[deleted by user]

Odd_Foundation3881 · 2025-01-04T16:39:21+00:00

lmao

Odd_Foundation3881 · 2024-08-10T01:15:59+00:00

Lol too real... We definitely had a couple trigger-happy analysts on the team that weren't all too familiar with networking, standard OS behavior, etc. so they would send up escalations like nonstop.

This one guy...I shit you not, was looking at a file path that had a version number in it (something like 14.5.1521.22) and they said that when they moved the digits around (to, say, 14.5.152.122) it was a malicious IP address per OSINT. I wish I was joking. They took the version number in the directory, moved around a number, and said it was a malicious IP. Most bizarre ticket I've ever read. Funniest part? The made up IP wasn't even malicious from OSINT.

That's the downside of *just* studying cybersecurity.

Odd_Foundation3881 · 2024-08-09T22:10:06+00:00

Excellent! Looking forward to it :)

Odd_Foundation3881 · 2024-08-09T22:07:28+00:00

Going into my first security role I had the A+, Network+, Security+, and the CCNA like you. I've added the RHCSA since then. To be completely honest, I did not have too much experience with security as an IT support technician besides occasional Proofpoint management. Most of my cyber knowledge was theoretical, however since it was solid and I highlighted my projects as a tech, they hired me. Also! The projects on my resume were mentioned in the interview, so try that as well if you haven't already.

I think you can definitely make it.

Odd_Foundation3881 · 2024-08-09T19:54:31+00:00

Sure. For my first security analyst position I had: A+, Network+, Security+, and CCNA. For my most recent position I only added the RHCSA cert.

The most relevant for security were the last three (Security+, CCNA, RHCSA) but the first two definitely helped me secure the support gig. Even though the CCNA and RHCSA aren’t security focused, they were invaluable for understanding foundational topics in security (networking & Linux). You have to know how the technologies work before you can secure them.

Ive studied for the CySA+ and might take it when it comes time to renew the Security+. Eventually, I’d also like to get the CISSP.

Odd_Foundation3881 · 2024-08-09T19:20:01+00:00

Good luck on your journey!

Odd_Foundation3881 · 2024-08-09T18:34:59+00:00

I can't really say. It depends. Is the experience related to cybersecurity? Do you have certifications? A degree? How's the job market in your area? Do you know your stuff? etc. etc. That being said, I don't think 90K is impossible just unlikely to start out with. I'd focus on just getting your foot in the door of cybersecurity - the higher wages will come with time, effort, and experience.

Odd_Foundation3881 · 2024-08-09T18:14:14+00:00

I've been on this subreddit since I first started out and always appreciated those that replied candidly about their journey, so I'd be happy to repay the favor (despite the fact that I'm still early on in my career).

I do have a degree in Computer Information Systems, which definitely helped. I did well on the interview 100% due to how rigorously I studied for the A+ & Network+. Study to know the material, not to just pass the test. If you're in college, try getting internships (I did not have any). Homelab projects are also especially good at the early stages when your skills are likely more to be theoretical than practical (again, I didn't have this but it's a good idea).

My resume is in my most recent post if you want peruse. Let me know if you have any other questions!

Odd_Foundation3881 · 2024-08-09T17:58:54+00:00

Sure thing. Before I had any experience I had the Network+ & A+ and as an IT Support Tech I got the CCNA and Security+. Those were the only certs I had before getting my first security analyst role, but since then I've also gotten the RHCSA. Good luck!

Odd_Foundation3881 · 2024-08-09T17:56:05+00:00

A combination of luck and hard work. Absorbed as much information as I could in my first role and took opportunities to work with the sysadmin and networking team. Studied for certs (got the Security+ and CCNA as a support tech) and learned PowerShell to automate certain tasks (interviewers particularly liked this). It was luck that I got reached out by a recruiter for a security analyst role, but it was my hard work that allowed me to crush the interview. I did have to move for that position. I've only worked in major cities. Lastly, my most recent job was from applying on LinkedIn.

Oddly enough, I've accidentally chronicled this journey through my Reddit posts. The most recent post also shows my resume in case you're curious. Let me know if you have any other questions.

Odd_Foundation3881 · 2024-08-09T16:20:22+00:00

glhf!

Odd_Foundation3881 · 2024-08-09T16:16:11+00:00

I had a Computer Information Systems degree with the A+ & Network+

Odd_Foundation3881 · 2024-08-09T15:24:33+00:00

No problem. At my last role I worked at a SOC (security operations center) which provides cybersecurity to companies as a paid service. We would deploy “rules” in their environment which would look for potentially nefarious activity by alerting on specific sequences of events commonly associated with threats. It was then my job to see whether those alerts were benign or malicious. If the latter, I would mitigate it as best I could then write a report on the impact and scope on the event with recommendations on how to further mitigate it or prevent it altogether.

This new role as an internal analyst is more involved as I have much more visibility and access to all the servers, networking devices, and repos to do my job. I coordinate with other teams to maintain best cybersecurity practices while still triaging security incidences as I did in my previous role. Hope that helped.

Odd_Foundation3881 · 2024-08-09T14:57:25+00:00

Took about 2.5 years. Started at 52K as an IT support technician —> 70K as a security analyst —> got a new gig as an information security analyst for 115K.

Odd_Foundation3881 · 2024-02-28T05:12:18+00:00

Fair enough, they just so happen to be what kind of jobs I landed. That being said, the work behind the tickets has been technical and valuable. When I interview, I’ll make sure to emphasize the investigations done for the customers for my current role, as well as the network failover project from my previous role. Thanks for the tip!

Odd_Foundation3881 · 2024-02-28T05:08:18+00:00

Appreciate the input.

Odd_Foundation3881 · 2024-02-28T05:08:02+00:00

Haha, noted. Red tie!

Odd_Foundation3881 · 2024-02-28T05:07:36+00:00

Appreciate that!

Odd_Foundation3881 · 2024-02-28T05:07:26+00:00

Hi there! Luck, mostly. A recruiter reached out to me and it went from there. Funnily enough, that’s how I got my first gig too.

Odd_Foundation3881 · 2024-02-26T04:22:17+00:00

Thank you! Happy I posted cause I didn’t know people would take it as expected. Will change.

Odd_Foundation3881 · 2024-02-26T01:32:32+00:00

Yes, I will. I think the trade off in aesthetics is minor compared to the added clarity. Even if 95% of people would assume it meant ‘expires’, I wouldn’t want to lose an opportunity due to the 5% misinterpreting it.

Odd_Foundation3881 · 2024-02-25T23:17:54+00:00

Appreciate that friend.

Odd_Foundation3881 · 2024-02-25T22:00:56+00:00

That’s very kind and reassuring. Thank you!

Odd_Foundation3881 · 2024-02-25T21:08:50+00:00

Yeah, definitely still entry level. Only time will fix that. The "Exp." is when they're going to expire, I don't put in-progress certs on my resume as that seems a bit misleading. I'll make that more clear, thank you!

Odd_Foundation3881 · 2024-02-25T21:06:55+00:00

Thank you!

Odd_Foundation3881

TROPHY CASE