I'm getting more confused about which security path to take as the days go on

Dating back to last April..I decided I wanted to pursue pentesting (real original, right?). Fast forward to September, I started my 1st job in I.T. (NOC/Linux support)...and 2 months ago I started my 2nd I.T job...still in NOC but I'm dealing with a lot more networking task and plus there's a lot of room to grow at the new company. I also landed a Computer Forensic internship at the end of March as a junior CF analyst. Let me say this, CF is nothing like what you see on TV haha.

I was super excited to start the internship but the excitement began to wear off pretty quick. It just so happens the first 2 or 3 cases I dealt with were pretty damn interesting, but man....it's definitely not what I imagined. I wasn't going into the internship thinking I was going to be dealing with murders or anything crazy like that...but I was totally off base with this field. Long story short, sitting in-front of a computer for 8 hours bookmarking/finding ADS's/and writing reports is not all that fun. Don't get me wrong, it was interesting at times but the cons out weigh the pros..at least for me. Plus, the lack of CF jobs is a major con for me as well.

Since CF is out of the picture, and there are so few pentesting gigs out there. I feel lost on which security path I want to pursue. The logical me thinks I should stick to networking, since I'm actually experience in the field and then move over to network security? But managing firewalls doesn't sound that interesting lol (I could be wrong). Another thing that makes me want to stay in networking, is that my manager said "if I gain the CCNP + in-depth wireshark knowledge, I would get promoted to the network engineer team making around 70k". It's hard not to think about that kind of money at 24 but then I feel like I would be getting away from security once more.

Current certs: Linux+, Network+, CCENT

Sorry about the rambling but any advice would help.

Find more posts tagged with

Comments

veritas_libertas

You can always move into security later. Getting several years in networking is priceless experience and in my opinion should be a required first step before you move into security. How on earth can you secure something that you don't understand? How can you crack something you don't understand? Sure you could throw security tools at it and break it, but do you know why it broke?

the_Grinch

Have to agree with veritas, gotta have a strong foundation in something before specializing. Best part of networking is it touches everything (servers, desktops, switches, routers) and can be applied to any other field. Good luck!

afcyung

Security is so broad why worry about cornering yourself in a specific job right now. Try them all out and see what you like.

JDMurray

YuckTheFankees wrote: »

Long story short, sitting in-front of a computer for 8 hours bookmarking/finding ADS's/and writing reports is not all that fun. Don't get me wrong, it was interesting at times but the cons out weigh the pros..at least for me.

Excellent first-hand experience. I think most people who try professional penetration testing work find out the same thing too.

YuckTheFankees

@ JD,

I was honestly thinking the same think. If CF is over-hyped, I can only imagine what pentesting is like. I guess I'll stick to networking and network security.

JDMurray

CF and PT are two things that inexplicably inspire people to conjure romantic fantasies of Indiana Jones-like adventures. It's interesting that archaeology is often dull, boring, and bureaucratic in practice too.

YuckTheFankees

I'm glad I did an internship before I started to spend thousands of dollars on books, training, and certifications.

Are most security jobs like this? I know you have a security role, can you explain what you do on a regular basis?

jasong318

Can't speak for all security roles, but mine is like that. I spend the majority of my time in meetings or writing reports. Heck, we even have meetings to write reports sometimes

YuckTheFankees

I see you have the CCNP, do you feel your CCNP knowledge has helped a lot with your security role?

docrice

You should write an article about your experience with the forensics internship and how it differs from your original expectations. That would really help out others who are in the same boat as you.

...

So, as someone who does nothing but security-related stuff all day I'll say that if you like the idea being "the protector" of a business at a technical level, security can be fun if part of your motivation in life is to feed your curiosity about the electronic world. In most places, you'll have to "sell" security to your peers and management, but doing the work (and hopefully achieving results for the better) is fun.

I work with firewalls, IDS / IPS appliances, do some general switching / routing audits, environment builds / design, vuln assessments, some systems-level reviews, log-watching, traffic-profiling, evaluate vendor security solutions, etc.. I work at an infosec company so that only helps, but it's still a damning amount of work that I can never keep up with due to the nature and speed of business.

But it's all cake. It's so much cake that I'm overdosing on sugar. I have a peer on the systems side and he loves his stuff too, but we both understand the nature and requirements of the business and how overwhelming it can be. I take my work home and it sticks around during weeknights, weekends, and holidays. It's not required of me to do this, but it keeps me going because I see a potential to help my organization grow and realize a better and more resilient posture. It's the process of building that makes it enjoyable. Swimming in it all is fun, but really only enjoyed in hindsight after you get out of the cold water and look back on accomplishments.

I personally like firewall work. Yes, it's a "policy enforcement engine" designed to align with a larger security policy, but there's something to be said about configuring an appliance to shoot laser beams (dropping packets) against traffic streams. Identifying source / destination and other aspects of these through logs and other visibility tools helps keep me on the hunt to solve the mystery in the depths of the dark network wire / closet / [choose your metaphor].

There's never enough time to finish the work, you're always stressed, and you're always on the losing end when you're on defense. That's the challenge and the ultimate thrill. The way it is now, anyone can bust down the door to a network. The fun is getting good enough to keep them out.

As I said, it's all cake to me. Sometimes pie when I'm sick of cake.

YuckTheFankees

@docrice

Writing a little something about my experience in computer forensics is a great idea. How did CF and pentesting become so "sexy" to the masses, does it all come from movies?

jdubb45

JDMurray wrote: »

Excellent first-hand experience. I think most people who try professional penetration testing work find out the same thing too.

That's the part i love about my job as a pen tester. 30% technical and 70% business. It's very rewarding helping a client see where they are vulnerable and giving them the "security best practice" to mitigate the potential risk associated with the finding. I also really get a kick out of some of the expressions i see from the network/sysadmin personnel especially after we've performed a PCI/HIPAA Hitech related assessment. Lastly most of the time I'm glad that's not me having to spend an extra 80/hrs+ having to implement it.

jdubb45

YuckTheFankees wrote: »

@docrice

Writing a little something about my experience in computer forensics is a great idea. How did CF and pentesting become so "sexy" to the masses, does it all come from movies?

Sneakers
Hackers
Live Free or Die Hard
Swordfish
Italian Job - changing lights
MI series
The Matrix
Transformers
And the list goes on

YuckTheFankees

so movies is the answer

Mike-Mike

YuckTheFankees wrote: »

Writing a little something about my experience in computer forensics is a great idea.

being relatively new to IT myself, I would love to hear details of your experience

jasong318

The CCNP helped insofar as giving me experience with Cisco products and the Cisco way of accomplishing security. I've learned more about real-world security needs by studying for the CISSP though, participating in local CTF events, and by reading forums like these

Also, the OSCP looks promising and I'll probably be doing that soon.

contentpros

YuckTheFankees wrote: »

@docrice

Writing a little something about my experience in computer forensics is a great idea. How did CF and pentesting become so "sexy" to the masses, does it all come from movies?

And why is it that in almost every picture of a hacker we're all wearing hoodies?

Ch@rl!3m0ng

contentpros wrote: »

And why is it that in almost every picture of a hacker we're all wearing hoodies?

It fits quiet well into peoples perception that "hoodies" are always up to no good. That comes from the media. Also it surgests that you are trying to physically hide who you are and what you are doing. They should know hidding n plain sight is normally the best way...

demonfurbie

I do a fair bit of cf work and what I see is mostly translating what I find into readable for tech for the non tech... Its very annoying

UnixGuy

Is there any area in IT that's interesting? I'm getting bored and have been questioning my career a lot lately!

the_Grinch

I tend to find that the redundancy of issues is what causes questioning of the IT career. You will find you get to the point where the challenge is gone and then you begin to question what you are doing. Studying a new technology is all well and good, but if you never get to use it what is the point? There are times (very rare) where a problem or creative solution is needed and then I enjoy the job. Sadly, that usually lasts at best a day before the issue is resolved and then it back to the day to day crap. Sadly, I have yet to find a solution to this problem.

yoshiiaki

UnixGuy wrote: »

Is there any area in IT that's interesting? I'm getting bored and have been questioning my career a lot lately!

Okay, so I'm new to this field so everything is exciting for me right now. But the way I would react to that if it ever fell upon me, is to find another job. I would take a guess that it could be because you have been at the same place for too long. So perhaps just finding another job, even in the same field would help brighten things up, although my guess would be that would only last until you settle into that new company. IT is very vast and if you are bored of one route, take another.

As for OP, I think you should try to broaden your approach and see where it takes you. You seem pretty set on security and I would like to ask why? Have you searched out other aspects?CCNA alone has 8 specialites(CCDA, CCNA, CCNA-S, -SP Ops, -SP, -V, -W)by itself. If IT was anything like "Hackers" (The one with angelina Jolie) I know i would love to be a DBA. Almost like playing a video game. I might even learn to ride a skateboard haha.

UnixGuy

@The_Grinch sometimes even studying new technology isn't appealing, whether I use it or not. But it could be that my current work place is boring

yoshiiaki: I agree, it could be my working place. I'm changing jobs (and relocating) by the end of this year...I'm trying to survive the last few months