scasc wrote: » Best of luck with all endevours. Why dont you apply for his role and try be even more senior? if you really want to do the OSCP - great to do - but if you be even more senior - like a Director level for example, do you really need it? Unless you want to understand the intricacies and liaise with the techies. Ive noticed, certainly here in the UK, that to get the bucks, its more about strategy/risk/senior management than the Pen testing or other techie cyber fields - which is sad because they look so interesting and great to be involved with. Anyhow, let us know how you get on.
JoJoCal19 wrote: » Thanks guys! Part of why I was done with certs was the stress. I'm approaching the OSCP as a fun endeavor. I plan on having fun while learning and taking a laid back approach. That doesn't mean I won't dedicate a good bit of time to it, I just want the effort to develop organically and not force it. That's the difference in how I approach things nowadays. It would be great but, he's leaving due to the stress of his position. He is the Director and handles InfoRisk for the Insurance vertical for N/C/S America. I am responsible for one client in the Insurance vertical (their largest client period). I did help him with stuff for other companies he's responsible for, but it wasn't enough to keep him from being slammed. Besides that, I would want a 25% raise minimum to even consider it, and I would want to hire someone in my position to handle some of the easy but time consuming day to day tasks he was doing. But in general, as a Sr Manager already making into six figures, the extra time expenditure and stress isn't worth it at this point.
scasc wrote: » The painful joys of senior management - always has stress and time consuming as you have first hand experience. Yes I see your point - would have been nice to try going for it and developing your business case for the circa 20% raise and then have the authority to get 1/2 ppl to support you. What are your goals currently - I mean career wise? To continue as SM? Would you have done it if you had the raise?
veritas_libertas wrote: » Good luck!
DatabaseHead wrote: » I'm taking a single course through Stanford and it's killing me. I can't believe you are doing all those..... You are a beast.
JoJoCal19 wrote: » As I'm finishing up my PMP prep and getting ready to take the exam, I'd decided I was done with certs. Definitely any cert where you need to read and take a multi-choice exam for sure, but was thinking certs in general. Well last week my manager shocked me and told me he resigned, which really sucks for me. Aside from him being a great guy, awesome to work for, and someone who I've learned a lot from, he also paid for my CISM, CISA, CRISC, and now PMP that I'm about to take. So two things entered my mind, first, I want to make sure I have a solid out to our Cyber team if need be (or a new company/job) in case things go sideways in my current position, and second, I should see if he will cover one more cert before he leaves. So I decided OSCP was the perfect choice as it really accomplishes both. So last night I got fully registered for PWK/OSCP. I'm not going to approach this like most people and spend inordinate amounts of time on it each and every night. But I've got at least 2 solid hours a day minimum that I will put towards it. I've done a ton of research on the OSCP for years now and have a war chest of resources saved in OneNote. As well I have an entire shelf full of every well known pentesting/hacking books out there. Now it's time to put everything to use. My start date is September 2nd, which happens to fall on my favorite day of the year, college football kickoff day. The good thing about practical certs like this is that I can sit in front of my tv with my laptop and practice away. I guess you can consider this thread the lazy mans OSCP journey. Will I be successful? Time will tell. I'm pretty damn good at researching, and pick things up really quickly and easily when it's a practical matter, so I've got that going for me.
veritas_libertas wrote: » JoJoCal19: What exactly is a "Cyber" team?
Dr. Fluxx wrote: » Off topic...how difficult was the pmp?
JoJoCal19 wrote: » I know right, the awesome "Cyber" term everyone loves. In our case, our Cyber Security team encompasses security intelligence, event monitoring, SOC, DFIR, security analytics, Infra/App Sec, and vulnerability mgmt & pentesting. The last part is the area I'd love to move into. I work in IRM which is basically all of our GRC/Audit stuff. And specifically I am being billed out to a particular client-based cost center. The Cyber team is Corporate Security cost center.
JoJoCal19 wrote: » Actually looks like I have to hold off on my OSCP journey. Although my then manager approved the training, accounting kicked back my expense report and wanted different documentation than just the pdf invoice OffSec sends, and I had to edit and resubmit my expense report. Well that manager is no longer there and my new manager balked at approving my expense report for the training as it's not 100% directly related to my current position. Unfortunately all I can do is have OffSec refund my corp AMEX and pay for it myself. I don't really want to do that right now, so looks like I'm going to hold off on it for now. I'll take a look at it when I get my bonus early next year. So I guess no OSCP for me right now
m4v3r1ck wrote: » Yuck. Are the cyber jobs at your company remote? If so, I'd say you should still go for it. You never know if a new manager is going to make you want to jump ship.
ITSpectre wrote: » nahhh try harder.... You can still study the resources on the forum and then when you can take it you will already be ready to take the exam. There are plenty of resources that are available to study to prepare for the OSCP
JoJoCal19 wrote: » I actually plan on it. For now I'm focusing on Python and Linux for a few months. I've also got the eLearn PTPv4 course I'm going to go through as prep for the OSCP. I should be in great position to go for the OSCP after I get my bonus early next year.
