Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I’ve worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I’m also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

  • iamak@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I’ll go for something like a TA maybe. I have some job experience already (sde, not cybersec) so idk if it counts.

    things that don’t matter

    Can you give some examples so that I can avoid that

    • shellsharks@infosec.pubOPM
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Mostly non-tech experience. This is subjective and will vary hiring team to hiring team but in this field I have always glossed over any non-tech things on a resume. There’s so much opportunity for people to learn and get involved with IT/security that there’s no excuse to not just focus on those competencies on the resume. Just my opinion.

      • iamak@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Okay. So my experience as a software developer while not the main thing being judged will still be relevant?

            • shellsharks@infosec.pubOPM
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Kinda depends what you want to get into. If you’ve let to land your first security job maybe something like Sec+ to help get your foot in the door. If you know what discipline you want to get into (appsec, endpoint-sec, etc…) this could help further filter down what cert/training might be best to shoot for. Do you know what you think you want to do?

              • iamak@infosec.pub
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                I was thinking Network Security. But I’m not sure about it. Sec+ will help me decide that?

                • shellsharks@infosec.pubOPM
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  Depends what you mean by “Network Security”. A lot of companies have adopted cloud-first environments so traditional netsec is more so cloud infra. In this case there are cloud-specific certs from Azure, AWS, GCP you can take that would be great. If you’re considering traditional network security it may be different. (Though a lot is very much shared).