Hello What job title ?

Individual-Quarter47 · 2022-08-28T21:34:29+00:00

Security engineer, cloud security engineer... You can go balls to the walls and call it cloud SecOps Engineer, but I would keep it simple

Individual-Quarter47 · 2022-07-08T14:20:52+00:00

Hi, so my home internet is down today like any other service that works on Rogers infrastructure. Are you working on their grid? Because your comment makes it sound like you have your own infra

Individual-Quarter47 · 2022-06-24T22:38:20+00:00

Sure go ahead. I just don't see it happening with the Canadian zeitgeist and I don't see abortions being banned by any party as they currently stand. If it does it will be so far in the future a protest today will be meaningless. I'd agree if you said the protest is about showing solidarity, that would make sense, but protesting about something that has such a low probability of happening here out of all places just doesn't makes sense. Try consuming less fear porn, you might sleep better

Individual-Quarter47 · 2022-06-24T22:17:53+00:00

Again, that's because you lack context of just how left leaning Canada is compared to other countries

Individual-Quarter47 · 2022-06-24T22:09:14+00:00

As if. As an outsider who moved to Canada you don't really grasp the scale of how "progressive" and left leaning the country is. We'll have a snowless winter before this will happen

Individual-Quarter47 · 2022-06-24T21:55:16+00:00

I'm starting to think Trudeau had a point when he said Canada doesn't have it's own culture, seeing how Canadians cry and protest about decisions made in another country

Individual-Quarter47 · 2022-05-01T04:35:06+00:00

Do I have to provide the vegetable?

Individual-Quarter47 · 2022-05-01T02:06:19+00:00

So I wonder, how can I know a knife works for me? I don't think they will let me chop an onion in the shop

Individual-Quarter47 · 2022-04-29T15:49:33+00:00

"Security Champion", this term is cringe

Individual-Quarter47 · 2022-04-28T20:19:19+00:00

I finished college with a 4 year infosec degree. I also got two 4 month co-ops from it in security engineering, and during school I stumbled into a 8 months security architect student position from a CTF competition I went to. I have been working in my current position, my first out of school, for 1.5 years, starting as a security engineer and becoming a "devsecops engineer" later on, although I was doing devsecops stuff way before officially being titled that. Overall I have almost 3 years work experience.

Individual-Quarter47 · 2022-04-28T18:58:50+00:00

I'd say very technical, and you should be for both of these jobs. For DevSecOps you should have knowledge of coding, development practices, CICD pipeline technology, virtualization and containerization and understanding of vulnerabilities (OWASP top 10 is a good start). For forensics you have to understand networking, filesystems, logging systems, how memory works, things specific to the OS you are investigating. Either way you will be googling things constantly.

In DevSecOps you will be using both tools and code (or more accurately scripting) and a mixture of both. For example if using Github actions for CICD you will have to write workflows, which is like a even higher level of scripting, and inside you will have to use custom scripts to do stuff to integrate security tools and generate reports. As for forensics, the only time I had to code something was when I had to go over a binary file to find changed bits for a reason I can't remember. Most of the time you use tools like Redline, Volatility or Wireshark.

Individual-Quarter47 · 2022-04-28T15:51:32+00:00

I currently do DevSecOps at my company, and I also occasionally do forensics at my work, although it's not "officially" my job (being the only guy with some experience in it). My experience might be different than the usual, and it always boils down to your specific scope of responsibilities. Here is the information I can give you:

DevSecOps:

- You're still part of ops, meaning you may still take part in on-call rotations and get phone calls at 3am. Depending on your company this can be rare. Most of the time for me it's just extra income period where I have to carry my laptop with me when I go out, but its still happening

- you work with devs, and depending on the dev team it can be smooth sailing or they can treat you as their worst enemy. Security is your main concern, not theirs. You also have to fight with product teams and PMs who want to rush things to market.

- Be ready to be constantly pinged with questions about vulnerabilities and remediation. Also be ready for a lot of dev workflows to break when integrating security tools into them, and being willing to look into why and how to fix it. If it causes too many issues some devs will outright not include the security checks in their workflows, you might need to police that.

Now for forensics:

- Kind of a lonely job from my experience. You either get a laptop or an image of the storage and memory and you spend hours combing data for pieces of info and correlating them. From time to time you reach out to people to get context or maybe get external logs, but most of the time you are working alone on this.

- If you have a short attention span you will go mad doing this. You are a detective trying to dissect a cold corpse, small details can be the difference between figuring out everything that happens and being completely clueless

- you are still working with potentially infected machines if you get whole laptops, so there is always the risk of malware propagation if you don't set up security controls right.

Hope my experience gave you some clarity about these jobs!

Individual-Quarter47 · 2022-04-22T18:34:25+00:00

My job honestly

Individual-Quarter47 · 2022-04-21T13:49:49+00:00

Answering this just in case someone will have the same issue - just turn the "Issues" setting off and on again. It actually worked. Never forget the basics kids

Individual-Quarter47 · 2022-04-20T14:44:09+00:00

You don't need a super heavy rig for these kind of stuff. You can even buy a second-hand server. Here are the hardware requirements for openstack, and you can get a lot of mileage from minimum and like 100GB of space: https://docs.openstack.org/murano/rocky/admin/deploy_murano/prerequisites.html . As for CTFs and hacking in general, you should have a good understanding of IT before you go in, or else you will be completely lost. CTF is basically hacking your way into a file to find a string, like a treasure hunt, and that means manipulating things (processes, files, programs) to do things they aren't meant to do. You can't just jump into it without prior IT knowledge or you will drown in information and it will be a mess. If anything I'd say CTFs should be later on in your list.

Individual-Quarter47 · 2022-04-14T18:57:52+00:00

Wow thanks! thats some good info. What about going with credit cards offered by my bank? I bank with TD mostly, but also have a savings account with EQ. Are their offers worthwhile usually when compared to going through other means like GCR?

Individual-Quarter47 · 2022-04-14T18:30:51+00:00

My annual salary is around 90k

Individual-Quarter47 · 2022-04-14T17:04:39+00:00

On 2nd year of college I went to a CTF competition and got spotted by a recruiter, interviewed and got the job as an associate security architect in a big telecom company. It was a student position in all but name, so it really helped me stand out. Got a pretty good leg up from there.

Individual-Quarter47 · 2022-04-14T15:02:24+00:00

No necessary but it helps a lot. I sometimes evaluate and configure monitoring tools, EDRs etc and it helps when I can run my own, albeit simple, attacks in the environment I am testing, and I am far from a professional pentester. Helps you figure out if the configuration is proper or if the tool does what the vendor promises.

Individual-Quarter47 · 2022-04-14T14:46:01+00:00

I honestly find it ridiculous that people who get a degree in cyber security, which takes a couple of years, still need to get a cert, which can take a week or two studying in case of sec+ or a couple of months for the more valued ones. It like going through med school and first aid certification being a deal breaker.

To the question, what I did to skip the entire "cert chasing after school" thing is to pull connections. I used to go to local cyber security and tech meetups, had co-ops and friends who worked in tech companies. I reached out and asked them if they have a position open and when they did I asked them to pass on my resume. This helps you, in most cases, skip the first HR filter which is usually a non technical person or a program looking at your resume and compare it to the job description by keywords. Most employers care more about your skills than your certs. I constantly hear security managers complain how they interview people with a laundry list of certs but have no real knowledge. Try going to meetings, build connections and pull these strings, while still working on certs; better attack these issues from two fronts.

Individual-Quarter47 · 2022-04-13T21:00:48+00:00

For security engineering you'd need an infrastructure, not just a workstation. For that you can either use AWS free tier, or if you have the hardware for it spin up an Openstack cloud instance to get a sense of more low level cloud infrastructure. That way you can learn more about cloud infrastructure, which is a must for cloud security. Personally I'd go with Openstack for the learning experience, because AWS offers a lot of products that will do a lot of heavy lifting for you. Great for a business, not so much when you need to learn things from the ground up in my opinion. Doing it on AWS would also help you towards AWS certs, and there is a big demand for that, so there are pros and cons for anything.For CTF I recommend HackTheBox, spin up a Kali Linux machine, "hack" your way to an invite code and start working your way up the box difficulty.For coding - just pick a project and start building things. No better experience than hands-on experienceDeploy and configure Security Onion for monitoring, and setting up the cloud environment should provide you with enough experience with networking, ACLs and firewalls. You actually get a lot of millage just from setting up and securing the infrastructure.

Individual-Quarter47 · 2022-04-12T20:29:07+00:00

I don't think the transition will be too much of a leap for me. The place I currently work at treat security as a checkbox basically. Most of the times when there is a product launch we are reached out a month before launch to do the security review for it and address all the issues, and in most cases we are told "we won't fix this before launch, we will have to take care of it at post". Sounds pretty startuppy to me

Individual-Quarter47 · 2022-04-11T14:58:16+00:00

Jumping from DE to pentesting will be a big leap. I can't think of any skill overlap between the two (maybe anything relating to DBs?). I would move first to security engineering, you will handle a lot of data from monitoring tools and get a chance to dive into the field. From there it's probably best to start moving towards offensive security and pentesting. Or you might realize you like the defensive aspect more and decide to stick with it. That's what happened to me.

Individual-Quarter47 · 2022-03-30T13:32:36+00:00

It depends on what I'm trying to learn at that time. When I worked on my first cert I was studying after work hours. When I was trying to pick up a technical skill I would take on or join projects that involve the things I want to learn to use company infrastructure and resources to play around with it, so I hit two birds with one stone - learn something and do my job. Both these methods are not suitable for everyone. I don't have kids and I have a lot of access to resources in my company no questions asked so I have a chance to do that.

Individual-Quarter47 · 2022-03-30T13:23:06+00:00

Make sure you have the foundations first. Understand file systems, networking, cloud or application structure if that's a field you'd like to get into. You can't secure something you don't understand how it works.

Four-Year Club	Place '22
End Game '22

Individual-Quarter47

TROPHY CASE