Your Start in Security

the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
As most of you know I've gotten my first start in a security (like) role. Initially, it was a lot of software testing and then it began to flow into auditing for regulatory compliance. The regulatory compliance side will be continuing for the length of my career. But now I am weaving into the actual hard security side of things (today I loaded Kali on a laptop, setup the wireless card, and started cracking a few wireless access points in the lab). My issue is, I'm being thrown into a lot of different projects at once all requiring slightly different skills (this isn't a complaint as each day is different and I've been made the head of two major projects at this point which is great). My question is, how do you specialize in an environment such as this? Each time I think I know what I should be studying/researching a new item presents itself and I need to switch gears.
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff

Comments

  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    You're in the danger of being stretched thin under the possible assumption that security is a generalized, single-domain subject area that can be accomplished by one person, or the work has just lent itself to touching many different areas for which there typically are dedicated, specialized individuals. I would sort of coin this as a jack-of-all-trades security approach.

    Which isn't a bad thing. You're essentially forced to dive into a lot of things simultaneously or serially and it shakes up your status quo, so you can relish this experience. But be wary if there's an expectation of what can be accomplished (and the depth) when the requirements to make it happen doesn't reflect the reality of your resource bucket.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • CoolAsAFanCoolAsAFan Member Posts: 239
    If I was you and I could handle it, I would just continue doing what your doing and learning as much as possible. It sounds like your gaining valuable experience. Also, it never hurts to ask for help if you need it.
    IvyTech - AS CINS (Completed: May, 2013)
    WGU Indiana - BS IT Security
    (Started: August 1st, 2013)

    Transferred: AGC1 CDP1 BVC1 CLC1 CVV1 DHV1 DJV1 GAC1 CIC1 CDC1 UBT1 IWC1 IWT1 TCP1 TJP1 TJC1 EBV1 WFV1 EUP1 EUC1 CJC1 UBC1 TBP1
    Completed: CUV1 BOV1 DRV1 DSV1 CTV1 CJV1 COV1 CQV1 CNV1 TPV1 MGC1 TXC1 TXP1 BNC1 TYP1 TYC1
    Required:
    SBT1 RGT1 RIT1
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Excellent advice guys! I'm definitely in a position where if I can't do something or needed help I can let my boss (and several layers above him) know without it being an issue. Generally speaking they are fairly surprised I was able to handle what has been on my plate thus far. I guess my hang up, as docrice put it, is the jack of all trades in security label. I'm hoping things calm a bit and that we get the numbers to break things off into a separate group (basically, we are legally allowed to make an Office of Internet Gaming, but the numbers have to be there). If that happens then I think I could specialize and not be so helter-skelter. Thanks guys!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • Mike-MikeMike-Mike Member Posts: 1,860
    CoolAsAFan wrote: »
    If I was you and I could handle it, I would just continue doing what your doing and learning as much as possible. It sounds like your gaining valuable experience.

    this....


    also, before long, you will know something about everything they do.. "hey Tom is sick today, who is familiar with Project XYZ? Hmmm... Just ask The Grinch, he knows everything"
    Currently Working On

    CWTS, then WireShark
Sign In or Register to comment.