Trying to break into CyberSec, yet no one wants to hire entry level

Hey Guys, I have almost 7 years infrastructure support, 3 in Helpdesk, and 4 as SA. I've been trying to build my resume with certs since I don't have cybersec exp. I currently work in the DC area, and hold a Secret Clearance. I'm having a hard time finding a new position(I'm currently working, but SA is getting old real fast).

Is there a way to get actual experience working with SEIM, Firewalls, IPS, or IDS? Should I just download Security Onion and get familiar? Should I get the free "user" certs from Splunk, Palo Alto, etc.?

I'm currently studying for CISSP to make myself more marketable, and once I finish I'll probably start WGU's Cyber program. I get quite a few bits for SA work, but I'm not interested at all.

Any advice? Also, anyone know of a SOC position in the area, please let me know.

Find more posts tagged with

Comments

mikey88

Shane2 wrote: »

Hey Guys, I have almost 7 years infrastructure support, 3 in Helpdesk, and 4 as SA. I've been trying to build my resume with certs since I don't have cybersec exp. I currently work in the DC area, and hold a Secret Clearance

Are you willing to relocate?/work a contract? There is ACAS/HBSS training you can take that'll make you a bit more marketable.

I was in a similar position, and I moved across the country for a role. I've read through many job descriptions and tried to learn as many tools and technologies as I could.

There is no simple answer. Keep learning, keep progressing.. and keep trying.

Syntax

I'm going to watch this since I'm just about in the same boat. Although I do have CISSP and a Masters in Cybersecurity, plus CCNA Cyber Ops... No "real world" experience in an actual security role. I have tried to list anything I have done that remotely relates to security (firewalls, network ACLs, etc... I'm a network admin currently) as the primary focus of experience on my resume. I have actually received a few phone interviews here and there, for positions that aren't really entry level, because I've experienced the same thing as you (not many, if any, entry/junior security positions). I think they go okay, but at this point they seem to be dragging their feet and perhaps holding out for someone with more experience before passing on me entirely.

I'm also not in DC, so if you're having trouble over there finding infosec work I don't see how it would bode well for me where I'm at.

Shane2

mikey88 wrote: »

Are you willing to relocate?/work a contract? There is ACAS/HBSS training you can take that'll make you a bit more marketable.

I was in a similar position, and I moved across the country for a role. I've read through many job descriptions and tried to learn as many tools and technologies as I could.

There is no simple answer. Keep learning, keep progressing.. and keep trying.

I’m actually slowly making my way through the ACAS training, but between work and CISSP studies, it is very slow. I know the HBSS won’t take me long at all, as I had the certificate of completion before(and let it lapse).

emek

Shane2 wrote: »

Hey Guys, I have almost 7 years infrastructure support, 3 in Helpdesk, and 4 as SA. I've been trying to build my resume with certs since I don't have cybersec exp. I currently work in the DC area, and hold a Secret Clearance. I'm having a hard time finding a new position(I'm currently working, but SA is getting old real fast).

Is there a way to get actual experience working with SEIM, Firewalls, IPS, or IDS? Should I just download Security Onion and get familiar? Should I get the free "user" certs from Splunk, Palo Alto, etc.?

I'm currently studying for CISSP to make myself more marketable, and once I finish I'll probably start WGU's Cyber program. I get quite a few bits for SA work, but I'm not interested at all.

Any advice? Also, anyone know of a SOC position in the area, please let me know.

When you say you're thinking about WGU Cyber program, do you mean BA or Masters? Do you have any degree? How long have you been searching? I would say you have the leg up being in DC. From what I can see, there seems to be 2-3x more Sec jobs in DC vs other major metropolitan areas. That being said, I would not recommend moving.

Shane2

emek wrote: »

When you say you're thinking about WGU Cyber program, do you mean BA or Masters? Do you have any degree? How long have you been searching? I would say you have the leg up being in DC. From what I can see, there seems to be 2-3x more Sec jobs in DC vs other major metropolitan areas. That being said, I would not recommend moving.

I’ll be going for my BA. No current degree. Been looking for a few months, i’ll turn it into overdrive in June when I hopefully pass the CISSP.

I don’t plan on moving. Jobs are here, just need to find the right one.

H-bomb

CISSP should help a lot. Luckily you are located in an area where Infosec jobs are plentiful. Have you tried any cyber job fairs? They have been popping quite frequently. Companies like ManTech, Raytheon, DXC, CACI, have held job fairs in the DC area within the past two months.

emek

Shane2 wrote: »

I’ll be going for my BA. No current degree. Been looking for a few months, i’ll turn it into overdrive in June when I hopefully pass the CISSP.

I don’t plan on moving. Jobs are here, just need to find the right one.

I think it may be the lack of degree holding you back. More so than other fields in IT, a bachelors seems to be required by a lot of jobs I see posted. There appears to be a big push from parents and from the colleges themselves, to encourage new grads to go into the info sec industry.

Danielm7

You have clearance, some experience and are in DC, maybe it's your resume?

jt2929

Syntax wrote: »

I'm going to watch this since I'm just about in the same boat. Although I do have CISSP and a Masters in Cybersecurity, plus CCNA Cyber Ops... No "real world" experience in an actual security role. I have tried to list anything I have done that remotely relates to security (firewalls, network ACLs, etc... I'm a network admin currently) as the primary focus of experience on my resume. I have actually received a few phone interviews here and there, for positions that aren't really entry level, because I've experienced the same thing as you (not many, if any, entry/junior security positions). I think they go okay, but at this point they seem to be dragging their feet and perhaps holding out for someone with more experience before passing on me entirely.

I'm also not in DC, so if you're having trouble over there finding infosec work I don't see how it would bode well for me where I'm at.

How do you have CISSP with no security experience? Same with the OP, why go after a cert that requires 5 (or4) years of relevant experience if you don't have it?

chrisone

Shane2 wrote: »

Is there a way to get actual experience working with SEIM, Firewalls, IPS, or IDS? Should I just download Security Onion and get familiar? Should I get the free "user" certs from Splunk, Palo Alto, etc.?

Yes, get this and lab it. Also start a mini blog showing your research and results. This will win you huge points with any employer.

Shane2

jt2929 wrote: »

How do you have CISSP with no security experience? Same with the OP, why go after a cert that requires 5 (or4) years of relevant experience if you don't have it?

With almost 7 years of It work, I definitely have 4 years of relevent security work. You don’t need to hold a security position for 5 years. You just need to have worked in the domains. Between my work as HD and SA, I definitely have 4 years of experience in 2 domains. I only need 4 since I have my Sec+.

LonerVamp

There are people just out of school with no experience looking for entry level infosec.
Then there are people out there who've worked 3+ years of IT at some level and...are...looking for entry level infosec?

Especially for someone with a CISSP, you probably have security experience that you're not focusing on very well. And half of security is knowing how something works, so if you've built/maintained IT at all, you know half the stuff you need.

For instance, have you managed user AD accounts? Service accounts? AD groups?
Set up privileged access on systems, or limited access on systems?
Worked with HTTPS/certs at all?
Patched systems? How did you do that?
Did any troubleshooting on why one thing can't talk to another? Found out it's a firewall problem? Understood why?
Did any troubleshooting with pstools/procmon/etc?
Looked at logs on a system? Moved logs somewhere more convenient to look at? Configured log collection?

Don't undersell yourself is you understand how the web works, how DNS works, how to do low level troubleshooting on permissions, file writes, processes, or feel comfortable in more than just Windows (Cisco IOS, Linux, etc).

josephandre

Danielm7 wrote: »

You have clearance, some experience and are in DC, maybe it's your resume?

right, there's clearly something not adding up.

Have you posted your resume on clearancejobs.com?

checked the reddit /r/netsec quarterly hiring threads?

TechGuru80

If you want to stay in govt / defense, information assurance (IA) is probably one of your easier ways to get into cyber. You will get exposure to the security regulations on a deeper level, but be prepared it is paperwork heavy. SOCs can be more challenging to get into unless you have some solid certs like CCNA/CCNP Security, GCIH / GCIA.

Also, for govt / defense I see no reason to relocate because you are in the hub being in the DC area. If you can relocate it opens doors but you might end up in a less desirable location and in turn needing to relocate again down the road.

Shane2

josephandre wrote: »

right, there's clearly something not adding up.

Have you posted your resume on clearancejobs.com?

checked the reddit /r/netsec quarterly hiring threads?

I'm almost positive it is the resume, I'm going to work on it in the nexst month or so. I'll list the projects I have contributed to, instead of boring bullets on what I generally do.

I do have a fear of listing things I did a while ago, and then getting asked specifics.

NetworkNewb

Shane2 wrote: »

I'm almost positive it is the resume

I didn't read everyone else's posts but saw this at the bottom. I was assuming it would probably be that. You really have to tailor your resume and make it sound like your current job you do a lot of security things. Try and think of any activity you do or have done that might involve security. Then list your resume on here and have some people look at it.

DatabaseHead

Shane2 wrote: »

I'm almost positive it is the resume, I'm going to work on it in the nexst month or so. I'll list the projects I have contributed to, instead of boring bullets on what I generally do.

Good idea.

mmcabe

There's a ton of open-source IDSs, pentesting tools, and vulnerability scanners out there (for Linux; I don't know about Microsoft). If you don't have this sort of access at work, you can build a little Linux network at home and play with these plus set up self-signed certificates, etc.

YesOffense

Damn, if you have IT experience, security certs and a clearance trying to get in a field they claim has a shortage, in an area that has plenty of those jobs, and having no luck, looks bleak for others trying to get in.

scaredoftests

Shane2 wrote: »

I'm almost positive it is the resume, I'm going to work on it in the nexst month or so. I'll list the projects I have contributed to, instead of boring bullets on what I generally do.

I do have a fear of listing things I did a while ago, and then getting asked specifics.

YES take out the BULLETS!!

NetworkNewb

YesOffense wrote: »

Damn, if you have IT experience, security certs and a clearance trying to get in a field they claim has a shortage, in an area that has plenty of those jobs, and having no luck, looks bleak for others trying to get in.

None of those matter if your resume doesn't look good or isn't tailored to the position you're trying for.

chrisone

Shane2 wrote: »

I'm almost positive it is the resume, I'm going to work on it in the nexst month or so.

That is not the attitude to have. I am not trying to pick on you or criticize you but why would you wait until the next month or so to improve your quality of life?

ITSec14

Your professional network will take you farther than any degree or CISSP certification. Get out and network with people. The Security community is not large in many locations so you're usually only a few hops from someone who makes hiring decisions.

Syntax

jt2929 wrote: »

How do you have CISSP with no security experience? Same with the OP, why go after a cert that requires 5 (or4) years of relevant experience if you don't have it?

I have security experience... I just meant none of my roles, past or current, have been focused on cybersecurity as the primary responsibility.

As an update, I am starting to get more responses and actually have my first in-person interview this week. I think many companies are just slow or aren't that interested in filling the position in a timely manner. I just have to be patient and keep being optimistic.

johndoee

Syntax wrote: »

I have security experience... I just meant none of my roles, past or current, have been focused on cybersecurity as the primary responsibility. Hugh? I am confused. Based on opinion, if you don't have hands-on "cyber security" experience in a real-world environment you don't have it. Like I said, base on opinion. Some people/organizations would rather have someone who has done it live than someone who knows how to setup a VM, install some tools, and run some commands that are easily found online (and everyone is doing). And easily being done by someone in high school. Like I said, based on opinions. It's not a one size fits all.

I stand corrected. You have security experience. That is vague. That could mean physical security. That could mean you were a security guard at Bank of America. Correct, it's a difference between security and cybersecurity.

As an update, I am starting to get more responses and actually have my first in-person interview this week. I think many companies are just slow or aren't that interested in filling the position in a timely manner. I just have to be patient and keep being optimistic. DC more so than Northern Virginia in my opinion is a hub for Cyber related positions. I would not apply for a position and expect to here a response by end of week. Although a possibility. What also has to be understood is the DC area is DOD. Heavy Department of Defense, so recruiters are looking for certifications that are on the DOD List. Depending on the role, the certifications you have might not be what's needed to fill that IAT Level X or IAM Level X, etc. . Just something that came to mind. The list changes every 6 months with an addition or deletion so who knows.

Good Luck

johndoee

Shane2 wrote: »

Hey Guys, I have almost 7 years infrastructure support, 3 in Helpdesk, and 4 as SA. I've been trying to build my resume with certs since I don't have cybersec exp. I currently work in the DC area, and hold a Secret Clearance.

Saying you have a Secret Clearance in DC is like coming to a motorcyle race with a 250cc dirtbike and expecting to win.

Shane2

johndoee wrote: »

Good Luck

I have hands on experience in cybersecurity. Any decent System Administrator will work in a few of the 8 domains.

Shane2

johndoee wrote: »

Saying you have a Secret Clearance in DC is like coming to a motorcyle race with a 250cc dirtbike and expecting to win.

I wasn't bragging about my clearance. I was stating a fact. I don't understand what your comment brings to the discussion.

Shane2

chrisone wrote: »

That is not the attitude to have. I am not trying to pick on you or criticize you but why would you wait until the next month or so to improve your quality of life?

I'm planning on getting sitting the CISSP in June. I don't want to take a position until I have it.

johndoee

Shane2 wrote: »

I wasn't bragging about my clearance. I was stating a fact. I don't understand what your comment brings to the discussion.

The point was everyone has a (minimal) secret clearance that's in IT in DC.

. You need to bring something else to the table besides for that...actually a lot of people have higher clearances. That goes to the point of stepping your cc's up. Although easier said than done. But good luck anyway

I know you were not bragging about a secret clearance. I know that