Offered a threat hunting job - double my salary but ...
CyberCop123
Member Posts: 338 ■■■■□□□□□□
I've been offered a job as a Threat Hunting manager ... it's a new team in a very big company which is based in 8 countries. There will be about 4-5 people under me.
Im really worried I may be under qualified. Mainly as:
- I've never used any SIEM tools
- never worked in any soc environment
- never worked as a threat hunter
- never done malware analysis other than some basic stuff in my own time
my experience is within digital forensics and incident response.
The job description does say other stuff like Python which I've used a fair bit, forensics which I have done, some pen testing (I have oscp but never used these skills outside of labs).
Am i just lacking confidence?
Or am I setting myself for failure?
Im really worried I may be under qualified. Mainly as:
- I've never used any SIEM tools
- never worked in any soc environment
- never worked as a threat hunter
- never done malware analysis other than some basic stuff in my own time
my experience is within digital forensics and incident response.
The job description does say other stuff like Python which I've used a fair bit, forensics which I have done, some pen testing (I have oscp but never used these skills outside of labs).
Am i just lacking confidence?
Or am I setting myself for failure?
My Aims
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
Comments
-
PCTechLinc Member Posts: 646 ■■■■■■□□□□It is quite possible that you are short-changing your skillset based on your self evaluation. What I always go back to is comparing my skills to the job description, and if I have been completely honest with the company about the skills I have. If I tell them what I CAN do and what I CANNOT do but can learn and they STILL offer me the position, then I don't see a problem.Master of Business Administration in Information Technology Management - Western Governors University
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College -
TLeTourneau Member Posts: 616 ■■■■■■■■□□There was a reason they offered you the position. If you were straight forth with your CV and interviews I would trust that they want you. Also, a management position contains more, well, management and that may be a reason you were selected.Thanks, Tom
M.S. - Cybersecurity and Information Assurance
B.S: IT - Network Design & Management -
DatabaseHead Member Posts: 2,754 ■■■■■■■■■■That's the best part of IT, is the gaps and trying to make them up. I have never felt comfortable transitioning to a new role, and quite frankly I like that. Get's me going.....
My first database job I was a complete joke.... I thought I was going to get fired, come COLA time I got a 5.5% for my effort and how fast I grew. Like others have mentioned if you were honest, you are fine.
You'll be fine..... -
mikey88 Member Posts: 495 ■■■■■■□□□□"If you think you can or if you think you can't, you're probably right".Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux
-
josephandre Member Posts: 315 ■■■■□□□□□□literally the only part of that that sounds like it will be remotely challenging is the malware analysis part, and that will come with exposure and time.
take it, enjoy the first few months of getting comfortable and congrats on your efforts bearing fruit. -
UnixGuy Mod Posts: 4,570 ModIt will take some time to catch up with the SIEM tool they use but it's not super challenging really. You said it's a multi-national company, so you'll probably have a chance to work with your colleagues on some of the problems initially just to get your hands wet.
Take it and learn as you go, you have OSCP, Digital forensics, incident response, you're not a beginner -
volfkhat Member Posts: 1,072 ■■■■■■■■□□"If you think you can or if you think you can't, you're probably right".
^^ Yep
https://en.wikipedia.org/wiki/Impostor_syndrome
^^ or maybe this :P -
LionelTeo Member Posts: 526 ■■■■■■■□□□I can see why you feel that you wouldn't be able to do it due to your background. What is the impression of the culture of the new firm? The culture is more important as your hiring manager should understand the situation with your background and give you time to pick it up. Secondly, why do you think that they hire you over other candidates? I think it is necessary for you to evaluate this, there may be rare cases whereby the manager purposely hires a wrong candidate due to competition reasons, deliberately setting up the department to fail so to secure jobs for their own department.
After considering the culture and the hiring reason, you should prepare for the move to the new team. You shouldn't worry threathunting or technical aspects of the work. As a manager, you should be thinking about ideas and asking for feedbacks from people under you. Think of ways to ask for advice from the team, engage with them and help build the culture with constant communication and casual chats. People come to work for a living, getting them into casual conversations before and after any serious discussion can help to bring up the culture. Try to rethink the approach as in driving up the culture and how you will be getting the best ideas to drive threathunting. Lots of googling for threathunt frameworks help. Communicate the idea with the team and move forward with the best one. -
E Double U Member Posts: 2,233 ■■■■■■■■■■CyberCop123 wrote: »
Am i just lacking confidence?
Or am I setting myself for failure?
Both, but I think you should still do itAlphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
McxRisley Member Posts: 494 ■■■■■□□□□□Stop second guessing yourself, you never will get anywhere by doing that. In fact, you are already the best threat hunting manager that company has ever seen, hell, maybe even in the entire world ( see what I did there). Man up, embrace the challenge and profit.I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.