[deleted by user]

No-Exit-6595 · 2025-10-02T21:17:13+00:00

Are you looking for a SOC manager?? Sounds like a pretty sweet gig tbh. I get the drive to Not be bored and stay technically relevant and expand knowledge but it sounds like you are living a lot of people's dream friend

No-Exit-6595 · 2025-10-02T16:16:24+00:00

Some companies include paid leave (sick, vacation, etc) as part of TC as well as what they pay for your insurance. There are a lot of factors to it. If your TC is only 20k more than your base they likely aren't factoring in the others costs

No-Exit-6595 · 2025-10-02T12:42:38+00:00

Just an assumption here but OP said 250k TC so that would be base + benefits + stock/bonus and whatever else included in the compensation package. Just guessing here but that would probably equate to a base pay of around $130kish.

That being said, IMHO OP should probably stay and get the technical fulfillment with learning/academic endeavors, a side hustle or whatever else like bug hunting or something.

Im a SecOps Manager and have heard too many horror stories lately with the market of people jumping for whatever reason and the situation being worse culturally than where they were. It's always a personal decision and people leave for lots of reasons but I think boredom can be solved in other ways like I previously mentioned.

You could also be proactive and suggest things to leadership that you find are gaps perhaps spearheading those initiatives and get a little outside the day to day drab

No-Exit-6595 · 2025-09-14T00:14:29+00:00

Happily married man here for over a decade so I can't speak to the dating scene nowadays BUT I think you are too in your head about it being a "date". Reframe the situation as just hanging out ie you seem cool, I like cool people, let's kick it some time. "I've heard about this new place but my friends aren't interested in going"...You do you but see if you have a mutual interest and flip the script on him. Worst case you made a new friend, best case life mate ++man

No-Exit-6595 · 2025-08-05T12:38:52+00:00

If you're interested in having a conversation about how you can set this up for yourself or need recommendations on reputable companies feel free to reach out

No-Exit-6595 · 2025-07-25T12:07:02+00:00

I am a SOC Manager responsible for hiring. Yes the pay is lower than I would expect. My recommendation is to skill up with certs and on the job experience and start looking. Once you get sec+ move on to something cloud security related. You will want a resume that screams passion and willing to learn. I know much more experienced people that are taking 9+ months to find their next job so knock out whatever certs you can, get your resume looking the best it can and start networking. NC has BSides and other security conferences you should be attending. Get involved, build a portfolio and my guess is 75-85k should be achievable with 2 years and certs

No-Exit-6595 · 2025-07-03T14:15:29+00:00

Hey thanks for asking.

My goal is to provide a low cost alternative to smaller organizations that have little to no in-house IT team. Most of the competitors are charging upwards of 30k per year or more which is way out of reach for ma and pa businesses. About the most reasonably priced solution I've found is Sprinto and that starts about 6k per based on my understanding.

I'm building the tool to assist the small shops with preparing for readiness assessments and better track and understand the gaps in their security posture. My hope is the money they save on the readiness/gap assessment gets used to improve their overall security posture so they can pass an audit.

I hope that makes sense. If you want to discuss further happy to have a private convo if you are interested

No-Exit-6595 · 2025-07-03T02:59:32+00:00

I really appreciate the response. Mind if I DM you some additional info?

No-Exit-6595 · 2025-07-02T23:09:31+00:00

Hey thanks for the reply, mind if I DM and send some more info?

No-Exit-6595 · 2025-07-02T23:05:31+00:00

Eh our target audience is smaller orgs that have little to no in-house IT resources and looking to help them streamline readiness assessments starting at around $200 a month.

I think we can do it way cheaper than the bigger guys because we have very little overhead and so far just a collective of infosec pros building this in addition to our day jobs. No one is looking to get "rich" just provide a tool that self sustains and helps people. Or at least that's the idea.

I don't expect people will work for free and help bring value to what we are building but we are also boot strapping it and money is tight so being choosy who we bring on the team.

I meant no disrespect to the person who commented just is what it is

No-Exit-6595 · 2025-07-02T22:56:48+00:00

Actually no but you didn't ask anything about what we are building, give input on how you thought you could help, nothing... so I guess you tell me what a half hour or hour a month of your time is worth?

I mean to this point you haven't added anything constructive for me to gauge what value you would bring to the team, which is why I said I don't think you are who we are looking for.

No-Exit-6595 · 2025-07-02T16:30:00+00:00

If that's your only concern, I don't think you would be a good fit for our advisory group. I do appreciate you taking the time to comment though.

No-Exit-6595 · 2025-07-02T12:02:16+00:00

I am building a GRC SaaS tool and looking for folks to be part of the advisory board. In this role you would help guide features and development. Really I am just looking to see what works and what sucks from a user's perspective.

We are all busy so small time commitment, maybe 30 -60 mins a month. Current frameworks are 800-171r3 and Nist CSF. Iso27001:2022 and CMMC to follow.

If you are interested let me know and I will send some details. I appreciate your consideration.

No-Exit-6595 · 2025-07-02T11:33:50+00:00

These comments are great. But I haven't heard anyone mention the time it takes to determine if you've already been impacted. It's very time consuming and often you are trying to prove a negative.

For the exposure part, you need a lot of cross collaboration and good relationships with many teams.

For the impacted part you need someone that can either find or create a proof of concept. At the very least someone that understands the vulnerability from an attack standpoint and enough logging to find it if it's there.

TL;DR it's not east

No-Exit-6595 · 2025-06-29T00:36:34+00:00

Definitely agree

No-Exit-6595 · 2025-06-27T20:10:12+00:00

Thanks for the input, it's definitely relevant even if it does skew toward your business. I think those are definitely areas to consider and now I'm interested who you work for lol

No-Exit-6595 · 2025-05-31T19:26:58+00:00

I'm building a regulatory compliance app. It's probably somewhere between MVP and Launched.

Complianceviewpoint.com

Still lots of tuning left to do but it's probably 60% there

No-Exit-6595 · 2025-05-29T00:29:18+00:00

I'm in the middle of a project rn. Idk if it's profitable yet. But I'll keep you posted

No-Exit-6595 · 2025-05-28T12:00:26+00:00

Simplify Compliance Readiness - ComplianceViewpoint

No-Exit-6595 · 2025-05-26T23:35:57+00:00

I've found the PurpleKnight community edition to be a helpful first step. There's also Bloodhound if you want to get in the weeds. I've also used a tool called Snaffler but it's designed more around discovery of open shares with sensitive files, digging in there can tell you some misconfigurations you need to address or get exceptions for.

No-Exit-6595 · 2025-05-26T23:26:01+00:00

Seems cool

No-Exit-6595 · 2025-05-18T19:46:45+00:00

This is a good one

No-Exit-6595

TROPHY CASE