Information security professionals - Please help me gain escape velocity
Kapital
Member Posts: 33 ■■□□□□□□□□
Braintrust
Please help me gain escape velocity from my Tech Support past.
I worked for a very broad role for almost 15 years for one organization. The job was primarily tech Support (My job title was technical Support Analyst) but also involved Networking very heavily. However I never asked them to change the title.
The job also involved lot of Systems Adminstration. - Again I never requested a title change.
later on it also ivolved network Security, Physical security and Information Security. Sadly I left the job with same title - technical Support Analyst and am paying the price now.
I have lots of Cybersecurity certifications Sec+/CCNA+CCNP (security)/CISSP / Cyber Ops etc. so getting past HR is not a problem for me. As I got a nice package, I used it to bulk up on picking several other skills, hands on experience and vendor certifications. I am labbing heavily to get lot more knowledge in the areas where I think I am weak..
I have just started testing waters by submitting resumes. I am not in a hurry to pick up any job but ideally would prefer a hybrid job involving 60% GRC and 40% technical in a bank or similar large prganization.
The response has not been exactly earth shattering as I had expected. I have applied to several jobs but received few interviews so far from the financial institues that I want to work for. The cyber security employers seem to be very picky about specific skills. The interviewers focus on what I have done rather than what i can do or know. I have been involved with cybersecurity for 9 years, covered lot of ground but never deep dived into any one speciality - examples Governace or penetration testing involving hundreds of coputers or not having worked on Fortinet, palo Alto Firewalls (only worked on cisco asa), no hands on expereince with DLP, Never written long TRA reports etc. Cybersecurity was a component of my job not the entire job. And its becoming a serious stumbling block.
I have been told that not having Security in last job title is going to be a problem. And having technical support in title will reduce my chances even further.
So I am in a pickle now and need advise as to how do I fix the following two problems:
1. Job title not relecting cyber, Network or information security at all.
2. Lack of intense, in-depth technical and non technical experience
Should I pick up any security related job for short term contract and forget about getting a plum position for now? Doing so will mean I will lose out on employment insurance benefits. and most likely it will be a SOC based depressing job with lower income than what I had hoped for.
Or should I keep on trying for another month or two before chalking up plan B and what would that be?
What would you do if faced with a similar situation?
Please help me gain escape velocity from my Tech Support past.
I worked for a very broad role for almost 15 years for one organization. The job was primarily tech Support (My job title was technical Support Analyst) but also involved Networking very heavily. However I never asked them to change the title.
The job also involved lot of Systems Adminstration. - Again I never requested a title change.
later on it also ivolved network Security, Physical security and Information Security. Sadly I left the job with same title - technical Support Analyst and am paying the price now.
I have lots of Cybersecurity certifications Sec+/CCNA+CCNP (security)/CISSP / Cyber Ops etc. so getting past HR is not a problem for me. As I got a nice package, I used it to bulk up on picking several other skills, hands on experience and vendor certifications. I am labbing heavily to get lot more knowledge in the areas where I think I am weak..
I have just started testing waters by submitting resumes. I am not in a hurry to pick up any job but ideally would prefer a hybrid job involving 60% GRC and 40% technical in a bank or similar large prganization.
The response has not been exactly earth shattering as I had expected. I have applied to several jobs but received few interviews so far from the financial institues that I want to work for. The cyber security employers seem to be very picky about specific skills. The interviewers focus on what I have done rather than what i can do or know. I have been involved with cybersecurity for 9 years, covered lot of ground but never deep dived into any one speciality - examples Governace or penetration testing involving hundreds of coputers or not having worked on Fortinet, palo Alto Firewalls (only worked on cisco asa), no hands on expereince with DLP, Never written long TRA reports etc. Cybersecurity was a component of my job not the entire job. And its becoming a serious stumbling block.
I have been told that not having Security in last job title is going to be a problem. And having technical support in title will reduce my chances even further.
So I am in a pickle now and need advise as to how do I fix the following two problems:
1. Job title not relecting cyber, Network or information security at all.
2. Lack of intense, in-depth technical and non technical experience
Should I pick up any security related job for short term contract and forget about getting a plum position for now? Doing so will mean I will lose out on employment insurance benefits. and most likely it will be a SOC based depressing job with lower income than what I had hoped for.
Or should I keep on trying for another month or two before chalking up plan B and what would that be?
What would you do if faced with a similar situation?
Comments
-
infosecs Member Posts: 48 ■■□□□□□□□□Accepting a short term contract with right title and requirements seems to be easiest and sure shot IMHO.
-
cemen777 Member Posts: 21 ■□□□□□□□□□Hi Kapital,
Thanks for your post. It seems you know a lot and have solid experience. That is awesome!
I m in the market for IT Sec job myself and have no luck. My job title is IT Tech. My internal employee has no interest in helping me to job shadow with Security team therefore I have to look outside of company I work for and as I said it is tough to find a job with job title other than Cyber Security Analyst or something it that nature. I have 2 contractors and no help either. Dead. No calls, no interviews. That is typical Corporate America theses days. It does not matter how good you are but who you know.
In your case I would try any offer even short term contract with "solid" job title. Sometimes we have to take a step back to get 2 steps forward in future.
Also have you checked https://www.cybrary.it/ "CAREERS". Might be helpful.
Good luck! -
jwdk19 Member Posts: 70 ■■■□□□□□□□I am also l looking to transition into an infosec position.
I've received a few leads around the Raleigh, NC area but that is currently a little too far of a commute unless I could get a SOC role that would afford a 3/4 day a week drive.
My wife and I are contemplating moving closer to the RTP area when our current lease ends. -
636-555-3226 Member Posts: 975 ■■■■■□□□□□I'd say maybe start small and work your way up. Pick a small or mid-sized org and get a few years under your belt working towards your end goal. After you that required experience, start looking around for the upgrade you want now.
-
Kapital Member Posts: 33 ■■□□□□□□□□Hi Kapital,
Thanks for your post. It seems you know a lot and have solid experience. That is awesome!
I m in the market for IT Sec job myself and have no luck. My job title is IT Tech. My internal employee has no interest in helping me to job shadow with Security team therefore I have to look outside of company I work for and as I said it is tough to find a job with job title other than Cyber Security Analyst or something it that nature. I have 2 contractors and no help either. Dead. No calls, no interviews. That is typical Corporate America theses days. It does not matter how good you are but who you know.
In your case I would try any offer even short term contract with "solid" job title. Sometimes we have to take a step back to get 2 steps forward in future.
Also have you checked https://www.cybrary.it/ "CAREERS". Might be helpful.
Good luck! -
Kapital Member Posts: 33 ■■□□□□□□□□I am also l looking to transition into an infosec position.
I've received a few leads around the Raleigh, NC area but that is currently a little too far of a commute unless I could get a SOC role that would afford a 3/4 day a week drive.
My wife and I are contemplating moving closer to the RTP area when our current lease ends. -
soccarplayer29 Member Posts: 230 ■■■□□□□□□□Since your responsibilities have evolved during your 15 years I'd suggest presenting them differently on your resume.
For example, update your experience section and group your responsibilities by roles. This way you still indicate that your official job title and you can emphasis specific skills and your broad experience.
Company X (2012-201
Technical Support Analyst
Summary (2-3 sentences) on your career there.
Role 1 (e.g., Systems & Network Adminstration)- xyz
Role 2 (e.g., GRC Security Analyst)- xyz
Role 3 (e.g., Vulnerability Engineer)- xyz
Certs: CISSP, CISA, PMP -
Kapital Member Posts: 33 ■■□□□□□□□□soccarplayer29 wrote: »Since your responsibilities have evolved during your 15 years I'd suggest presenting them differently on your resume.
For example, update your experience section and group your responsibilities by roles. This way you still indicate that your official job title and you can emphasis specific skills and your broad experience.
Company X (2012-201
Technical Support Analyst
Summary (2-3 sentences) on your career there.
Role 1 (e.g., Systems & Network Adminstration)- xyz
Role 2 (e.g., GRC Security Analyst)- xyz
Role 3 (e.g., Vulnerability Engineer)- xyz
or perhaps mention all the different experience but not mention the title at all or make one up. -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□Try and focus on what you do cyber security related in your interviews. Don't lie, but just talk about all the security tasks you do. Make it sound like it is what you do with most of your time there. Go into details about the tasks... Have a couple stories that relate to your security tasks ready to tell... If you are getting interviews it isn't your title holding you back.
Same goes for your resume. Focus on your security related tasks -
paul78 Member Posts: 3,016 ■■■■■■■■■■@OP - you have a pretty interesting background. Can you describe the type of company you used to work at? Size and industry? It sounds like you are already doing infosec work. I think that NetworkNewb's suggestion is great. And if you lay out your resume like that - it is probably going to be easier for someone to read it.
Since you are getting interviews already, it also sounds like you are well on your way. Are you currently working or did you separate from your company recently? Does that come up in interviews? Perhaps that's an issue that may need to be addressed.
I see that you are interested in joining a financial services firm. Have you consider a consulting and advisory firm instead? Given your broad background, that could be interesting to consulting firms. Perhaps you can try companies like NCC Group or Herjavec.
Good luck in your job search! -
Kapital Member Posts: 33 ■■□□□□□□□□I worked for a very large technology firm with well 100000 employees worldwide in a very broad position covering Desktop/ Network and Information Security as well Networking, Technical trouble shooting, systems Adminstration etc. I was let go due to national restructing which was exactly what i was hoing for. I am gettinginterview calls but with this much knowledge and this many certs I had hoped to be gobbled up within a month (LOL)...well the month is past already (sigh)@OP - you have a pretty interesting background. Can you describe the type of company you used to work at? Size and industry? It sounds like you are already doing infosec work. I think that NetworkNewb's suggestion is great. And if you lay out your resume like that - it is probably going to be easier for someone to read it.
Since you are getting interviews already, it also sounds like you are well on your way. Are you currently working or did you separate from your company recently? Does that come up in interviews? Perhaps that's an issue that may need to be addressed.
I see that you are interested in joining a financial services firm. Have you consider a consulting and advisory firm instead? Given your broad background, that could be interesting to consulting firms. Perhaps you can try companies like NCC Group or Herjavec.
Good luck in your job search! -
jwdk19 Member Posts: 70 ■■■□□□□□□□Kapital I have right at 14 years experience. Half of which is DoD/Military. From desktop support, helpdesk, tech control ops, sys admin, vulnerability remediation...IAVA's TSP's, DIACAP, etc. Etc. None of my position titles contained the word "security" etc. Current title is Systems Analyst (ICS to a small degree, desktop support, network support, sys admin)
Ive noticed better response once I modified my resume with a focus on Infosec duties that I've performed in those roles.
Im sure that my resume still needs more revision but highlighting the infosec tasks/projects/duties seems to be helping quite a bit. -
beads Member Posts: 1,533 ■■■■■■■■■□If looking beyond your immediate market is a possibility then do so. Security is really a major market field despite everyone needing some sort of InfoSec but your not likely to find a security in say Jam, Michigan or some other completely obscure place in America. Ask your existing InfoSec team about career paths and where they started. That may give you some insight as to what your local market is like.
Infosecs has it right. The fastest path would be a short term contract or two but this may mean traveling to another market, if not state for a while.
IT, in particular InfoSec has always been difficult to break into but we can all enjoy the instant high of shortage of qualified qualified InfoSec people. Much like sniffing glue in a bag. Same effect. Instant rush only to crash a short term later (*sarcasm*). No, never "huffed" glue but have seen the effects. -
Kapital Member Posts: 33 ■■□□□□□□□□Kapital I have right at 14 years experience. Half of which is DoD/Military. From desktop support, helpdesk, tech control ops, sys admin, vulnerability remediation...IAVA's TSP's, DIACAP, etc. Etc. None of my position titles contained the word "security" etc. Current title is Systems Analyst (ICS to a small degree, desktop support, network support, sys admin)
Ive noticed better response once I modified my resume with a focus on Infosec duties that I've performed in those roles.
Im sure that my resume still needs more revision but highlighting the infosec tasks/projects/duties seems to be helping quite a bit. -
Kapital Member Posts: 33 ■■□□□□□□□□If looking beyond your immediate market is a possibility then do so. Security is really a major market field despite everyone needing some sort of InfoSec but your not likely to find a security in say Jam, Michigan or some other completely obscure place in America. Ask your existing InfoSec team about career paths and where they started. That may give you some insight as to what your local market is like.
Infosecs has it right. The fastest path would be a short term contract or two but this may mean traveling to another market, if not state for a while.
IT, in particular InfoSec has always been difficult to break into but we can all enjoy the instant high of shortage of qualified qualified InfoSec people. Much like sniffing glue in a bag. Same effect. Instant rush only to crash a short term later (*sarcasm*). No, never "huffed" glue but have seen the effects.
you do have very strong point. I have seem recruiters and companies souding far more receptive in smaller, remote loacations where they are not getting 200 applicants per job post or not getting enough experienced people.
You are right about Infosec being difficult market to break into. But why is it so? I understand one can make a newbie or less experienced applicant incharge of Infosec ops but why not let them in for future grooming? I guess infosec is considered to be expensive cost centre so everyone wants to get the max milage out of it