Tweet
Originally posted by AlxRogan
/ducking.
-
Well, that second guy, geez, what did you expect? And the first one? I don't even want to talk about him.
/ducking.Thorn
"If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird -
The Infosec industry is huge, and growing. Whilst the majority of new entrants into the field arrive from a technical background, there is an ever increasing number of opportunities for those with a 'softer' skillset. Don't underestimate the need to improve your business acumen, management, influencing and persuasion skills. This side of IS Security may not be everyone's cup of tea but increasingly companies are paying the big bucks to people who can turn their hand to a number of areas; policy development/enforcement, audit as well as hands on technical security administration.
It isn't easy, but building a career in Infosec can be very rewarding, and well worth the effort.Comment
-
The problem with INFOSEC jobs is where your located at. Here in Michigan, trying to find any decent security jobs is like pulling teeth from a croc.
I've been in the industry for 15+ years and it's still hard as hell trying to find something. I hate certs for my own reasons more then anything and will never get them. I've been told by many HR ppl and ex employers that certs don't get people in the doors here anyhow, they look for experience and references and I have plenty of both. I'm have been out of work since Dec 22nd and I'm seeing that Security really hasn't changed since the last time I was looking. People still consider it a joke and really don't care about making sure their companies are secure.
Due to health issues with my daughter and also my own, I'm unable to relocate my family to another state for work because then my daughter wouldn't get the help she needs. I've thought about other fields outside of computers but I know it wouldn't last since the only time I'm happy is when I'm doing some kind of security work and with my wife and kids.Comment
-
The last guy I hired has MCSE, A+ and CNA. I had planned to ask him 25 questions. Because of his certs I skipped about 10 of the questions. That's what they are worth to me. They make me assume he can answer the 10 I did not ask him. No doubt you can too.
Also you may consider working for a government agency. That way I don't care if you are in Nome, Alaska, they will have a slot that no one else may have. It may be filled, but you gotta be patient and flexible.Comment
-
Heh, you should try getting a IT job in NC!
I have about 17+ years expierience in the field and since I moved to NC I have had to commute to SC just to get a decent placement. Here they pay un-qualified hicks to do the job for less than half what they'd pay a qualified person.
I've also grown sick of these CNC and Stamp developer jobs, they are crap. What does a guy have to do to sit in a cubical all day and not get fucked with? I remember when IT jobs where extremely easy to find.
BTW, I wouldn't work at RedHat Software for less than $200k a year, the people there are all the marketing puke type who talk about football and scratch there nuts all day.Comment
-
I am in NC now. I can walk into Research Triangle and jobs will fall out the windows onto me. But the economy is not as good as California and I won't settle for that. Yea, I got spoiled by starting in CA. If you start in NC, KY, AK, etc, expect a slower curve.
When my current, uh, temporary job is over, it's back to CA.Comment
-
astcell, I swear I'm not stalking you - you just post a lot. I'm in NC too, near Charlotte, but there is some HUGE bucks in New Orleans right now for ANY sector of the IT field. I lived in NO for over 7 years and I'm thinking of heading back to the bayou for a piece of this. A friend of mine is working on a contract for his his company and if he get's it I'm in. Some of you other "contract types" might want to check this out.
TommyLast edited by SlackJaw; January 9, 2006, 03:48."640k ought to be enough for anybody" - Bill Gates 1981Comment
-
"How to get a job with pen-testing team." by Dmitry
Dmitry wrote this funny overview of getting a job in the pen testing arena. Good humor writing a bit close to home. It remides me of the .com hey days. It mentions a couple people we know and here is a brief excerpt of rule #1 to get you interested:
"You can’t run Windows. Seriously, don’t even consider showing up to a Con|interview|class|etc with Windows. Even if you have to run a CD distro, or OpenBSD at runlevel 3, you must do it. You will be scoffed at and not taken seriously with a Windows machine. For bonus points, put con stickers or anti-microsoft stickers on the laptop. You get extra bonus points if you’re running a MAC. Just pull up Safari and browse over to slashdot. Yeah, you’re rolling hardcore now."
Full URL: http://blogs.securiteam.com/index.php/archives/223PGP Key: https://defcon.org/html/links/dtangent.htmlComment
-
He forgot to say "Dye your hair a weird color too". People keep on wondering where my skills come from. It was the hair and the distro. C'mon, how else was I going to land the jobs.Originally posted by Dark TangenttommEE pickles
Comment
-
Re: Getting started in the security field
Do any employer's value a certification such as CCSE/ CCIE over a CISSP. From what i have researched using the net, CISSP is not really merely recognised cert as Cisco cert's, but yet people with this CISSP cert are the 'real deal'. I was curious to know if perhap's CCNP or CCSE can subsitute a CISSP relating to the security field?Comment
-
Re: Getting started in the security field
They are two different things. CCSE is configuring how to securely configure firewalls etc.. The CISSP is to have a broad view knowledge of information security; its like comparing apples and oranges.Mark
"Our greatest glory is not in never falling, but in getting up every time we do". - ConfuciousComment
-
Re: Getting started in the security field
Reb00tz is right. The CISSP is broad knowledge of security. Basicly training yourself to understand security in the industry.
I think most larger companies look at certs as a great thing. Mostly just because someone has taken the time to read a book and take a test on it. I personally put no weight on certs because it is all about memorization. Almost anyone can take a test... but can you handle the situation of data lose and where it came from, how it was breached, when it was taken, and what you are going to do about it ALL while some CIO, CTO, CEO is breathing down you neck for answers.
Knowing the knowledge and using the knowledge is 2 entirely different things. I find that people with experiance out perform people with cert's. But not in all situations. Get the experiance first, then go take a test on what you know.. best solution.. pass or fail you know now what you have to work on
IMHO.Kraa: You are Slackware Linux. You are the brightest among your peers, but are often mistaken as insane. Your elegant solutions to problems often take a little longer, but require much less effort to complete.Comment
-
Re: Getting started in the security field
Been awhile since I last commented on this thread. As of this last Friday, I quit my job and will be going to school full time at Foothill College. I will start off with getting an AA in Informatics and then go into more specialized areas.
Because I quit my job, I also will be trying to get an internship with Cisco as well. I am hoping this will allow me more hands on experience and of course, a job with them in the future.
The information I have read here has helped a lot!Comment
Comment