Mentorship Monday - Discussions for career and learning!
from shellsharks@infosec.pub to cybersecurity@infosec.pub on 22 Jan 13:24
https://infosec.pub/post/7458703

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

#cybersecurity

scytale@lemm.ee on 22 Jan 17:52 next collapse

Outside of the SANS courses, are there any other reputable trainings that focus on Cloud Security Architecture?

PaddleMaster@beehaw.org on 22 Jan 22:07 next collapse

CompTIA has a cloud cert

shellsharks@infosec.pub on 23 Jan 03:17 next collapse

AWS has their own first-party certs if you want something vendor-specific (I’m sure Google and Msft have similar). ISC^2 has something too www.isc2.org/certifications/ccsp

noUsernamesLef7@infosec.pub on 23 Jan 05:35 collapse

I’m studying for CCSP right now. It’s fairly general and tries to be vendor neutral but Architecture is one of the knowledge domains on the exam. Might be worth it if you meet the work requirements or experience waiver requirements.

A lot of people also seem to conflate it with the CISSP when it comes up in conversation I’ve noticed.

MSgtRedFox@infosec.pub on 25 Jan 00:02 collapse

Google has one too, can’t say whether it’s good or not, sorry.

noUsernamesLef7@infosec.pub on 23 Jan 05:44 next collapse

I just started my first official cybersecurity position at a medium size company in an industry that is currently being heavily targeted with ransomware.

I’m starting pretty much from scratch as they have not had a dedicated security role in over a year and my predecessor didn’t make much progress. So far i’ve been focused on inventory lists, policies, and procedures for hardware, software, and data. I think we’re doing okay with minimizing stuff thats internet facing and patching is in a good place (well, at least with the devices and os’s that are still supported).

Any suggestions on where to go from there or what to prioritize?

shellsharks@infosec.pub on 23 Jan 12:36 collapse

www.cisecurity.org/controls/v8

noUsernamesLef7@infosec.pub on 23 Jan 18:52 collapse

Thanks! This is actually exactly what I have been basing my efforts on so far, it’s just sobering to look at how far away we are from completing implementation group 1.

alex_02@infosec.pub on 23 Jan 15:54 collapse

Been debating about going back to school or not. It might be just easier to start trying to create a job for myself based on my work and experiences, but not sure. Both would take a lot of work, but based on what I do now, I’m not sure if I would be able to deal with the boredom of going through all the classes that might be too basic for me and I don’t test well so I don’t know if it would be worth pouring money into things that I might fail at because colleges, universities, etc. can’t give me the accommodations that I know I need.

shellsharks@infosec.pub on 24 Jan 18:18 collapse

WGU is a popular option for school that is more budget and time-friendly. Have you run into issues applying to jobs that required a degree?

alex_02@infosec.pub on 27 Jan 00:24 collapse

Applying for jobs that require a degree or stupid amount of experience and a case that is biting me in the ass even though I served my time with probation and would rather stupid people in middle management and hr would mind their own business instead of googling up my name and finding an article that is riddled with misinfo and other stuff that isn’t true which is already causing me problems. Been debating about suing for defamation of character on multiple “journalist” platforms on articles that really are defamation of character and also dox my info plus other shenanigans.

shellsharks@infosec.pub on 27 Jan 06:03 collapse

Yikes. Well hopefully you can get that sorted out. Best of luck!!

alex_02@infosec.pub on 28 Jan 00:24 collapse

Yeah. Pretty awful. Took a look at WGU and will definitely give it a try with some of its standalone courses before committing to a full degree program. Also looking at several other unis and colleges. Might be a good idea to go somewhere out of state, so I can get away from some of my stress.