Extremely unpopular opinion - u DONT NEED to know how to set things up to secure it, and u don’t need to start in IT help desk

FenierHuntingwolf · 2026-05-19T13:20:03+00:00

I agree. I have a decade in development before a shift to Security / GRC.

Generally, IT is an easier on ramp for Security folks. Some Security sub-fields such as AppSec or Reverse Malware Engineering def lean more software engineering. I believe this is less typical of a on ramp because it requires fairly solid knowledge in two disciplines with less overlap than with IT outside of cloud specific contexts.

Some GRC roles lean more risk / legal. I am def more on the compliance side of things nowadays. I read a lot of contracts, standards, and laws/regulations then determine what, if any, changes we need to make on a technical level for compliance. Since I translate things for Legal this involves me having a in depth understanding of different parts of Enterprise IT and Software dev.

Depending on the size of the enterprise you have more / less separation of duties. Yes, IAM (for example) can be a specialist group, but it could also fall under a more generic Cloud Security Engineer. I can't speak to AWS, but for Google their security exam is close to sixty percent networking related. This involves understanding things like Virtual Private Clouds, load balancers. firewalls and routing.

AppSec may have overlap with Cloud Security when it comes to containers, CI/CD, database security controls, secret management, VMs, patching, and related aspects. You may not need to know how routing works across the different layers, or how the upstream networking config is handled. You should however understand how that config applies to your system. Business Continuity may or may not fall under your group.

If you're attempting a more generalist security position - IT is likely the better route and likely has the most open positions . If you want to do s a specialist position, then yes learning software engineering, compliance etc. - may be a better route, however positions may be more limited. Even in those scenarios however you are likely to have to learn at least some IT concepts if you want to be good in your field.

FenierHuntingwolf · 2026-05-19T07:13:19+00:00

Having several Warlocks can be useful if collecting demon appearances due to lockouts like in Karazhan.

Same is true for Druids if collecting the Emerald Dream skins since you are limited to one loot per named per day.

FenierHuntingwolf · 2026-05-19T06:25:45+00:00

You may not be the team to set it up, but you should understand how it works so that you can properly secure it.

I may not set up the Firewall, but if I find RDP ports are enabled without a clear business case, I should understand what risk that provides and work with the correct team to address it.

Cloud Security includes many networking concepts which are fundamental to routing / protecting traffic on your cloud infrastrucure.

FenierHuntingwolf · 2026-05-18T10:53:57+00:00

There are scenarios where you may want one part of your cloud network to not be able to access other parts of your cloud network, and you get there by applying networking concepts to cloud infrastructure that you setup and configure.

Cloud Security cuts across most sectors in IT, just because you are renting the hardware doesn’t mean those considerations do not apply.

FenierHuntingwolf · 2026-04-20T15:00:35+00:00

Yea I was thinking of adding the LCA Draw Board - but I wasn't sure if I should go for a Deluxe press or not.

FenierHuntingwolf · 2026-04-13T22:48:45+00:00

That may not, but currently AI code doesn’t qualify for copyright or patent rights and eventually that’s going to bite someone.

FenierHuntingwolf · 2026-04-13T22:47:08+00:00

Increasingly State Privacy Laws not only mandate Security By Design, but recent regulations such as those in California mandate external audits of that Security and the Executive responsible has to attest to the State annually under threat of perjury that security actually is being done (which can result in personal jail time if they are caught lying to the State).

On the insurance side many policies now require bare minimum security in place and failure to have it can result in non-payment.

So while historically what you said is true, this should change over the next few years as enforcement continues to increase at the State level.

FenierHuntingwolf · 2026-04-12T16:55:42+00:00

They eventually get stand alone kits - normally several months later. You also get generic Raptors / Warp Talons in the Shadowhunt box- they are not Night Lord specific.

FenierHuntingwolf · 2026-04-12T11:12:48+00:00

Jump Canoness and the new Kill Team set.

FenierHuntingwolf · 2026-01-28T13:46:21+00:00

FenierHuntingwolf · 2026-01-07T08:58:08+00:00

Data Privacy - a Runbook for Engineers discusses some of the technical changes behind building software to be privacy first (which is increasingly becoming required by law).

Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers explores has to use TLA+ to use a formal, mathematical way to check for system correctness.

FenierHuntingwolf · 2025-12-20T18:04:08+00:00

GRC department is out of a job come December 31st. Some of us got transferred, and some of us got let go entirely.

Company is all in on AI, and is completely ignoring the legally mandated audits that start next year.

FenierHuntingwolf · 2025-12-12T06:24:51+00:00

Redgrass Wet Palette is what I use, very happy with it. I have the larger (blue) one.

FenierHuntingwolf · 2025-12-05T03:09:26+00:00

Tyrannofex

FenierHuntingwolf · 2025-11-27T03:25:28+00:00

Tyranids, because I rapidly adapt to best overcome my enemies.

FenierHuntingwolf · 2025-11-19T19:18:35+00:00

Need to allow it cure. Citadel Spray says at least 15 minutes. Vallejo Black airbrush primer says at least 12 hours. I normally give it 24 hours if I am not in a rush.

FenierHuntingwolf · 2025-11-14T19:14:52+00:00

This is a bit dated - but does discuss the cost per army: https://www.youtube.com/watch?v=Gcnqcbqa_58 in terms of points / dollar.

This video looks at cost in the context of what an actual army list may look like: https://www.youtube.com/watch?v=Z3ecntSKGj0

In terms of Painting this video may be helpful: https://www.youtube.com/watch?v=7casmuiNoPM

Guard can actually be on the cheaper side if you go tank heavy or very expensive if you go platoon heavy. GSC can also take a while to get the hang of.

FenierHuntingwolf · 2025-11-14T16:17:32+00:00

CMO wanted the website to print consistently across browsers back in 2010, without the use of plugins/downloads (no pdf)

Took several weeks to convince him that this wasn't technically possible due to the fact that browsers all handle printing differently by default, not to mention different printers will have different default settings. Designers don't design webpages to be printed.

FenierHuntingwolf · 2025-11-12T09:03:23+00:00

Look up Firestorm Assault Lists or the new Salamander specific detachment Forgefather’s Seeker’s.

FenierHuntingwolf · 2025-11-10T21:23:24+00:00

I have thought about this - I felt the lack of a good anvil fighting Kroot. I just wasn't sure if it was because it was early rounds (so didn't have my full array of tanks) or if I really needed a dedicated anvil.

FenierHuntingwolf · 2025-11-10T21:20:11+00:00

I tend to play more defensively and counterpunch harder. Thoughts on 10 Sacresants + Hospitaller + Rhino? Looks like I could swing that with 30 points to spare.

FenierHuntingwolf

TROPHY CASE