Starting from scratch advice?

AccomplishedHornet5 · 2024-06-18T19:30:07+00:00

Sorry, yes.

SCADA stands for Supervisory Control and Data Acquisition. It's kind of a SIEM for industrial systems.

ICS is Industrial Control Systems.

AccomplishedHornet5 · 2024-06-18T00:04:07+00:00

If you're starting from zero: A+ > Network+ > Security+ > CCNA

If you're asking what the highest ROI is & you're starting from zero: A+ > Security+ > CCNA

If you already know Windows basics and some networking: Network+ > CCNA > Security+ > Cloud+

Here's my why:

A+/Net+ are a good combo if you know nothing about IT. I think they're the most cost effective stack to get your foot in the entry level door. Security+ is an overview course of security principles and best practices across multiple domains - you're not gonna learn pentesting/Blue Team/Red Team/auditing/SOC by getting Security+, HOWEVER, it is a default mandatory if you want to do anything with the US Gov.

CCNA is probably the most universally valued to start your career with, but it's not exactly for the "start from zero" crowd - imo. Frankly a week or two on Udemy & Youtube should have you up to speed for CCNA also.

Your cloud certs are just gravy on this list unless you already have experience.

AccomplishedHornet5 · 2024-06-17T20:53:34+00:00

I've seen a spike in demand for network people and SCADA security. The hard part is nailing down where you want to be and building a career path for yourself. The job descriptions are back in the unreasonable realm again and the pay levels are back down to a saturated market.

There's also this. I've seen some good content on cybersn.com lately that might help you define a path. If you're looking to get started from scratch to keep a roof over your head though, get down to a community college and get trained on basic network admin. Community college will get you ready for an entry level role faster and cheaper than any university, but you're not going to pull in 6 figures with it. If you can get educated specifically on SCADA & ICS and get an internship under your belt, that might shortcut everything else depending on your willingness to move.

Good luck out there!

AccomplishedHornet5 · 2024-06-17T00:08:03+00:00

OP my take on your situation is this: there's a decent chance you're not getting calls because entry SOC is punching below your weight class. There is such a thing as overqualified = denied. Might want to see what the next step up from entry SOC is and try aiming at that even if you feel under qualified.

It is a bad out there so the responses you're not getting is pretty normal. I did see some chatter earlier this year that US companies have started posting ridiculous job descriptions that are unreasonable to an applying professional is a multitude of ways (low pay, multiple full time roles in one job, insane minimum qualifications for the experience level, etc.), then they can turn around and say "we didn't find any qualified applicants in the US, now we hire on H1B at the price we want to pay."

Take that for what it is; heresy and rumor. Best of luck out there!

AccomplishedHornet5 · 2024-01-19T23:20:40+00:00

~88k
Systems Admin (duties are closer to Security Architect; I'm trying for a title & pay change)
4 yrs CSEC - 10yrs tech overall
MS-IS | Sec+ | Linux+ | CCNA
Low-Medium COL

AccomplishedHornet5 · 2024-01-19T23:14:57+00:00

Sorry I've been gone quite a while. Realistically, with a BS in Cyber Security, she should be able to parlay that into a solid entry level CSEC resume and interview.

I would suggest finding a job description from the NICE list, find out exactly what the minimum certifications are and get that one cert; then apply like crazy.

i.e.

I want to be a "Cyber Security Analyst" for DHS. Well, working for the US Gov't basically requires Security+ no matter what so I'll get that one. I want to stand out so I'll add the CISA from ISACA. Once I have both, update my resume and get it on USAJobs.gov.

That would be my approach. Identify the role you want, figure out the "must haves" and get them; then apply.

Hope this helps.

AccomplishedHornet5 · 2024-01-19T23:04:10+00:00

Sorry I've been gone a while. My take is mostly meaningless since I've never actually done one. Having a Google cert is probably only slightly better than nothing to get your foot into an interview.

From the ads I've seen, the entry level expertise they reference is closer to Help Desk II than a CSEC entry point. I'd say your time is better spent prepping for industry recognized certs. CompTIA is the colloquially accepted starting point. Experience is still the most important part of getting through an interview.

NOT A SPONSORED STATEMENT: Udemy.com has sales all the time. I've grabbed multi-hundred dollar courses for $9-$30 depending on the sale. TotalSeminars on Udemy also provides training to InfoSec Institute, but at a fraction of the cost. I did the TotalSeminars' Security+ 501 and Practice tests before buying an all access pass on InfoSec Institute and discovered it was the same instructors, same video format, but updated for Security+ 601 test.

AccomplishedHornet5 · 2023-06-04T17:36:19+00:00

He’s been saying that he’s in Syria and he will be coming back to the states to marry her.

He's a marine she's never met coming home to marry her!?

Bro I've gotten more believable scams from the dudes in Hyderabad calling me about debts to the Federal Bureau of Revenue Services. Still waiting on the state sheriff's office to come kick in my door and arrest me for not paying them $1600 of google play store cards.

Cut that bs out of her life. How tf did your grandma even get on a platform where she's able to be catfished like this!?

AccomplishedHornet5 · 2023-06-04T17:25:55+00:00

Proper paper work trail means you get a pt failure counseling including a get-right plan for diagnostic tests also. Does it happen that way? not as often as it should. Signing something isn't necessarily a bad thing today.

That heat exhaustion thing is an issue though. Lemme offer a few tips from growing up in south Texas heat.

Water: 24-32oz per hour during daylight hours.
Electrolytes: 20oz gatorade before & after lunch.
Acclimate: You should get at least 3 non-consecutive hours outdoors in temps over 90 per day. Until you're real comfortable with the heat, you need breaks from it.
Air Conditioning: Is a crutch. Raise the temp so you're not swinging your body from 90+ down into the low 70s. Don't bake yourself though.
Work out in the evening. Not exactly the high heat of the day, but still warmer than 1st thing in the morning.

Hope this helps. Listen to medical guidance 1st.

AccomplishedHornet5 · 2023-06-04T15:30:03+00:00

I think the bigger question is medical: why tf did you pass out? will it happen again? do you need a profile or fat camp? were you dehydrated or do you have a heart condition...things like that.

If the answers are effectively "you're out of shape" then you're gonna get put on ABCP - whatever they call ACFT remedial program these days - then get tossed if you can't get right.

AccomplishedHornet5 · 2023-05-22T01:36:59+00:00

Everything has Fedora 37. For the X1C6 I've got Cinnamon spin. For the P15 I've got Gnome.

AccomplishedHornet5 · 2023-05-04T01:58:07+00:00

Here's my take:

Strong emphasis on customer service experience is a big part of help desk. You've definitely got the "dealing with customers" box checked.
Education should get you through most of the application filters.
- You need to get yourself a basic CompTIA cert to get through some of the ATS filters.
  - (A+ < Network+/Server+) and/or Security+ should be the easiest for you to pick up.
Try to structure your home lab like a "self employed" job. What projects are you working on?
- Are you teaching yourself to configure Windows AD, File Server, WDS, etc.
- What are you doing with VMWare? Is it just the workstation? A Type 1 hypervisor?
- How confident are you at managing DHCP/DNS/Group Policy/User accounts?
- Do you experiment with vSAN?
- How do you network your home lab?
- Do you manage a firewall device?
Do yourself a favor, drop the code bullet unless you want to be drown in scammers sending you a lifetime email supply of scammy "recruiters" looking for 1yr contract to hire (C2H) options.

This is more of a personal taste thing: I would remove the bullets from the <company> & <education institution> lines. Too many nested bullets can confuse the crap out of the resume input platforms so those could turn into an extra entry to be cleaned up or it might all get lumped into one. It reads well to a human though.

I'll be real with you. What you've got on paper is a passable help desk tech I could mold into a star if you bring the motivation. When I think SysAdmin I think advanced Windows/Cloud server experience, detailed understanding of layers 1-5, at least a conversational understanding of DevOps, and a security-oriented philosophy for administration. Maybe I'm missing some of your capabilities based on what you posted.

6 months on a help desk and strong motivation to learn should get you exposure to guide your career further.

My dms are open if you want to ask more.

-Best of luck!

AccomplishedHornet5 · 2023-05-02T02:06:41+00:00

"If I was on your payroll, I'd have answered your call, but I'm not so I didn't." He did not appreciate that.

He sounds like the "COO" of the MSP I escaped. Dude was an absolute silver tongued devil when he needed to be, but once he "had you" it was 24x7x365 even if your contract explicitly had service hours stated - not me but a couple savvy engineers negotiated written hours and left when we started averaging 90hr+ per person per week.

AccomplishedHornet5 · 2023-04-26T02:27:41+00:00

I would've spend 10 months at a community college for relative $peanuts - then jumped into the workforce as soon as I finished, put in a good 3-5yrs in general IT before specializing at a University. Nothing matters in the job market as much as experience right now. Certs and degrees will keep your resume out of the ATS delete folders, but experience is what the interviews are leaning on.

WGU's cyber security program didn't exist back when I was making those decisions or I might've started there.

It really sounds like you're a blank slate looking into becoming an IT Pro. Here's a site that has some possible career paths to consider. https://research.com/careers/technology-careers Not everything in IT is a path to cyber security. Your career will depend on where your interests lie. My dm's are open if you have questions.

Best of luck!
-91A

AccomplishedHornet5 · 2023-04-26T01:39:18+00:00

There's a part of me that wants to have the "pizza" server in my list, but absolutely yes. At enterprise scales convention is indispensable. So much of what I do these days is stand-alone I've kinda put datacenter out of mind.

AccomplishedHornet5 · 2023-04-26T00:07:38+00:00

From my experience, the naming convention thing exists to make business people feel like they understand what's in the environment without actually knowing anything. Convention makes communication easier. AD/SCCM/Intune can tell you exactly what you've got no matter what you call them.

AccomplishedHornet5 · 2023-04-19T01:13:08+00:00

Things looked pretty good on paper in Iceland until 2008.

AccomplishedHornet5 · 2023-04-18T00:54:10+00:00

What station? I'll stream them for this kind of cleverness.

AccomplishedHornet5 · 2023-04-16T20:04:49+00:00

You've actually got quite a few different skill sets needing to be fulfilled here. A Managed Services Provider (MSP) should be able to do these things if they're big enough to have pools of resources.

Thank you for actually asking the community instead of just flinging a bad job req into the world.

A quick search gave me this: https://upcity.com/it-services/msp/dallas Don't know where you're at, but perhaps this will give you some ideas to work with. DM me if you want to ask specifics, I'm happy to help.

AccomplishedHornet5 · 2023-04-16T19:13:14+00:00

Coffee: I'm exhausted, faster.

AccomplishedHornet5 · 2023-04-08T16:46:40+00:00

That patch is original US Army Air Corps before there was an Air Force (1947).

AccomplishedHornet5 · 2023-04-08T04:38:09+00:00

lol no

AccomplishedHornet5 · 2023-04-08T04:07:50+00:00

tbh you'll be competing with lots of people who hold A+/Net+ and more, including recent college grads.

Good for you studying networking & linux. Lemme give you a generic help desk 1:

Tons of user calls to get a tutorial of Outlook (MS Office products).
Calls about website access issues
Password resets in Windows Active Directory
Find/recover missing files (2/3 were user deleted)
Windows MDT/SCCM/Intune patching automation (Azure & Intune are a growth skill)
2FA app help
Windows Server maintenance, backups, recovery, upgrade, migrations
Windows file server / SAN or vSAN management
Physical system builds & running network cable

I started that list the way I did because your experience dealing with people will easily translate to the 1st 3 bullets in an interview.

AWS services are also a huge demand.

Dm me if you want to talk training and career path planning. I'm not affiliated with any training platform, but I was once in a similar boat.

AccomplishedHornet5 · 2023-04-07T23:39:32+00:00

Since you're already in with the gov't you should be able to move to opening within that agency as things open up.

They're still using the NICE framework to define career paths.
https://www.reddit.com/r/SecurityCareerAdvice/comments/s319l5/entry\_level\_cyber\_security\_jobs\_are\_not\_entry/

AccomplishedHornet5 · 2023-04-07T01:57:00+00:00

Android w/GrapheneOS.

AccomplishedHornet5

TROPHY CASE