how to get in I.T Security

in Pentesting
I recently passed Security+ and CySa but I don't experience in those field, But I have 8 years of I.T from Helpdesk to desktop support to and been I.T Admin with O365 and working in AD for 3.5 yrs. what is best route to get into security. I like to volunteer do hep company with security as part-time?
Comments
You just posted this so I'll assume their'll be more replies. Here's a couple of suggestions:
1. Setup a security lab environment consisting of:
- SIEM Tool
- IDS/IPS
2. Run simulated malware through the lab environment and be able to detect it methodically.3. Complete these labs from Cybrary.it
Importantly though, I believe that with your 8 years of IT experience and Security+, CySa certs your quite qualified for an entry level position. For good visibility to potential employers you should post your resume to Dice.com, Monster.com, Glassdoor.com, and Careerbuilder.com. Be absolutely sure it lists your certifications and labs along with the related keywords. Hope this helps buddy, and good luck.
Naomi Buckwalter recently did a short talk about why breaking into security is hard on "junior" employees ->
She also provides some tips and suggestions to people in your position.
I recently been watching youtube videos on how to get into security, different types of security etc..... It's more just for the knowledge not to actually do it I am deeply rooted in data and databases. However.... One thing several of these talk heads said was that if you could script Python really well that was one entry way for juniors to get in the door. He named your usually suspects, years of infrastructure, development and then of course who you know. But then at the end (two different people) mentioned that Python in itself can kick down doors for juniors.
I was curious to hear your thoughts?
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
The most important lessons from Naomi's talk (really go watch it) are that junior security folks need A) a portfolio,
With regards to Python, or any language, my opinion is that it will really help you if you know any one particular language enough to be useful. If you want to be a programmer, you'll need to know one of two languages really well! But if you want to get into DevSecOps, security, system administration etc then knowing one or more scripting languages at a basic level is helpful. No, Python won't "kick down doors", but it can help you be useful.
Thanks for taking the time to go over that info. I trust you all over the talking heads. It's funny you mention it makes you useful in regards to Python. I've had roles where my VBA (Excel and Access) and SQL (~10 years of coding) really made me "useful" but I wasn't any better at that particular role than anyone else except for automating and making tools, well other things as well but you get my point.
@tvutthikrai
Sorry for the hijack.....