How to Get Experience In IT Security

Remedymp

Just saw this in my inbox: How To Get Experience IT Security for those trying to get into security. Figured someone here could benefit from this.

NavyMooseCCNA

Thank you for sending this out!

Hammer80

This would be great to watch but sometimes I wonder if they even think about their audience when they schedule these things. How the hell is anybody who is working at 10:00am PT on a Tuesday supposed to watch this, this falls between the most common working hours. I hope they throw this webinar on youtube so the rest of us can actually watch it.

Danielm7

Hammer80 wrote: »

This would be great to watch but sometimes I wonder if they even think about their audience when they schedule these things. How the hell is anybody who is working at 10:00am PT on a Tuesday supposed to watch this, this falls between the most common working hours. I hope they throw this webinar on youtube so the rest of us can actually watch it.

Most work related webinars seem to fall during work hours for me. I just schedule it and watch it at work. I have more trouble watching things like this after work, hah. Obviously not everyone's workplace is the same, your mileage may vary, etc.

Moldygr33nb3an

I love Keith Barker. I have a CBT subscription so I wonder if I have to sign up for this.

NetworkNewb

Hammer80 wrote: »

This would be great to watch but sometimes I wonder if they even think about their audience when they schedule these things. How the hell is anybody who is working at 10:00am PT on a Tuesday supposed to watch this, this falls between the most common working hours. I hope they throw this webinar on youtube so the rest of us can actually watch it.

I don't know why, but I feel like almost every webinar I watch is at this time. I assume they want try and hit most people in the US while they are during their lunch and that fits the most people's lunch hour? (10am PT being the earliest of course) I hate it at this time myself, but just because I don't want to watch it during my lunch. I live in central time zone. The other webinars I usually try and watch are at this exact same time... They have a recording people can watch though. So not a huge deal. Guessing CBTnuggets might have a recording of it after as well.

Here is the other webinars I try to watch, if anyone is curious:
https://www.beyondtrust.com/resources/education/webinars/

EANx

10am Pacific time is about as close as it gets to being perfect. That time is equal to:

1pm Eastern: Hey boss, taking a late lunch today
Noon Central: Regular lunch hour
11am Mountain: Hey boss,taking an early lunch today

In addition:

6pm in the UK
7pm in Central Europe
8pm in Eastern Europe

Really, the only people it's not convenient for are those on the U.S. west coast (and those who have very strict lunch hour scheduling).

cbtnuggets

Thank you all for your interest in the "How to Get Experience In IT Security" webinar tomorrow! If you register for the webinar, you will receive an email with the recording after the webinar is complete. It will also be available on blog.cbtnuggets.com tomorrow afternoon.

Remedymp

cbtnuggets wrote: »

Thank you all for your interest in the "How to Get Experience In IT Security" webinar tomorrow! If you register for the webinar, you will receive an email with the recording after the webinar is complete. It will also be available on blog.cbtnuggets.com tomorrow afternoon.

It's good to see you post here!

Remedymp

No one attended this??

Hammer80

If you registered for it and missed they sent you a link to watch it at your own leisure. I watched it and it sucks, all it talks about is how to get interested in security and which certs to get. Ok the fact that i am already watching the damn video means I am interested in security, now what I need and was hoping this video would provide is how the hell do I get security experience that I can actually put on resume and use during interviews for a job. We all know that experience is king, but good luck if you are trying to get your first security job with no prior experience, more and more employers are not willing to teach anybody anything they just want somebody with experience right from the start so how do i get that smart guy.

EANx

Current experience plus home-lab? This isn't 20 years ago where in order to get firewall experience, you had to buy a Pix. Nowadays, you can get all sorts of appliances to add into a virtual environment, which makes them perfect for learning at home. Want to learn Splunk? There's an appliance and a free trial. Want to learn ASAs? Same.

These days, you can simulate both sides of the WAN, inject latency, use traffic generators to create different types of traffic and monitor and filter. You can even build out virtual storage in addition to the ESXi. All on a home desktop (just not an i3 with 8 GB RAM).

cyberguypr

I can't stress enough the value that labbing brings to the table, especially if you lack formal info sec experience. In my last round hiring for an entry level security analyst I think only one guy was able to speak to stuff he had labbed. Many claimed to have a lab but when we pressed for details virtually everyone just said "oh, I run Kali on Virtualbox". 99% could not talk about a single tool other than NMAP. If you can tell me how you set up your lab and what you did with it, you will come out looking real good.

p@r0tuXus

https://blog.cbtnuggets.com/2017/01/how-to-get-experience-in-it-security/The link can be found here:

markulous

cyberguypr wrote: »

I can't stress enough the value that labbing brings to the table, especially if you lack formal info sec experience. In my last round hiring for an entry level security analyst I think only one guy was able to speak to stuff he had labbed. Many claimed to have a lab but when we pressed for details virtually everyone just said "oh, I run Kali on Virtualbox". 99% could not talk about a single tool other than NMAP. If you can tell me how you set up your lab and what you did with it, you will come out looking real good.

Yeah, if I was looking for a junior analyst and they said they have a firewall/router that they (somewhat) configured and had syslogs going to Splunk and could tell me a couple of pieces of security software they run, I'd probably be running to HR, high-fiving everyone on the way, telling them to hire the guy. None of that is overly complicated or costly.

ITBot

I'm taking notes on what to setup at home now, thanks @cyberguypr and @markulous!

Danielm7

markulous wrote: »

Yeah, if I was looking for a junior analyst and they said they have a firewall/router that they (somewhat) configured and had syslogs going to Splunk and could tell me a couple of pieces of security software they run, I'd probably be running to HR, high-fiving everyone on the way, telling them to hire the guy. None of that is overly complicated or costly.

Hah, true!

Offtopic

Keith is a very smart guy who has contributed a lot to InfoSec. This presentation, however, was a dud. It was meant for people who are thinking of moving into this field and not for those who already are studying and actively looking for infosec jobs.