Mentorship Monday - Discussions for career and learning!
from shellsharks@infosec.pub to cybersecurity@infosec.pub on 08 Jul 12:53
https://infosec.pub/post/14652668

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

#cybersecurity

threaded - newest

KillingInc@lemmy.world on 08 Jul 13:17 next collapse

Hey guys, I’m a new grad struggling to figure out where to go next. I went to Pennsylvania State University and completed a program called “Cybersecurity Operations and Analytics” where I earned a BS. I’ve been applying for IT help desk jobs and tier 1 SOC analyst jobs but haven’t had any luck. Any general advice would be great. Thank you.

leastprivilege@lemmy.ml on 08 Jul 16:14 next collapse

Haven’t had any luck getting interviews? Could be your resume. Haven’t had any luck with getting offers? Could be your interviewing skills.

MajorHavoc@programming.dev on 08 Jul 16:46 collapse

It’s a tough market for entry-level SOC analysts. It has been since…well, as long as I can remember.

IT Help Desk experience is a huge plus, for landing future SOC analyst roles, if you can get some.

My advice is:

  • Hang ang in there and keep at it. The first security job is the hardest to land.
  • Do some independent training if you have time. Hack the Box and OWASP Juice Shop have free resources, so you can keep growing. Remember that increasing your skills does lead to cash, but it sometimes takes a lot of time.
  • Be on the lookout for remote postings. There’s very little done by a SOC, today, that can’t be done remotely, so it’s not critical to limit your search by geography, anymore.
  • Learn some programming, if you haven’t already. SOC operations are less painful with some scripting skill. (My own path into Cybersecurity was due to my coding skills, not any Cybersecurity certificate.)
jerry@infosec.pub on 08 Jul 21:25 next collapse

It’s a rough job market for several reasons. My best recommendation is to do something that will distinguish yourself from others (blog, podcast, etc etc) and also try to establish a relationship with someone at prospective employers to get them to “pull” you in. I know, I know, easier said than done, but that’s where we are at.

br3ad@infosec.pub on 11 Jul 09:12 collapse

I am looking into attacking/defending applications using genai. Any resources would be helpful and if you have any experience in pentesting such applications, i would love to hear about it!

So far i have come across the owasp top for LLMs: owasp.org/www-project-top-10-for-large-language-m…

shellsharks@infosec.pub on 12 Jul 16:17 collapse

Some resources here shellsharks.com/online-training#ai and here databricks.com/…/introducing-databricks-ai-securi…

br3ad@infosec.pub on 13 Jul 11:01 collapse

Thanks for sharing!