Information security professionals - Please help me gain escape velocity
Kapital
Member Posts: 33 ■■□□□□□□□□
Braintrust
Please help me gain escape velocity from my Tech Support past.
I worked for a very broad role for almost 15 years for one organization. The job was primarily tech Support (My job title was technical Support Analyst) but also involved Networking very heavily. However I never asked them to change the title.
The job also involved lot of Systems Adminstration. - Again I never requested a title change.
later on it also ivolved network Security, Physical security and Information Security. Sadly I left the job with same title - technical Support Analyst and am paying the price now.
I have lots of Cybersecurity certifications Sec+/CCNA+CCNP (security)/CISSP / Cyber Ops etc. so getting past HR is not a problem for me. As I got a nice package, I used it to bulk up on picking several other skills, hands on experience and vendor certifications. I am labbing heavily to get lot more knowledge in the areas where I think I am weak..
I have just started testing waters by submitting resumes. I am not in a hurry to pick up any job but ideally would prefer a hybrid job involving 60% GRC and 40% technical in a bank or similar large prganization.
The response has not been exactly earth shattering as I had expected. I have applied to several jobs but received few interviews so far from the financial institues that I want to work for. The cyber security employers seem to be very picky about specific skills. The interviewers focus on what I have done rather than what i can do or know. I have been involved with cybersecurity for 9 years, covered lot of ground but never deep dived into any one speciality - examples Governace or penetration testing involving hundreds of coputers or not having worked on Fortinet, palo Alto Firewalls (only worked on cisco asa), no hands on expereince with DLP, Never written long TRA reports etc. Cybersecurity was a component of my job not the entire job. And its becoming a serious stumbling block.
I have been told that not having Security in last job title is going to be a problem. And having technical support in title will reduce my chances even further.
So I am in a pickle now and need advise as to how do I fix the following two problems:
1. Job title not relecting cyber, Network or information security at all.
2. Lack of intense, in-depth technical and non technical experience
Should I pick up any security related job for short term contract and forget about getting a plum position for now? Doing so will mean I will lose out on employment insurance benefits. and most likely it will be a SOC based depressing job with lower income than what I had hoped for.
Or should I keep on trying for another month or two before chalking up plan B and what would that be?
What would you do if faced with a similar situation?
Please help me gain escape velocity from my Tech Support past.
I worked for a very broad role for almost 15 years for one organization. The job was primarily tech Support (My job title was technical Support Analyst) but also involved Networking very heavily. However I never asked them to change the title.
The job also involved lot of Systems Adminstration. - Again I never requested a title change.
later on it also ivolved network Security, Physical security and Information Security. Sadly I left the job with same title - technical Support Analyst and am paying the price now.
I have lots of Cybersecurity certifications Sec+/CCNA+CCNP (security)/CISSP / Cyber Ops etc. so getting past HR is not a problem for me. As I got a nice package, I used it to bulk up on picking several other skills, hands on experience and vendor certifications. I am labbing heavily to get lot more knowledge in the areas where I think I am weak..
I have just started testing waters by submitting resumes. I am not in a hurry to pick up any job but ideally would prefer a hybrid job involving 60% GRC and 40% technical in a bank or similar large prganization.
The response has not been exactly earth shattering as I had expected. I have applied to several jobs but received few interviews so far from the financial institues that I want to work for. The cyber security employers seem to be very picky about specific skills. The interviewers focus on what I have done rather than what i can do or know. I have been involved with cybersecurity for 9 years, covered lot of ground but never deep dived into any one speciality - examples Governace or penetration testing involving hundreds of coputers or not having worked on Fortinet, palo Alto Firewalls (only worked on cisco asa), no hands on expereince with DLP, Never written long TRA reports etc. Cybersecurity was a component of my job not the entire job. And its becoming a serious stumbling block.
I have been told that not having Security in last job title is going to be a problem. And having technical support in title will reduce my chances even further.
So I am in a pickle now and need advise as to how do I fix the following two problems:
1. Job title not relecting cyber, Network or information security at all.
2. Lack of intense, in-depth technical and non technical experience
Should I pick up any security related job for short term contract and forget about getting a plum position for now? Doing so will mean I will lose out on employment insurance benefits. and most likely it will be a SOC based depressing job with lower income than what I had hoped for.
Or should I keep on trying for another month or two before chalking up plan B and what would that be?
What would you do if faced with a similar situation?
Comments
Thanks for your post. It seems you know a lot and have solid experience. That is awesome!
I m in the market for IT Sec job myself and have no luck. My job title is IT Tech. My internal employee has no interest in helping me to job shadow with Security team therefore I have to look outside of company I work for and as I said it is tough to find a job with job title other than Cyber Security Analyst or something it that nature. I have 2 contractors and no help either. Dead. No calls, no interviews. That is typical Corporate America theses days. It does not matter how good you are but who you know.
In your case I would try any offer even short term contract with "solid" job title. Sometimes we have to take a step back to get 2 steps forward in future.
Also have you checked https://www.cybrary.it/ "CAREERS". Might be helpful.
Good luck!
I've received a few leads around the Raleigh, NC area but that is currently a little too far of a commute unless I could get a SOC role that would afford a 3/4 day a week drive.
My wife and I are contemplating moving closer to the RTP area when our current lease ends.
For example, update your experience section and group your responsibilities by roles. This way you still indicate that your official job title and you can emphasis specific skills and your broad experience.
Company X (2012-201
Technical Support Analyst
Summary (2-3 sentences) on your career there.
Role 1 (e.g., Systems & Network Adminstration)
Role 2 (e.g., GRC Security Analyst)
Role 3 (e.g., Vulnerability Engineer)
or perhaps mention all the different experience but not mention the title at all or make one up.
Same goes for your resume. Focus on your security related tasks
Since you are getting interviews already, it also sounds like you are well on your way. Are you currently working or did you separate from your company recently? Does that come up in interviews? Perhaps that's an issue that may need to be addressed.
I see that you are interested in joining a financial services firm. Have you consider a consulting and advisory firm instead? Given your broad background, that could be interesting to consulting firms. Perhaps you can try companies like NCC Group or Herjavec.
Good luck in your job search!
Ive noticed better response once I modified my resume with a focus on Infosec duties that I've performed in those roles.
Im sure that my resume still needs more revision but highlighting the infosec tasks/projects/duties seems to be helping quite a bit.
Infosecs has it right. The fastest path would be a short term contract or two but this may mean traveling to another market, if not state for a while.
IT, in particular InfoSec has always been difficult to break into but we can all enjoy the instant high of shortage of qualified qualified InfoSec people. Much like sniffing glue in a bag. Same effect. Instant rush only to crash a short term later (*sarcasm*). No, never "huffed" glue but have seen the effects.
you do have very strong point. I have seem recruiters and companies souding far more receptive in smaller, remote loacations where they are not getting 200 applicants per job post or not getting enough experienced people.
You are right about Infosec being difficult market to break into. But why is it so? I understand one can make a newbie or less experienced applicant incharge of Infosec ops but why not let them in for future grooming? I guess infosec is considered to be expensive cost centre so everyone wants to get the max milage out of it