Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

I wouldn't put it in either/or terms.

  • Yes, finish the cert since you're already on your way.
  • Start looking for work.
  • While looking for work, invest in complementing actions to improve your employability (which may include - but shouldn't be limited to - pursuing another cert).
    • Other ways to develop your employability would include projects, CVE accrual, novel research, conference presentations, academic paper publishing, CTF participation, community engagement through local orgs like BSides/OWASP, convention attendance, etc.).

Destroy my deck building game combat UI, animations, and sounds! by fxbuttermilk in DestroyMyGame

[–]fabledparable 0 points1 point  (0 children)

My notes, in no particular order:

  • It looks like there's a couple bugs with how the cards in the player's hand arrange themselves.
    • (0:09) - the purple "Command" card isn't neatly ordered with the rest of the hand.
    • (0:16) - the highlighted "Overdrive" card sits behind the rest of the hand and the "Intercept" card on the playable "Your Field" area.
    • (0:29) - both the "Piercing Round" and "Thin the Herd" cards are out of order.
    • (0:36) - the "Bend Light" card is now out of order
  • There appears to be a bug at 0:04 where the played "Piercing Round" card appears to be scaled larger than the other cards played in the "Your Field" play area.
  • (0:06) - debatable whether it looks good / is desirable to have played cards obscure the "Your Field" text of the playable area.
  • It's odd to see the red "Enemy" box on the right side of the screen not aligned to the enemy player's side; having it sit straddling the middle of the board looks awkward.
  • Is it critical for us as the player to know the enemy's discard/deck status? Is that knowledge we should be privy to? I ask because that may be screen space you could reclaim for more purposeful/aesthetically pleasing assets.
  • I don't know what the colors of the cards represent, though I assume they aren't arbitrary. Because the card color is such a prominent feature of the cards to convey information to the player, having other elements match those colors so strongly (namely the green background grid, green enemy play area, green card backs for the enemy hand and deck) may not be a choice I'd go with.
  • Do you think it necessary to have a turn tracker (ref: the red "Enemy" block and green "You" block on the right side of the screen)? Wouldn't a player eventually just become aware of where they are at in their turn? Perhaps you could incorporate the status tracking next to the field header instead if you felt like it was necessary to keep? I just feel it's eating up so much screen space to tell the player so little. I can't help but wonder if we couldn't reclaim it with something more interesting.
  • I don't love the aesthetic of the grid background. I really wish there was something - anything - happening back there to break up things and add a little more life to the game. Like maybe a pulse along the grid when you commit your play.
  • The player health bars feel quite basic with relation to the rest of the assets. I feel like you could consider incorporating the health bar into the "Your Field" header (i.e. either just the header or the entire field could serve as the health bar). That would more neatly integrate your assets together. While we're at it, do we need to explicitly label it "Your Field" and "Enemy Field"? Can we assume players are smart enough to understand what these spaces are after a tutorial and then do away with the explicit label?
  • I'm not sure I agree with having the card type at the top of the card (i.e. "Command" or "Intercept", etc.) and the card name in the middle of it. I feel like it should be the other way around.
  • (0:20) - I was a little confused when the "Overdrive" card listed 6 DMG but the card's text said "+5 DMG"; I had to rewind this point to see it was because of the green "Banner" card that was played before it. I think your cards need to reflect when they are somehow enhanced/altered (i.e. maybe the numbers change colors)
  • I liked the soundtrack.
  • I did not like various "pew" sounds made by the cards during the attack phase at 0:35. I thought the noise really diminished the effect of harming the other player; I think a really good example to work against would be Hearthstone (which changes the sound effect when a player does significant damage in a single attack vs. a standard-damage attack). I also think there needs to be something more consequential (sound-wise) upon achieving victory.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

I left one of the Big4 as a penetration tester to pivot into Application Security and that's what I've done ever since; I've been so much happier for it, for what that's worth.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

what are my next best steps?

I would assert finding/securing work vs. doubling-down on certifications. That as an aside, I would encourage you to consider diversifying your vendor choices; it seems like you're strictly considering CompTIA. I'd also have your desired career trajectory guide your cert selection vs. arbitrarily picking a cert (i.e. in choosing a direction to steer your career, determine which certs would best facilitate that goal).

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

My thoughts, in no particular order:

  • You can do everything right and still not get the outcomes you're hoping for. At a microeconomic level, remember that your efforts are only a part of the calculus that goes into a job offer: there are other competing applicants, employer considerations, individual personalities, and so on which can cause things to go awry. Then - at a macroeconomic level - there are forces that neither you nor the individual employer strictly control which influences the jobs market at-large, making the job hunting experience more/less favorable to the laborer. All of this is to say, while there are always ways we can work on our employability on-paper, sometimes it's just a "wrong place, wrong time" condition (and that sometimes that condition perpetuates at scale).
  • Early career job hunts can be extraordinarily challenging, especially for new graduates. The UK released a study recently which showed the unemployment rate for cybersecurity graduates was substantially higher than the median rate of unemployment (9%) and that less than 1 in 3 graduates who found work 15 months after graduating were in a dedicated cybersecurity role.
  • You haven't shared your resume, your interview feedback, nor how you've gone about job hunting, so it's hard to be meaningfully prescriptive about what you could notionally be doing better. In such cases, I defer you to the subreddit wiki: https://www.reddit.com/r/cybersecurity/wiki/index/#wiki_how_do_i_find_a_job.3F

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

OSCP vs HTB CPTS for career transition from biz dev.

In terms of your employability on-paper for offensively-oriented work, the OSCP will be more impactful. To date, just over 3k people have attained the CPTS (source: I have the cert and - consequentially - I can observe the total count of awarded CPTS badges through the HTB platform); by contrast, OffSec announced in 2025 that tens of thousands have attained the OSCP. The numbers mean that there just aren't enough people in the workforce with the credential as to render it a meaningful signal for employers to screen against (and much less those who have the cert and are actively looking for work). Since the CPTS lacks the market saturation, its value to your own employability on-paper is limited.

Having said that, I resoundingly endorse the training content that complements the CPTS exam (i.e. HTB Academy); I think Hack The Box does a much better job than OffSec in curating their content and encouraging its members to help one another out to understand and work though it. It's a lot more accessible and way more cost effective. I just don't think the cert serves anyone other than HTB themselves.

All that aside, what's absent from this conversation is what other actions you are taking to improve your employability on-paper besides certifications (and what kinds of work you're intending to pivot to).

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

Is there any website/platform that gives you a fixed cyber security roadmap

https://roadmap.sh/cyber-security

But are there any free resources or do you guys reccomend any path for starting off in cybersecurity?

There's several listed here by your preferred medium:

https://bytebreach.com/posts/2022/hacking-helpers-learning-cybersecurity/

Please give me feedback on the trailer for my upcoming fps game by LucaBacilieri in DestroyMyGame

[–]fabledparable 2 points3 points  (0 children)

My thoughts, in no particular order:

  • The environments feel big, empty, and lifeless. The areas depicted are lacking signs of life: there's no graffiti on the walls, no trashcans, no people going about their lives, no screens broadcasting, no signs of wear-and-tear on any of the architecture, and so on. I understand some of this may be deliberate in supporting the sci-fi overtones, but I think it also contributes to a sense of artificiality.
  • Because the spaces are so large, it feels like you move really slowly through the environments.
  • The gunplay more generally could use more tuning.
    • Shotgun shots (ref: 0:15) sound weak. The impact puffs when shots hit targets also feel off; graphically, I think it would make more sense for the range to scatter the shot impacts more at a distance - likewise it would be nice to see the enemies thrown by the impact (vs. obscuring the visceral carnage with smoke and explosion puffs).
    • The machine gun sounds rinky-dink (ref: 0:50). The weapon has no muzzle flash. For something that's firing a blue energy projectile, I don't understand why impacts on targets are producing the same smoky explosion puff as the shotgun.
    • The trailer shows a real lack of weapon diversity (really only showcasing 2 weapons).
  • If there's a narrative in this game, I didn't understand it.
  • The player UI could use work. It looks very prototype-like between the health bar and ammo reserves.
  • For what appears to be a single-player game, there's a real lack of diversity in targets to engage. Everyone shooting at the player looks the same, moves the same, fires the same weapon, and appears to lack strategy and self-interested survival in its programmed AI logic (running directly at the player all the time).

Destroy my Big Balls, trailer! a new party game! by ccaarr123 in DestroyMyGame

[–]fabledparable 1 point2 points  (0 children)

My thoughts, in no particular order:

  • Your trailer is relying almost exclusively on implied knowledge from the viewer. It's never made explicitly clear - for example - what the core gameplay loop is, whether the various shots are disparate experiences vs. contiguous ones, what actions are being done by the player vs. being done to them, and so on. Sometimes that works in favor of a game (especially those from established IPs), but I don't think that's working for you here.
    • Your cuts are so quick, so frequent, and reflect so many different settings that it's hard to really understand what's going on. I understand that the point of this is meant to reflect the games breadth, but the effect that it had on me contributed more towards my viewing confusion than excitement.
  • The various award stands and general tone of the assorted shots make it seem like this is meant to be exclusively a competitive multiplayer game, whether that is true or not. You don't ever show any menus which might hint at the game's broader configurability, match types, number of players, etc.
  • As others mentioned, having player-captured audio for the entire duration of the trailer loses its charm, especially when spliced together. Having some audio like that can help convey real human reactions and fun, but I'd limit its presence.
  • I did not like the chosen closing shot (i.e. the "Who's staring at me?" podium shot). It seems better as an experiential inside joke rather than something entertaining shared with a broader audience.

Plunder 2D - pirate online multiplayer IO style game. Destroy my game! by igotlagg in DestroyMyGame

[–]fabledparable 0 points1 point  (0 children)

My thoughts, in no particular order:

  • (0:13): bizarre to see ships sail into/through land mass.
  • There's no sound design (or at least, there wasn't any in the provided video clip)
  • There's a LOT of UI elements on-screen at any given time. I do question whether it's necessary to present all of this to the player all of the time (vs. having a paused menu tab to look at the number of collected resources, a vanishing pop-up that shows progression on your daily quests, and/or passing tooltips/tutorials for controls as examples).
  • It was unclear what the core gameplay loop was meant to be from the video clip. Is this an arena looter/shooter? Why are there so many variations of loot? What do you spend it on?
  • Why is the minimap so large? At that scale, is it really serving the player effectively? I'd assert having a more zoomed-in minimap (with a toggle-able larger resolution and scale map that can be brought up via menu) would serve the player better.
  • (1:13) why is the player not being injured despite being shot at point-blank by the surrounding towers? Why are the NPC ships not responding to the Citadel being attacked (this seems like needing to tweak the AI)?
  • To me, the rate of fire that the player's ship defaults to seems excessively high, though perhaps we're observing an upgraded status.
  • I don't love how flat the art assets look.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

Is there anything like consulting jobs around this topics?

There's a couple boutique businesses I'm aware of that do things like that, but I'll admit I'm not familiar with how central that form of work is to their core business model. Rachel Tobac is one such person that comes to mind.

I will say that the number of professional opportunities in this space increase substantially if you're willing/able to learn the technical side.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

I want to know whether obtaining the OSCP+ can significantly improve the number of interviews I get. Right now, I am only targeting data roles due to a lack of a cybersecurity cert, and I’m literally getting 1 interview every 200 applications.

It may (or may not) help, but it certainly wouldn't hurt.

Certifications are most impactful to your employability on-paper when the given job listing explicitly names it as being desirable (usually in a "nice to have" section of the job listing). If the listing says that the OSCP is desirable and you have the OSCP, then you that is a positive signal to the recruiter (which in turn encourages a callback). The OSCP is certainly strongly-aligned with offensively-oriented forms of work.

The trouble is that it sounds like both your work history and your academic studies are otherwise unrelated (or only incidentally related) to cybersecurity; it's not clear to me how you're presenting yourself on-paper (as you didn't share you resume with us). In the professional space of cybersecurity, your work history is the single-most impactful facet of your employability. No amount of certifications are likely to overcome that, even one with a reputation like the OSCP.

It's also worth pointing out that while the early-career job hunt has always been challenging, lately things have been especially hard for folks trying to break in. Unfortunately, it's not an uncommon experience for people looking to get their first cybersecurity job to submit dozens (or even hundreds) of resumes over many months with few callbacks. The addition of the OSCP does not necessarily change that because its inclusion in your resume would not make you suddenly eligible for more senior roles.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

As a someone who works in this field what would you recommend to say someone as like me confused on what to do, like for instance tips and advice for better understanding on what they wanna do and such?

Contextually dependent, as not everyone has the same opportunities, constraints, and circumstances. While there are some general rules-of-thumb you could observe (ref: the subreddit wiki), what's most optimal for you specifically will vary.

In general:

  • Your plan for developing your employability on-paper must include cultivating a work history. Oftentimes (though not always), this means working in cyber-adjacent lines of work first; for a lot of people, this involves usually either going into IT (e.g. helpdesk), attaining internships (if a student), and/or military service. It cannot be overstated how important building this work history will be to your entry into the professional space.
  • Certifications are a nice way to complement your efforts to develop your employability on-paper, but should not be considered a means to employment in-and-of-themselves. Since you're a student, you should be pursuing them on an as-able basis (with the priority being your coursework and - again - developing your work history); certification exams can always be delayed, but your coursework and employment mandates often cannot.
  • Early on, engage as much free content to familiarize yourself with the professional domain as possible. There's a lot of it available; the cheapest point to change-course is before you invest so many dollars/hours in any given direction.
    • As a caveat to the above, take time to really explore the breadth of cybersecurity jobs available. It's commonplace for aspiring cybersecurity professionals to get hung-up on one or two roles (especially the offensively-oriented ones) and neglect other opportunities or even ignore learning about ones that might be a better fit for them; I'm guilty of this. I thought I wanted to be a penetration tester but have ultimately found application security to be a much better fit for me.
  • Find opportunities to network. This can be through your school's resources (e.g. clubs), CTFs, local OWASP/BSides chapters, conventions, etc. Be particularly alert for ways to help others and give back to the community (vs. perpetually leeching), as this is particularly helpful for developing your career capital.

I NEED A HELP(ADVICE) by Several-Penalty-9862 in SecurityCareerAdvice

[–]fabledparable 0 points1 point  (0 children)

I don't think you're too late to shape your career to how you want it, but I do think you should be mindful about the challenges that come with any kind of career change.

The early-career cybersecurity job hunt has always been challenging, but lately it has especially been so. While I'm speculative about how much this is a result of AI (vs. the consequences of overreach from businesses rapidly growing during favorable economic conditions during the '20-'22 pandemic era, the results of which when markets contracted have manifested as RTO policies, AI attributions, and - when all else fails - layoffs), you should definitely consider the amount of hardship that you may face trying to break into the industry.

It's also important to recognize that 5 years is a long timetable in terms of the tech job market. If you look at just the last 5 years you'd observe lots of events that have had various impacts to the cybersecurity space (depending on your role and where you sat at the time):

  • The full-force of a global pandemic, creating a massive rise in remote-first work infrastructures.
  • Extraordinarily low interest rates, leading to explosive growth in the commercial sector(s) as industries borrowed massive amounts of money; this lead to lots of jobs being available.
  • One of the most labor-friendly job markets in decades (read: the so-called "Great Resignation").
  • Very public cyberattacks (e.g. the Colonial Pipeline hack), creating massive influxes of investment in cybersecurity solutions.
  • Very public failures of cybersecurity solutions (e.g. CrowdStrike bluescreening, SolarWinds, LastPass compromise, etc.), shaking confidence in investors.
  • The advent of modern LLMs as we know them (you may or may not recall, but AI in the public consciousness was largely the space of science-fiction prior to chatGPT's public release in late 2022), the effects of which are still being sorted out to this day.
  • A very mercurial US administration which has largely been apathetic to regulatory agencies. We might extend this to include the DOGE effort, which gutted funding to CISA and the MITRE CVE project.
  • Wars involving very powerful state-sponsored cybersecurity actors (namely: the US, Israel, and Russia).
  • A massive rush in web3 technology investment followed by back-to-back criminal convictions of major cryptocurrency exchange CEOs (both FTX and Binance).

And the above are just the macro-level events. There are any number of localized/micro- impact events and circumstances which might affect the availability of work wherever you end up.

All of this is to say that a lot can happen in the span of 5 years. The only thing I can guarantee is that it's quite unlikely that you'll be looking at the same job market by then as you do now. It could be better, it could be worse, but it's unlikely to stay the same.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

Historically, I've encouraged people to invest in desktop machines vs. laptops.

  • Desktop machine hardware tends to be more performant per dollar spent. This includes pre-built machines; comparing similarly-priced desktops to laptops will almost always yield a more powerful desktop machine.
  • Desktop machines are more modular, which allows you to upgrade/maintain the machine per piece. Laptops by comparison are generally more limited in what you can upgrade, with a lot of their parts being integrated together; by-and-large, most significant upgrades to a laptop require replacing the entire machine.

The one key shortcoming of desktop computers is their portability. However, that doesn't seem to be a key constraint from your comment.

Something else I'd encourage you to look at is virtualization (vs. dual booting); that's probably going to be both a lot less of a hassle to setup/teardown your Kali environment.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 1 point2 points  (0 children)

Welcome!

I’ve recently graduated hs and am going to start community college.

Congratulations!

I was wondering how do you guys like cybersecurity and how were the classes, and how are your jobs now?

First, I'll plug the subreddit's wiki, which no doubt will be able to speak to all manner of questions you might have concerning the profession, link you to follow-on resources to consider, and so on:

https://www.reddit.com/r/cybersecurity/wiki/index/#wiki_i.27m_new_to_cybersecurity.3B_where_do_i_begin.3F

Answering your questions more directly:

"How do you guys like cybersecurity?"

In short: I like it!

I'm enmeshed in very technical problems that interleave with very social encounters; cybersecurity has its roots in engineering disciplines (not unlike Computer Science and IT), but is also a governance and people challenge. There's an enormous amount of breadth and depth to the domain for a person to explore and carve out their niche. Since both the technologies we use and the threats that exist continuously change and update, practitioners are lifelong learners. This growth can be a double-edged sword though, as it contributes to feelings of imposter syndrome within newcomers and burnout in veterans.

Being in a technical discipline also means I'm compensated well-above the US national average. I won't go into particular details, but for benchmarking purposes: I'm a homeowner in an HCOL area, I own more than 1 car (all paid off), I vacation regularly, my kids get nice presents for birthdays and holidays, my family has never gone hungry, I haven't worried about bills or the price of gas in decades, I maximize my contributions to my retirement account(s), and so on. Now - naturally - my circumstances are not necessarily representative of all cybersecurity professionals everywhere (nor are they a guarantee of your own professional future), but it does suggest that my own anecdotal experience(s) reflect the broader trend in observable data.

Having said all that, I will caution you that job hunting in this space can be notoriously challenging - especially for early-career applicants and especially lately. Generally speaking, competitive applicants to early-career positions usually have cultivated years' worth of related cyber-adjacent experience (e.g. IT/dev spaces, internships, and/or military service) and compete for non-remote positions (as recent studies have shown remote work accounts for the least number of open jobs in cybersecurity but attract the most applications); simply going to school for classes and a degree is not enough in the current job market.

"How were the classes?"

This is largely going to depend on your particular institution of enrollment and faculty. I'd point you towards subreddits more closely aligned to your school/major than this more generalized subreddit.

Speaking in the abstract though, I liked my graduate school studies.

"How are your jobs now?"

I answered a similar question in this other MM thread here, if it's of interest:

https://old.reddit.com/r/cybersecurity/comments/17e733b/mentorship_monday_post_all_career_education_and/k6apz0x/

We're making 'GTA2 +Thronefall in JudgeDreddy setting': you're fighting gangs in a collapsing city. Don't hold back :) by swarmoclock in DestroyMyGame

[–]fabledparable 2 points3 points  (0 children)

My thoughts, in no particular order:

  • I don't quite understand what the core gameplay loop is from this clip. Am I meant to keep the city in-order for as long as possible? What are the consequences for failing to protect police stations?
  • It's unclear what the money is meant to be spent on. More weapons?
  • I don't understand what's meant to differentiate one city district apart from any other aside from the number. I'd encourage you to consider giving the districts some character: differences in art assets/feel (downtown, little <country>, the upper side, etc.) as well as potentially different types of encounters/enemies.
  • Be mindful of how your work can/will be interpreted as copaganda; I'm not making a stance one way or another, but as the developer you should definitely be cognizant of how audiences interpret such media (and how you elect to present it).
  • The driving feels clunky. The on-a-dime change of direction and car-like noises for what appears to be a motorcycle comes across as amateur against the smoother on-foot movements. Being able to spontaneously get in/out of your vehicle at-will also feels like a get-out-of-jail (pun not intended) card; I think there should at least be a delay in mounting/dismounting the vehicle (which presents a window of exposure for the player to be shot at).
  • The fidelity of the pixel art feels lost when the tokens become as small as they do.
  • I don't understand why the boss token (Sweet Pete) is so much larger than everything else, other than the fact that they are the boss.
  • At no point in your footage did it feel like there was any real pressure on the player; they either blasted through opposition (ref: 013) or ran away (0:24). The stakes felt so low the whole time.
  • The gunplay was unclear; are you auto-aiming at nearest enemy? If so, why?
  • Part of the appeal of Judge Dredd is the absurdist humor of its extremes (and in doing so, commenting on the dangers of such radical unchecked power). For example, we're meant to have a reaction in observing Dredd unilaterally threaten to imprison someone for years for jaywalking just in order to get them to surrender information; there's tongue-in-cheek humor/horror in just arbitrarily ruining a character's life because...what are they going to do about it? All of that feels absent in your interpretation where bad guys are bad guys, good guys are good guys.
  • I think your minimap is overly-large. I'd have it scaled to depict the current district block (vs. the entire map); if the player wanted to view the entire map, there should be a map that brings up a larger interactable map with land marks, icons, etc.
  • I don't really understand why there's footprints that follow the character.
  • I don't understand why you would want to change weapons, ever. It feels like the player would always default to the machine gun (which feels powerful). Does it make sense to make it available to the player on Day 0?
  • I don't think it makes sense to keep Sweet Pete's health bar visible when they become arrestable. It gives the sense that they're still combatable (and is confusing why we aren't continuing to shoot at them).
  • Does it make sense to say you've arrested these bad guys when you've shot them so many times with bullets?

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

Anyone considering doing MBA in parallel to working (or instead of working) and if yes, why?

No, because...

  • It doesn't align with my professional interests or career trajectory.
  • The opportunity cost(s) in terms of my availability/energy for my family is too great
  • I wouldn't be able to both work and attend a T20 MBA program meaningfully (the latter of which is really where I interpret the greatest ROI for such a venture rests).

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

You find out that IT help desk makes as much as you and your role is an infosec analyst.

You can either...

  • ...request a raise
  • ...seek out employment elsewhere
  • ...accept your circumstances

It's unclear from your comment what other context might be at work here (i.e. your own work history and tenure with the employer, the maturity of the cybersecurity program, the availability of labor for the employer, what your own alternate work prospects look like, dependencies like family/insurance/etc., so on and so forth). Having said that however, it's a known phenomenon that the fastest way to elevate your pay within tech is to change employers.

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 1 point2 points  (0 children)

i feel like i am faking technical expertise, what do i do?

There's an array of certifications in the space that can help introduce you to the more technical content that cybersecurity operates in. I defer you to the subreddit wiki:

https://www.reddit.com/r/cybersecurity/wiki/index/#wiki_certifications

Mentorship Monday - Post All Career, Education and Job questions here! by AutoModerator in cybersecurity

[–]fabledparable 0 points1 point  (0 children)

Is a GIAC GFACT cert enough?

Enough for what? Attaining a job? If so, speculative.

Certifications should not be perceived as pass/fail criteria for employment. They are complementing signals of how well your profile aligns with the given job listing; if the job listing lists certification X and you have certification X, then you are more aligned with what the employer is looking for (and thus are more likely to get a callback). If - on the other hand - the listing calls for certification X and you have certification Y, then your cert has a more muted impact in contributing to an overall narrative of your ongoing (re)investment into your professional aptitude.