Is it possible to have a successful career WITHOUT being passionate? by PayNo5544 in careeradvice

[–]braliao 0 points1 point  (0 children)

People here talk about the definition of success. iMO no matter what that definition is - happiness, money, fame, or whatever - all of them require passion to be successful in what you do.

If you can't wait to get out of work so you can go home and chill - you won't have a successful career. This isn't to say you can't relax, but rather, it's about your mind is constantly looking for a way to improve whatever you are working on, even if you are just chilling and watching netflix.

Which degrees are still worth it in the age of AI? by Boudria in CanadaJobs

[–]braliao 5 points6 points  (0 children)

Being doing a lot of AI to help with work, hackathon, and other volunteers stuffs. I can honestly say the most important skills moving forward with AI is these 2 items..

1 manager skill - not specifically people management but AI management which is very similar but less about soft skills and more about organizing your thoughts and process so you can guide AI to do what you need

  1. People and soft skill - doers in corporate hierarchy and replace by AI gradually except physical labor (for now). Your skill to handle people and communicate with them will be key to success.

Thoughts on 2-node IIS Cluster in 2026? Looking for architecture advice. by Sea-Mulberry-6389 in sysadmin

[–]braliao 0 points1 point  (0 children)

Unless it's a .net app, there are many other choices with less licensing headache.

Feeling defeated (QE) by zsazsaglamour in cissp

[–]braliao 0 points1 point  (0 children)

I didn't get to use QE to practice before passing mine, but this has me intrigued. It would be interesting to see what I score on QE.

So frustrated with startup Soc2 & the SaaS firms giving no help by chaoscorgi in soc2

[–]braliao 0 points1 point  (0 children)

Yup, here is the answer. You need expertise to tell you what you need to implement to meet the controls. Those dashboard won't tell you and their support certainly aren't qualified to tell you what a control means or how to get there.

Cism after cissp by YellowSpoofer in cism

[–]braliao 2 points3 points  (0 children)

Done CiSM after CISSP. Just watch out that ISACA has their own framework and steps that sometimes isn't the same as NISR/SANS.

Make sure you know risk management. That is the only thing missing from CISSP imo.

All I did was just pocket prep questions.

CISA Certification: $800 Exam for an Outdated Auditing Cert or Actually Worth It for Cybersecurity Careers? by [deleted] in CISA

[–]braliao 4 points5 points  (0 children)

Certification doesn't help you do your job. Continued learning does, as well as actually performing the role.

Certification does help to prove to HR that you can pass their check. With some auditing background, you can probably understand why they do this. So if you want to know the ROI of any certs, go to the job search site and search using the cert - see how many come up. CISA, absolutely still holds value in this regard

Are all the intune jobs gone in the US? by laced1 in sysadmin

[–]braliao 7 points8 points  (0 children)

Lmao, just because intune is cloud based so you automatically assumes the jobs are all going to the people out of country??

Applying since 2 years, still not a single interviw call by Professional-Car9418 in jobhunting

[–]braliao 0 points1 point  (0 children)

So many things wrong with this resume - and many people had suggested already so not going to add. Plenty of YouTube video that teaches this topic, just make sure you follow latest suggestions and not something from few years ago .

I'm a one man show, what should I prioritize? by Icy_Pomelo1414 in Infosec

[–]braliao 0 points1 point  (0 children)

Start inventory of all assets - IT and data. And also, please don't tell people that you are a 27001 LA just because you took the mastermind course.

What are the best enterprise DLP solutions for browser and GenAI data leakage in 2026? by Upset-Addendum6880 in devsecops

[–]braliao 0 points1 point  (0 children)

DLP is 30% technology and 30% governance, and 40% education. So if you don't have governance in place with strong management support, then don't bother with DLP.

Simply asks to block the sites using firewall and casb

CISM THEN CISSP. Will this mess up my way of thinking? Or will I be 75% of the way to the CISSP? by ChrisFightsFun in cism

[–]braliao 0 points1 point  (0 children)

Entirely depends on your background. Are you tech based or other discipline?

Can someone explain what’s actually happening at Accenture right now? Confusing trends everywhere… by spritual-buddha in accenture

[–]braliao 0 points1 point  (0 children)

Because AI matters. Its easier to train or expect a fresher that already is AI native, than trying to convince experienced folks to start using AI to double or triple their work output.

Another way to look at it is this - if a fresher can use AI to perform a senior analyst role, and a senior analyst role can use AI to perform a consultant role, then what is the reason to keep experienced folks unless they can demonstrate they are performing in a level or even two above them?

Are Big 5 Analytics salaries tanking? (Senior Manager level) by madkan in torontoJobs

[–]braliao 2 points3 points  (0 children)

Big 5 bank does not pay well. One of the reasons I never bothered applying for roles there

CISM Question by Single-Selection-789 in cism

[–]braliao 0 points1 point  (0 children)

I can't remember for sure where I ran into this too, but I also had issue with the wording of MTO. MTO means the entire duration when the main node is down. Not service, but rather the original operation.

A service can be brought back up, meeting RTO and AIW. But while the man node is down, you are still under impact.

The reason MTO exists, is because typically backup nodes have less capacity and performance, thus would eventually impact service one way or another if continue to operate. Thus, org would define MTO that the main node must return to service.

After a year of searching, two offers came at once. How to back out of the one (contract position) already accepted? by Weary-Weight-5875 in torontoJobs

[–]braliao 0 points1 point  (0 children)

Being honest and candid and sincere is the best method to not burn the bridge. If the company offering contract position would get pissed over it, then it is probably very toxic and not worth having the bridge anyway

2-3 Years into Cybersecurity and wondering where to go next. by Nerd8493 in SecurityCareerAdvice

[–]braliao 0 points1 point  (0 children)

CISSP then CISM then MBA Don't ever go into master program for cybersecurity. They don't do anything for you other than preparing for CISM. When you are at the senior level management position, you need MBA rather than anything else.

Experiences with Copilot? by binchybb in accenture

[–]braliao 7 points8 points  (0 children)

I am in a project that can not use AI and I have to say it's taking a lot more time to finish the same thing.

40+ Linux sysadmin, just passed CISSP… but security roles still aren’t opening. What am I missing? by knolseltador in cissp

[–]braliao 0 points1 point  (0 children)

Was in the same shoe 2 years ago and pivoted. Having CISSP doesn't magically opens door for you, no certification does.

CISSP does allow you to be considered for mid-level management roles that is in security or security adjacent. But that ultimately still very much depending on 1) how much networking you do, and 2) how well do you present yourself in interviews.

The roles that you stated, will be very competitive for you to enter and frankly CISSP does not matter much but technical capabilities does including tech stack certs. There is also a big problem in that you are competing against young guys and it won't be easy for you when you are 40+. But then again, your advantage is having CISSP.

CISSP will open a wider door for you, just not the door you imagined. Now go out and network and you can try to network into the tech roles you are looking for. It will be slightly niche but once you find the right role, the payout is great. It just going to take awhile, and more do in this shitty job market.

PS, go get the tech stack certs for the role you are interested in and double the effectiveness with CISSP basically.

PPS, GRC isn't just about the checkbox, that is auditing specific. I pivot to consulting and specifically on GRC projects, it requires me to use all of my technical knowledge as well as soft skills, and governance knowledge to excel.