sucks. We all been there. If it was easy then everyone would do it. Cliche, I know but its true. Best thing you can get out of it is the experience of what worked and didn't. Revamp your resume with a different look can help and also keep you bit busy. Have any certifications you are working on? Books to read? I'm sure there is loads of recommendations at this site. Create a virtual environment and start labbing. Create a blog that shows what you learn that day which later on you can show to employers. Hone your present skills in or work on new ones.

    The wait for replies is the worst. Not knowing if you even didn't get the job. Try and use that time effectively though. I been in that spot before for almost year and it takes a toil on your mental state as well. Being proactive will only help that as well as better chances of getting that offer letter.

    Stay in the fight. You got this!
    [FONT=&quot]
    [/FONT]
    "Anybody can feel good when they have their health, their bills are paid, they have happy relationships – anybody can be positive then. Anybody can have a larger vision then, anybody can have faith under those kinds of circumstances. The real challenge of growth-mentally, emotionally, and spiritually-comes when you get knocked down. It takes courage to act. Part of being hungry when you’ve been defeated… it takes courage to start over again." [FONT=&quot]Les Brown[/FONT]
  • ArchonArchon Posts: 180Member ■■■□□□□□□□
    Recruiters can't find enough good SOC guys at the moment. I know as I've just accepted a new roles and i hear it quite a lot when i get calls. Surely focusing on that will get you a job pretty quick.
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Posts: 1,892Member ■■■■■■■■□□
    Wow, I thought with an OSCP a security job be fairly easy to get. Do you live in a small city not in commuting distance to larger cities?
    Still searching for the corner in a round room.
  • Mike7Mike7 Posts: 1,062Member ■■■■□□□□□□
    Any plans for pen testing roles given your OSCP? If you obtained your OSCP within the past 3 years, you can convert it to CREST CRT.
  • brewboybrewboy Posts: 66Member ■■□□□□□□□□
    No. The answer the interviewer was looking for was ".....just send the prints to another printer".

    so you were to assume this wasn't done already and people were not printing AT ALL for a day or two? LOL
  • joemc3joemc3 Posts: 141Member ■■■□□□□□□□
    In regards to the printer question you have to answer open ended questions with open ended answers. I would have said this.

    In that scenario I would have said this! In the short term either print to another printer or check to see if we have a spare. Long term, I would check contractual terms with 3rd part vendor and warranty information.
  • TampaITTampaIT Posts: 7Member ■□□□□□□□□□
    Sorry to hear the unfortunate season you're having.
    But it's just that, A SEASON, and it shall pass.

    With you're OSWP and OSCP certs, I do find the hardship disturbing.
    What's going on over there in the UK?!

    I work in a SOC on quite a few different client SIEM's (McAfee ePO, NSM, ESM, Cisco IME and IBM QRadar to name a few) for a MSSP.
    My salary here in Tampa, Florida is just below 60K, FYI.
  • si20si20 Senior Member Posts: 471Member ■■■■□□□□□□
    Thanks guys - you're all awesome. Definitely cheered me up reading this. And guess what - I actually got a one day contract today (ok not perfect, but it's something). And there's a story to it. I was tasked with being "support" to a server engineer. The job was urgent, so I got there ASAP and asked for their IT team. They didn't have an internal IT team, just one guy who acted as IT Support. I asked if he could ping the server once we got it up and running. He didn't know what ping was. That should have been an indicator for what was about to happen!

    Anyway, we get this huge blade server to the rack and find out the rails are too big for the rack. The server does, however, fit flush without it. The server engineer i'm supporting was another contractor and after we put the server on the rack, he left for the day, thinking our job was done. Soon after, I left too. But I felt like something wasn't right. Had everything been checked? He was the senior engineer for the day, so I had placed my trust in him.

    Anyway, 45 mins later, i'd just returned home and get a call asking for me to return to site: there isn't any connectivity. Seeing as I was just the support, I tried calling the main server engineer - nothing. Voicemail. Damn! So I called the project manager, voicemail. This is bad. Anyway, I opened the original project-spec email, studied it as if I was studying the OSCP again (read everything 10x over) and managed to patch the blade server into the correct switch which had been set up on specific VLANS, got in touch with the wintel team who tested connectivity from his end and finally called it a day (that's the short version, anyway. A lot more happened, but it'd take too long to explain). I was quite proud of myself because I was there for basic support and ended up doing the entire thing myself.

    Right, now for an update on the job situation. I remembered the old saying "it's not what you know, it's who you know". So it got me thinking, who do I know and how can they help? So I got in touch with a pen-tester friend of mine who works for a very well respected company. He recommended me and they sent me a bunch of IP addresses to attack. I didn't manage to "pop" any of them but I did manage to get a lot of enumeration done. I wont lie - I am very rusty: I passed the OSCP 2 years ago now. But from what I hear, they aren't too concerned with the full exploitation, they're more concerned with your thought process, as they can teach the rest. I'm hoping for a call back hopefully before or shortly after the festive period and I can start working as a penetration tester. In the meantime, i'll continue studyig the MTA Server Fundamentals course because I genuinely think it's an essential course for anyone and everyone who isn't already an expert in servers and I will start labbing with pen-testing and get back into that mindset. I have a feeling that I will get some good news with this one! *fingers crossed*
  • PJ_SneakersPJ_Sneakers CompTIA, EC-Council, ISACA, (ISC)², Microsoft USAPosts: 879Member ■■■■■■□□□□
    icon_thumright.gif Great news!
  • CptFalconCptFalcon Posts: 19Member ■□□□□□□□□□
    Here's what you can say when you don't know something in an interview, "My previous employer has not dealt with that level of support/technology." This gives you a good cop out and assigns the blame on your previous employers instead of laying it on you.

    Otherwise you can say, "I've not used that (done that) support (or used that technology) but I am willing to learn and can apply myself to solve the issue."

    You got certs, that means you're willing to better yourself. You got a degree; this also means you are trainable and you're willing to tough it out.

    Like I'm going through in my thread, keep at it! You'll find something.

    And yea, go and talk to the people in your network. Don't rely on recruiters, their job is to get commission for placing people.

    If you want to end with a bang, ask this; "What is your most memorable experience with the company?" The point of this question is to get them sell themselves to you, not just you to them.

    At the end of the interview, you can also say this; "Have I answered all your questions satisfactorily? If you have any other questions, please feel free to reach out to me." It helps.

    Hope this helps.
  • JoJoCal19JoJoCal19 California Kid Posts: 2,779Mod Mod
    Good luck si20!!!
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • si20si20 Senior Member Posts: 471Member ■■■■□□□□□□
    An update on my situation: I had an interview today. I can't say too much about the employer because they're easily identifiable and i'd like to keep my cards close to my chest. Basically, it was for a Senior IT Tech role - i'll be managing servers and doing desktop support with the odd bit of networking (my ideal role really). The interview had no technical questions and I was asked "unusual/odd" questions such as: "If you have a budget of 50k, what would you do with it?" - I guess they wanted to see my logic and planning. I *feel* like i've done very well. I'll find out the result on Monday. I suspect i'm up against around 10-12 other people. Fingers crossed!
  • jeremywatts2005jeremywatts2005 CySA,S+,A+,N+Cloud+,MSDFS,MSMISSM Posts: 340Member ■■■■□□□□□□
    Why not apply at a company like Optiv/Fishnet or Trace Security. They are always hiring pen testers and the like. You will have to do some travel but the money is there. I would get out there hustling even if it was a travel job to get me by until something better comes along. If you want a recruiter who recruits for Optiv to help you get in. I have a contact I can give you. I also know of some recruiters that are UK based hiring for Dubai and other locations for infosec if you are interested let me know.

    BTW the question you got asked about covering a shift was a legit question. If someone calls in you have to own that shift. Just hope two people don't call in. I have had that happen before as a shift lead and I had to do my role and their role. It was not fun at all. That is why in a SOC you have to be able to operate and work every tier below the one you currently work. I see guys come into security and they can do the role they were hired for but are clueless on how to do the roles below them. When I was doing digital forensics I had to do every role in the SOC from monitoring, analytics, IR and so on.
Sign In or Register to comment.