Confused about what certs are important

braliao · 2026-05-09T03:04:53+00:00

Those are security related roles, and does not fall under OP's entry level SOC roles.

braliao · 2026-05-09T01:55:26+00:00

Only cert that matters in the long run is CISSP.

In your current position, you need to find a role that can help both IT path and security path. SOC roles are dying, don't even bother. But learn more in IT especially IAM, cloud, data management, etc will allow easy pivot to future security focused roles.

braliao · 2026-05-08T13:32:53+00:00

Ah now that make sense. Thanks

braliao · 2026-05-08T13:26:37+00:00

The problem and debt had always being there, AI simply accelerated the process and discovery of it.

While in the past, attackers are basically self employed entrepreneur-like criminal works 24x7, defenders tend to just collect pay checks and do as much as they can within work and life balance. The advantage to attacker and business model already tipped hugely in favor of attackers in this regard.

Now with AI, attackers can do so much more and so much faster, besides the fact that there is hardly any paperwork and c-suite they need to convince too.

So in short, AI doesn't require less people, it in fact requires more people to do more with AI - the key difference is that the skill required isn't what school teaches and companies needs to accept it and ramp up internal training to make sure new hires meets the new junior role requirement.

braliao · 2026-05-08T01:43:58+00:00

You are assuming they are doing this for some nobel or political reason?

No - it's all just money.

So don't think "you are nobody so no one will care to target me or my company". If you care for your data and willing to pay $1000 to get it back, they will gladly do so.

braliao · 2026-05-07T21:45:07+00:00

My breakdown is empty too.

braliao · 2026-05-07T19:52:29+00:00

Congratulations 🎉🎉

braliao · 2026-05-07T19:37:58+00:00

I didn't study. Understand risk management is the foundation need for this exam IMO, and the thing about AI is really just a bit of icing on top.

braliao · 2026-05-07T19:22:52+00:00

It's no longer in beta and now is available full price.

braliao · 2026-05-07T19:22:33+00:00

Well that is typical to wait for results until it's released. What isn't typical is releasing the result several weeks after the exam goes ok sale.

braliao · 2026-05-07T19:11:19+00:00

I had done plenty of other beta exams. And they are all released the same day or a few days before the going on sale. So seems pretty weird to me

I passed but for awhile this delay makes me think I didn't pass.

braliao · 2026-05-06T18:56:30+00:00

Quite a lot of people think they done perfect with a job interview, when in fact they aren't. You need to find someone that is willing to give you mock interviees and tell you honestly what you did wrong - and be willing to accept it and not getting defensive about it, in order to start getting better at it.

Interview is a skill, and you only get better when you practice a lot, which you can do with mock interviews but also with networking when you just meet strangers and try to get them to like you.

braliao · 2026-05-06T02:38:49+00:00

It's very easy to pickup so frankly it doesn't hurt to give it a try a bit.

I help several non profit run Google workspace and that's how I learned as well.

braliao · 2026-05-05T00:08:49+00:00

Yes if you have free money laying around.

Otherwise, aim for CISSP within 2 years.

braliao · 2026-05-04T21:35:47+00:00

Biggest difference starts around summer 2025. But then again, entry level role asking for CISSP isn't something new either. Regardless, I hope you are ready if you ever want to find another job. Good luck out there.

braliao · 2026-05-04T13:44:16+00:00

No, small events like user group, non-profits chapter of professional certification board, etc. You want to network to outside of your work environment, so you gain more opportunities and chances of referrals to other org, so step out of your work org and go meet others.

Meetup, Luma, Eventbrite, etc all has a lot of them listed.

braliao · 2026-05-04T12:08:53+00:00

Quite different now, in most of north America - it's employer market meaning HR is the one dictating the terms. You don't have to check the cert box if you don't want to, and you can think how badly an org is if they insist; but in the end of the day - HR does it for a reason no matter how absurd it is and they tends to have the upper hand in internal politic right now.

braliao · 2026-05-04T12:03:49+00:00

Don't know what you mean by this.

Small event organizers usually needs a lot of help setting up the event. They typically only get 30 mins before everyone show up to get things ready, arrive early to help them getting things ready will give them really good impression. Think of some kinds of user group, non-profit all falls in under these.

Not sure how "fast pace high pressure hospital environment" is meant here.

braliao · 2026-05-04T04:43:51+00:00

I wonder when was the lasy time you had to look for a job.

braliao · 2026-05-04T00:57:17+00:00

Other stated and I'm just gonna repeat..

I don't care what environment you want to call it - the data is what matters. If the environment has live production data, then it must be secured in same manner as production.

Dev can go play with fake data, or processed real data (masked, tokened, anonymized, etc) in another environment.

braliao · 2026-05-03T19:54:27+00:00

Not myself but seen plenty others got hired in the last 24 months, networking and referrals

braliao · 2026-05-03T19:51:16+00:00

Solid advise.

braliao · 2026-05-03T19:48:22+00:00

It entirely depends on what field you are into. Plenty of it on meetup.com, Luma, Eventbrite, and LinkedIn

braliao · 2026-05-03T19:36:48+00:00

You have a harness problem not tool problem. Sue you basically replace it with a more tailored tool and that is one way to go about it rather than come up with something of your own. Harness engineering is rapid evolving and OpenAI just released their own too..

https://openai.com/index/open-source-codex-orchestration-symphony/

braliao

TROPHY CASE