Options

Career path help

n8236n8236 Member Posts: 20 ■□□□□□□□□□
in IT Jobs / Degrees
  1. Hi,

    New here and I am looking for some input on my career path in InfoSec.

    Been in the IT industry for over 7 years, starting from helpdesk > system admin > disaster recovery support agent (current).

    For the past two and half years, I have geared myself towards infosec by passing A+ and GSEC (with 3/4 of the CISSP complete and other certs. such as GCFA and EnCe in the pipeline).

    Unfortunately, I've been running into some hurdles with employers always wanting to hire security analysts who can hit the ground running and years of explicit experience, which I am not. I can't blame them, I would too. I am chalk full of book knowledge and some lab, however, my lack of real-world experience is holding me back. It's sad, but I've been even rejected for internship posts (which pay 50% of what I currently make). Just getting my foot in the door seems impossible. I'm willing to start from the bottom if that's what it takes, but I can't find any takers.

    What advice can someone in the industry give me, so someone can give me an opportunity and take a chance?

    Adding more certs. would help, but it's not the most affective. I want to pay someone to personally train me or have me shadow them, but it's not easy to find someone willing. It's not like I can just put up a post on CL asking an infosec person to show me the ropes for $/hr.
· Share on FacebookShare on Twitter

Comments

  • Options
    pinkydapimppinkydapimp Member Posts: 732 ■■■■■□□□□□
    hard to say without seeing your skillset. Post your resume. Do you have the 5 years experience in infosec needed to get a CISSP? once you get the CISSP i would imagine that will open a bunch of doors for you. What type of Infosec are you trying to do. its a HUGE field.
    · Share on FacebookShare on Twitter
  • Options
    n8236n8236 Member Posts: 20 ■□□□□□□□□□
    When I first studying for the CISSP, I was worried they wanted explicit security experience. After speaking with another co-worker, he'd said anything that's security related would do. He's willing to vouch for me and sign me up for the test.

    My skill-set is helpdesk, general sys. admin, disaster recovery, business continuity, and archiving, email routing, email security. Dabbles of security here n there.

    I want to eventually work on malware analysis, but it's a 5 year plan or so. Within these 5 years, I want to get strong on security-everything else.

    I'm wondering if going to being a network admin might be a better platform to move into security more specifically.

    My resume is below.



    Experience
    Senior Enterprise Technical Analyst, Dell Inc.
    November 2009 to Current, Santa Clara, CA
     Processed eDiscovery SQL extraction requests of secure messages for litigation readiness and investigation purposes.
     Constructed data retention policies that conformed to business and federal compliance frameworks such as SOX and HIPAA.
     Configured Symantec Cloud security services such as Content Control, Anti-Virus, Anti-Spam and Access Control Lists.
     Performed training exercises using network vulnerability and analysis tools such as Nessus, Nmap, WireShark, John the Ripper and NetStumbler.
     Facilitated in reset of sensitive customer expectations to driving resolution in accordance to Service Level Agreements (SLAs). Furthermore, filled position of team lead, providing technical and advisory guidance to multi-region teams.
     Collaborative work with cross-functional teams such as escalation staff, vendors and customers in enhancing support with issues extending beyond the scope of standard procedures.
     Award recognition by Dell and clientele evaluations for service excellence from FY10 thru FY12 with recurring client requests for private management.


    Systems Engineer, Northwest Technologies LLC.
    August 2007 to August 2009, San Francisco, CA
     Took part in executing ISO/IEC 27002 internal security controls such as file retention, recovery, encryption, password policies and various necessary compliance requirements.
     Engaged in multi-layer security assessments that scanned and identified vulnerabilities that led to the research and implementation of appropriate solutions.
     Working knowledge of Information Technology Infrastructure Library (ITIL) concepts in incident management with emphasis on detailed documentation and workflow processes.
     Participated in IT infrastructure planning and image strategy sessions.
     Enforced annual licensing reviews utilizing Microsoft Software Inventory Analyzer in conforming to End-User Licensing Agreements (EULAs).


    Desktop Specialist, Cuesta College
    January 1999 to December 2001, San Luis Obispo, CA
     Equipped campus staff with remote application capabilities in assembling Citrix Winframe/Metaframe NT servers.
     Supported deployment initiatives for over 30 campus-wide academic and administrative departments.


    Education
    B.A., Economics, San Francisco State University, 2006
     Focus on macro-economic fiscal/monetary impacts, game theory and globalization.


    Technical
    Certifications: GIAC: GSEC (05/12), Microsoft: MCTS (11/11), CompTIA: Security+ (01/12)
    Pursuits: CISSP (current), EnCe, GCIH, GCFA, GREM, GPEN, Python
    Proficiencies: Mail Flow, Cloud Backup, Email Security, Email Continuity, Disaster Recovery, Message Archiving, Asset Management, Business Continuity, Email Header Analysis, Encryption-As-A-Service, Microsoft Exchange, Mass Notification System
    Software/SaaS/PaaS: Postini, ProofPoint, BMC Remedy, Microsoft Suite, Siebel Call Center, Symantec End-Point, Iron Mountain Data Protector, Salesforce Sales Cloud, Symantec Backup Exec, Symantec Coud
    Platforms: BES, Mac OS X, Microsoft Server, Microsoft Windows
    Network: Ping, Netsh, Telnet, Tracert, NBStat, Netstat, IPconfig, PathPing, NSlookup
    Et Cetera : I like sports
    · Share on FacebookShare on Twitter
Sign In or Register to comment.