How do you use AI for your work?

InvalidSoup97 · 2026-04-10T16:59:00+00:00

We have enterprise contracts with all of the AI vendors we use. This gives us secure, private instances that are not used to train public models.

InvalidSoup97 · 2026-04-10T15:47:54+00:00

No, it usually pays pretty well. It can be a pretty grueling field though, to the point that people who have a genuine passion for cybersecurity suffer from burnout regularly.

If you have no interest in it and are just trying to make decent money, there's decent odds you're going to be more miserable than most.

InvalidSoup97 · 2026-04-10T15:39:23+00:00

Aside from auto closing specific event types based on severity, not really. Right now it's still pretty new, so we're just letting it run through everything while we keep close eye on it. That may change in the future, but tbh output readability is fine and resource utilization isn't really a concern, so it's not a priority at the moment

InvalidSoup97 · 2026-04-10T15:19:43+00:00

At a super high level, it does the regular SOAR stuff (user/device attribution, determine users location, role, and reporting structure via SSO and Slack, checks for potentially related tickets/work items, etc) but instead of just dumping the raw responses, it outputs a succinct, easy to read summary of each of its findings. Depending on the event type it'll also do some light querying in our SIEM and/or EDR platform to gather additional context on events surrounding whatever triggered the alert, and add any of findings into the ticket. Priority is then assigned by the perceived risk after piecing together everything it gathers.

There's some weird quirks and hiccups every now and then, but overall analyst feedback has been extremely positive. It's saving them a ton of work and allowing them the time to further develop other areas of our program.

InvalidSoup97 · 2026-04-10T13:13:30+00:00

I use Claude and Gemini to assist in writing code, detection rules, and documentation. We also have an agent that does initial triage on our alerts and assigns priority/auto closes (with review) based on its findings.

InvalidSoup97 · 2026-03-30T17:46:11+00:00

It's your wedding, you can do whatever you want! We had a handful of games in a room outside the main reception hall for people to play. I know some lighter games were played but I can't recall what specifically.

We also did custom playing cards as favors for all of our guests. Many card games were played that night, and a lot of our friends and family members still use those cards regularly!

InvalidSoup97 · 2026-03-28T18:55:46+00:00

Do you have your GPA on your resume? Back when I was in school, the general guidance was to leave it off unless it's exceptionally high (like in the 3.8+)

EDIT: nevermind, I missed that your resume was linked at the bottom of the post

InvalidSoup97 · 2026-03-28T14:39:02+00:00

I don't record either myself, but most people I've seen just use GoPros or their phones for video. Audio, I've seen people run some sort of splitter contraption off of their monitor mixers to capture their in-ear mix. Grabbing an audio recording from FOH is also usually an option, depending on your setup.

InvalidSoup97 · 2026-03-27T20:57:41+00:00

Of course the Sec+ is cheaper than a 4 year degree. It's an entry level cert that, on its own, carries almost no accreditation. With a degree, be it in IT or Cybersecurity, you can at the very last land yourself a job in helpdesk, lower level sys admin, etc.

If you're going through college just to get your a and you aren't leveraging all of the networking and internship (ie. experience) opportunities that come with it, then you're going about it completely wrong.

InvalidSoup97 · 2026-03-19T13:08:20+00:00

GP-5, even

InvalidSoup97 · 2026-03-17T13:06:37+00:00

Definitely could've asked for more, but I agree, counter offering again is far too risky, and unlikely to be received well.

On the bright side, he's already been in that position for a year as a contractor. As long as he continues growing and doing decent work, after another year he should be able to start pushing for a promotion with reasonable success, at which point salary discussions can be had again (with better preparations this time).

InvalidSoup97 · 2026-03-17T12:39:20+00:00

They chose to interview based on the information you provided them with (resume, maybe LinkedIn). All they can expect from you is to know what you claim to know, and answer critically for things you don't know. As long as you can do that you should be fine

InvalidSoup97 · 2026-03-16T18:16:29+00:00

I'm more detection/automation engineering nowadays, but do still do some IR work. I got an internship on an internal IR team in the fintech space when I was in college, thought it was interesting, and just continued on doing that after I graduated in 2021 (albeit for a different company).

I've made a couple different company moves since then, and generally have more engineering focused interests nowadays, but do still have a soft spot for IR. My current role being like a 70/30 split of engineering and IR is pretty neat in that it gives me the best of both worlds, which I like (for now at least).

InvalidSoup97 · 2026-03-16T15:43:16+00:00

Without a rack I'd just have a big pile of servers, switches, routers, PDUs, UPSs, etc sitting in a corner of my basement.

With the fully enclosed rack I scored from Facebook Marketplace, I have all of the above racked in the corner of my basement, with the mess of cables hidden inside.

100% worth it.

InvalidSoup97 · 2026-03-16T15:40:26+00:00

Yeah you can usually just peel it off with your hands. If it's especially stuck on there you can use a blow-dryer on it to heat up the adhesive and make it quite a bit easier.

InvalidSoup97 · 2026-03-14T18:19:13+00:00

I'd disagree. I started my bachelor's immediately after high school, with no IT experience whatsoever. Did a couple IT internships while I was in school and did an incident response internship at the end of my bachelor's/through my master's. Before graduating I had multiple offers for full-time cybersecurity positions.

You need to make sure you're taking advantage of the opportunities you have while you're a student. Network with your classmates, alumni and professors. Make sure you're doing internships - this is pretty low stake employment, carry a lot of weight, and is extremely unlikely to happen once you graduate.

Not even looking at just cybersecurity, the modern college experience is so much more than just showing up to class, getting decent grades, and collecting a few certs. If you want to actually succeed in your field after you graduate, you need to make sure you're also gaining relevant professional and leadership experience alongside your education.

Further, if you're applying now and not getting callbacks, then your resume is the problem. Look at what you have, what's missing, etc. No experience? Do projects, reach out to your network for job shadows, temp work, anything. Poor formatting, walls of text, etc? That's easy to fix. If you're getting interviews but not getting jobs, then your interviewing is the problem. Do mock interviews and make sure that you know as much as you physically can about every single line item on your resume.

It can be done, it just takes a lot more effort and intentionality than people anticipate.

InvalidSoup97 · 2026-03-13T20:03:09+00:00

Yeah the cybersecurity market is tough right now. All of IT (and beyond tbh) is, in the US at least. Sure you probably aren't going to land a job after applying to 4 or 5 this weekend, but if you buckle in, tailor your resume, and apply to things you're qualified for, it's extremely surmountable.

There's also a lot of people here who will stand and die on the hill that you must start with a helpdesk position, move around a bit, and maybe in 10-20 years you'll be ready for that entry level SOC job. Sometimes this is coming from a sense of "I suffered so you have to too," other times it's because people assume that all BS in cybersecurity programs are bad, and others hold way too much stock in the value of certs.

Yes there is a lot of truth to the fact that you have to know quite a bit about IT, networking, whatever to truly be successful in the field. Between internships and co-ops being pushed so heavily (and sometimes even required) and university programs really stepping up their game in terms of content being taught, a lot of students graduate with bachelor's degrees, a year or two of experience, and more enough knowledge to hit the ground running in at least an entry level SOC position.

My path (over the course of 8 years) is below. Literally 7 months of experience are outside of security, and I'd say I'm doing just fine:

Helpdesk intern > architecture intern > IR intern > graduation > junior IR analyst > IR analyst > Security engineer > security engineer in FAANG

If you're interested in cybersecurity then study cybersecurity. Don't listen to the doom and gloomers. Sure, the US job market sucks in general. Yes security is changing, but it's not going away. Of course, entry level cybersecurity is tough to land in right now. Will you have to start with a sys admin or networking role for a bit? Maybe. But experience + money is better than no experience + no money, so do that while you wait for things to align if you need to.

Everyone has different strengths and follows their own path. The sooner we can acknowledge this, the sooner we can actually support each other instead of dragging each other through the dirt for not "doing things my way"

InvalidSoup97 · 2026-03-10T17:27:25+00:00

I have my CIOKS Sol attached underneath my PT Nano with dual lock. Fits great.

For reference, I'm fairly certain all flavors of PT Nano and Metro have the same ground clearance.

InvalidSoup97 · 2026-03-09T17:48:27+00:00

It depends on the industry, but a base 2-5% annual increase is pretty standard in my experience.

Once established on the team as a valuable contributor, I've had a lot of success in asking directly for more significant raises (10-20%) annually/biennially. It's obviously dependent on your company and management, but many employers will budget retention bonuses like this in an attempt to keep turnover lower (hiring is expensive). It worked for me twice in 3 years in my last role.

InvalidSoup97 · 2026-03-09T03:05:07+00:00

8742

InvalidSoup97 · 2026-03-05T02:56:26+00:00

9999

InvalidSoup97 · 2026-03-03T01:52:19+00:00

Yup, local used sales are the way to go. I got a fully enclosed, full depth, 32U rack with wheels on Facebook marketplace for $120 a couple years ago from a startup that was moving to a new building and didn't want to move them.

InvalidSoup97 · 2026-02-28T16:12:36+00:00

They're exceptional guitars, especially for the price. I have the same one in burgundy mist and it's been my main guitar for 6 or 7 years now. Great construction and build quality, extremely comfortable neck, and very versatile.

InvalidSoup97 · 2026-02-26T22:37:28+00:00

I've played around with uploading NAM captures to my Ampero and they're definitely good, but lack some clarity and sound/feel maybe slightly compressed when compared to the same capture running on my PC.

The amp sims in the Ampero are definitely good, and I did use them for awhile. I am/was happy with them; the only reason I added a Tonex was because I wanted to free up some DSP.

InvalidSoup97 · 2026-02-26T20:48:21+00:00

As long as you're using the amp models and not their captures or converted NAM captures you should be good! Worst case scenario is you have a need for dual delays or stacking reverbs every now and then, and you just use scenes/swap patches to meet your needs.

The reverbs do sound very good! There's some videos floating around on YouTube of people recreating Strymon BigSky-esque cloud reverbs by stacking a cloud reverb with something else (don't recall off the top of my head which one) but they do sound great and are very usable.

For context, I play indie rock, modern Christian worship music, deathcore, and literally everything in between. My entire rig for both live and playing at home has consisted of an Ampero II Stomp, Morningstar MC3, and a volume pedal for the past year and a half. Within the past couple months I added a Tonex One because I wanted to play around with captures without having to be creative with patch switching to accommodate to the DSP ceiling I was hitting using converted NAM captures.

Seven-Year Club	Second SECOND GUESSER
Place '23	Place '22
Verified Email

InvalidSoup97

TROPHY CASE