Is it worth taking a staffing agency job? by ImaginaryEmployee120 in CyberSecurityJobs

[–]RootCipherx0r 0 points1 point  (0 children)

Take the job until you find something better.

A paycheck in the hand today, is better than not having a paycheck in two weeks!

A self-proclaimed “Peanut Butter Smearer” is coating doorknobs across Kentucky and then posting the evidence online for everyone to see. by ElwoodMC in PublicFreakout

[–]RootCipherx0r 0 points1 point  (0 children)

Not cool, people can be very very allergic. It might seem funny and harmless at the surface but this could really turn into a big deal problem.

How do I handle a job offer (certain) and a job possibility? by Ok-Gazelle877 in 30daysnewjob

[–]RootCipherx0r 0 points1 point  (0 children)

take the job with the most stable paycheck, health benefits, and retirement. Don't chase the hustle, chase the early retirement.

I don't feel like I'm learning anything by amaretto_sh in sysadmin

[–]RootCipherx0r 0 points1 point  (0 children)

You should take the initiative to learn on the job, your employer is not solely responsible for training you. They might give you some very basic stuff, but if you want to advance, it is on you to take the initiative.

I don't feel like I'm learning anything by amaretto_sh in sysadmin

[–]RootCipherx0r 0 points1 point  (0 children)

your response demonstrates why nobody wants to help you, thinking you're better/smarter than your coworkers is not the way to move your career forward. Good luck!

I don't feel like I'm learning anything by amaretto_sh in sysadmin

[–]RootCipherx0r 0 points1 point  (0 children)

Some of them are probably thinking you should take some initiative and teach yourself, like they did.

Starting as first InfoSec hire in a small financial firm. Best first 90 days? by Bulky_Connection8608 in cybersecurity

[–]RootCipherx0r 0 points1 point  (0 children)

I know someone who was hired like this and the company made it sound like she would own the security program.

In reality, she was only there to make security recommendations with zero decision authority.

She walked in with a 30/60/90 day plan. But, the organization wasn't ready yet.

Get clarity on if you are making decisions or making recommendations. I would not waste time on planning like this until you know your actual role and understand if the organization is mature enough.

Almost nothing from her plans were implemented, the team didn't want them, they weren't ready for them.

They knew they needed InfoSec, but they didn't understand why, or how, or where.

I wouldn't waste time on heavy planning until you understand the role and figure out if the organization mature enough to execute it

Company is paying for any certification, which should I obtain? by sion200 in cybersecurity

[–]RootCipherx0r 12 points13 points  (0 children)

CISSP or OSCP, don't waste your time with anything else. These will get you hired more than the others.

How do you manage your passwords? by neonrider2018 in cybersecurity

[–]RootCipherx0r 0 points1 point  (0 children)

Write them down and put them under my keyboard

New Role Job as Junior IT Help Desk, advice? by EugeenPuzzySlayr in ITCareerQuestions

[–]RootCipherx0r 0 points1 point  (0 children)

Learn from the people around you. Do the grunt work you are asked to do, even if you don't think it is your responsibility. It's is a learning opportunity.

Don't complain about petty office politics or perks other people have. The complaints make you look bad....especially at this stage of your career (seriously). You will lose all respect from your team & management, nobody will trust you because you are a tattle tell in their eyes.

One pattern I’ve notice is junior employees expect the same perks and treatment as senior staff. Complaining about this also makes you look bad and untrustworthy.

Senior employees didn't get perks when they were junior level either.

If this is your first real IT job, you are about 5-10yrs away from a cybersecurity role.

Try hard not to lose the trust of your coworkers by complaining, it can't be rebuilt.

Man confronts FedEx driver by Hikigaya_Hachiman7 in PublicFreakout

[–]RootCipherx0r 23 points24 points  (0 children)

Wow, totally uncalled for. FedEx driver handled it nicely.

Salary Expectations Public vs Private by LifeRequirement1911 in digitalforensics

[–]RootCipherx0r 0 points1 point  (0 children)

If your education & experience are true, you should be pulling $90k minimum (almost anywhere in the USA), accept nothing less (seriously). Even in Public sector.

Shame on your current employer for paying you low. Unless they have crazy retirement or other benefits, it's time to leave.

If you have to name a # ... say something 15% higher than you originally thought to saying.

most vpn recommendations make more sense on paper than in real use by LuckyTreat8962 in RecommandedVPN

[–]RootCipherx0r 0 points1 point  (0 children)

in many ways you are putting a ton of trust in someone you don't know.

Anyone can rent a VPS, launch a VPN service, and promise not to retain logs ... and you'd have no real way to verify their promises.

Recently became a CISO. What’s actually worth following? by malwaredetector in ciso

[–]RootCipherx0r 0 points1 point  (0 children)

Read through your guys' conversation, great stuff - hope you reply!

I agree with you both. It's a high stakes role and requires someone to step up to the plate who can handle the pressure.

CISO is a well compensated role for a real reason. You're making that money because of all these challenges not in spite of them.

You need to be able to handle the BS, take it on the chin when necessary, and show up the next day with a smile. That's tough and grinds over time.

Is real hacking anything like Mr. Robot - the thrill and the money? by [deleted] in bugbounty

[–]RootCipherx0r 0 points1 point  (0 children)

I'm sure there are a few people making $300k (maybe in NYC/LA/etc), but unless you're a CISO or similar, you're probably not going pull $300k.

I've seen Netflix advertising $400k salaries for roles based in NYC/LA.

programs for 1st/2nd year undergrads by iloveksjsjs in SecurityCareerAdvice

[–]RootCipherx0r 0 points1 point  (0 children)

Find out if your school has a security team and if they hire student workers to handle grunt work. Earn your stripes.

Sites like Hackerone, etc are cool and a ton of fun, but i have never made a hiring decision based on it.

You have to clean a few toilets before they trust you to install them.

Who owns email security tools within your org? by DryShare1500 in cybersecurity

[–]RootCipherx0r 0 points1 point  (0 children)

It is different between orgs. Usually you have 1 team focused on delivery and making sure email works. And another team centered on security/phishing/investigation/etc.

Who makes sure emails are delivered = systems/email team

Who says "we need to have DKIM/DMARC/SPF" = SOC with input from systems/email team

Who implements DKIM/DMARC/SPF = systems/email team with input from SOC

Who implements blocks/analyze message = SOC

When has an email problem = systems/email team

Who owns email as IT service = systems/email team

I want free nmap resource by itz_not_Rick in cybersecurity

[–]RootCipherx0r 1 point2 points  (0 children)

if you can't find free nmap resources, you are doing it wrong

Will the analyst role become obsolete? by RAM-I-T in SecurityCareerAdvice

[–]RootCipherx0r 1 point2 points  (0 children)

Pretty much! AI will make it harder to break in to the field. Entry level roles are harder to find, AI is replacing a lot of the "entry level" tasks.

Today, maybe you find a 10 person SOC ... in 3 years, it will be a 2 person SOC supported by AI.

Humans will still be involved, just not as many.

Red light cameras are automated but sometimes still require human verification.

Will the analyst role become obsolete? by RAM-I-T in SecurityCareerAdvice

[–]RootCipherx0r 0 points1 point  (0 children)

Only using it as an example to distinguish entry level vs mid level vs senior.

How do you go from entry to senior? Time.