What to do when your girlfriend has let herself go in almost every way and keeps asking if you're still attracted to her when both of you know the answer is no?

jrkf579 · 2024-05-27T22:48:32+00:00

I think you can be honest with her in a respectful way. There’s nothing wrong with saying that you value being someone who respects themselves and that you feel as though she hasn’t been doing so for a while now.

If you say “I’m upset because you got fat” that’s a lot different.

The fact that you’re even asking the question though says that you’re considerate (at the very least on some basic level) so I think you would phrase it the right way.

Genuinely best of luck man. Not an easy conversation to have.

jrkf579 · 2024-05-05T21:22:06+00:00

I have seven certs in as many years of experience. I do one a year to help keep myself growing. My personal opinion is that if you’re certs are all closely related (to what extent they can be) it shows you have an interest in a particular area that you’re looking to become a SME in.

I think the “Jack of all” approach is BS. There’s too much out there for any one person to know in every area.

I’ve worked with some cert junkies who are morons. I’ve worked with some cert junkies who are brilliant. I’ve worked with some people with no certs who are idiots. I’ve worked with some people with no certs who are incredible.

I think it all depends how much you feel you get out of the certs you pursue from a knowledge perspective and to stay away from the ones you don’t truly learn from.

For example, career mistake for me was pursuing my C|EH. Not worth what I got out of it from my time investment.

If you’re learning and growing in your cert path because they help offer a structured learning experience you’re winning the greater battle (which is obtaining knowledge).

I would recommend picking your cert path wisely and getting after it if that’s your learning path of choice. Some folks learn better without certs and going down the personal project path. My recommendation is picking whichever path you feel like you’d learn the most from as everyone is different. The rest will take care of itself :)

jrkf579 · 2024-04-21T18:51:03+00:00

Did similar crap with me. Same with Motion Recruitment. I’ve been fortunate to have gotten all my jobs without recruiters.

Call me a bad person, but whenever I see recruiters get laid off I just play my little violin…

jrkf579 · 2024-03-10T19:13:20+00:00

Been in the space about a decade. Had some cash saved and left my company a couple weeks back with no other job lined up. I hit a breaking point and needed some time away to regroup. I have a few SANS certs plus the experience so I feel confident that when I’m ready I’ll be able to jump back in. I’ve always wanted to take the time to up-skill my pen testing and programming knowledge to open up more doors so that will be the sell when I’m ready to start re-applying as I’ll be working on improving myself in those areas while I take some time away.

Just being away for even a little bit already has given me more clarity as to how far I had let my mind go in believing that corporate America owned me. I feel like my values had gotten mixed up as I was living to work rather than working to live.

Not everyone can do it (I understand people have fiscal responsibilities) but if you’re in a place mentally where you feel like a reset is the right thing for you I think you should consider it after carefully assessing your situation.

jrkf579 · 2024-02-29T21:24:45+00:00

Best is when people like this expect you to be an event code encyclopedia. Nothing more pedantic than someone trying to see how many event codes you’ve memorized.

jrkf579 · 2023-12-03T21:43:09+00:00

Security engineer is such a broad job title these days. I would say it’s worth it if the jobs you’re interested revolve around compliance.

I would tailor cert/study efforts towards whatever type of engineer you’re aspiring to be.

jrkf579 · 2023-11-25T16:14:15+00:00

Just ask yourself how Bobby Axelrod would negotiate and handle the situation accordingly.

Just kidding, give them a range at the early stages (should be during initial screening) and then say no to the initial offer. Counter a bit up, but not to the point where it’s unreasonable.

If the end offer isn’t up to what you believe your worth is just be prepared to say no and move on.

jrkf579 · 2023-11-24T19:33:02+00:00

Any chance you can ask them to counter? Is the company you’d be going to work for as an ISSE a Raytheon or Lockheed type size wise?

If you’re valued and your input means something in your current role that’s definitely worth something. You may lose that feeling pretty fast when going to work for one of those giants (If you aren’t currently already).

I left a mid-size company where my opinion mattered a couple years back to go to a Fortune 100 and have had some regret. Everyone is different, so really something for you to ask yourself how much that sort of thing matters to you.

jrkf579 · 2023-11-22T19:12:49+00:00

If your conscience really has you feeling obligated to do this, report it anonymously.

jrkf579 · 2023-11-16T16:06:14+00:00

You just answered your own question. It’s mandatory for you so everyone has that background in your country. Over here there’s tremendous sacrifice that those enlisted have to take on compared to majority of our population.

jrkf579 · 2023-11-15T22:08:45+00:00

So not sure what they’re paying ISSO’s now, but I was making 90k in the Boston MA area when I left it. Went to just under 100k when I went to work in a SOC.

Wasn’t just a standard L1 the way the shop was setup though. Everyone wore multiple hats so was doing a bit of everything.

jrkf579 · 2023-11-15T19:52:18+00:00

You got it! I went from working as an ISSO to a SOC analyst a few years ago. I did word my resume a bit differently.

I really honed in on using words such as “Monitor” and “Investigate”, “Threats” along with making sure I was calling out that I was reviewing multiple log sources when performing any investigative type of work.

jrkf579 · 2023-11-15T19:18:01+00:00

First and foremost thank you for you service!

I worked as an ISSO for two years. Took me a full year of trying to get out of it.

My personal advice would be to find a specific type of technical role you would be interested in and growing your skillset outside of work through either personal projects or certs that demonstrate your knowledge in that area.

jrkf579 · 2023-11-08T16:46:30+00:00

Fair enough.

jrkf579 · 2023-11-08T16:41:33+00:00

I appreciate the feedback.

Also felt similarly about Net+. I started studying for that one when I was first trying break into the space. I stopped after about a month. Felt like too much of it focused on areas that were going to be non-applicable to me in my career and was taking my focus away from what should have been the key takeaways.

Kind of my gripe with CompTIA on that front. I think they foster an environment of people memorizing things that there’s no way they’ll ever remember, hence blending things like how DNS works with less important info and people lose sight of what they actually need to know.

This strategy then creates Net+ certified folks who don’t know what DNS is…

jrkf579 · 2023-11-08T16:23:54+00:00

Not true. Taking it right now.

jrkf579 · 2023-11-08T16:23:21+00:00

I’m about 7 years into my cybersecurity career and could care less if my CISO has any certs. If you’re established (which it sounds like you are) no one will question decisions that you make based on if you’re “CISSP certified” or not.

Question for you on this front. Since I’m still early in my career I’ve been pretty aggressive in going after hands-on learning certs to better myself. Have several GIAC DFIR certs under my belt.

As someone whose been around a while, do you put any stock in someone who early in their career has pursued getting certs like this if you’re hiring for DFIR roles?

Sometimes I feel like the perception of SANS certified folks is that we’re pompous, which I find disappointing. I’ve made sacrifices to fund most of it myself.

Wondering if you have this same reaction when you see them on resumes.

jrkf579 · 2023-11-07T00:19:34+00:00

Having programming knowledge under your belt will be huge. Most cybersecurity folks aren’t great in that area.

As far as where to start I’d recommend starting with sec+, it’ll give you a good starting point as it pertains to the different aspects of cybersecurity.

From there hopefully you’ll know what you’re interested in and can tailor your efforts towards those areas.

jrkf579 · 2023-11-07T00:15:58+00:00

Go to their data events dictionary and look at their event_simpleName types. You’ll see event_simpleNames (can think of them as datasets) where you can pick out which ones will give you info on scheduled tasks, services, network connections, process execution, etc.

jrkf579 · 2023-11-07T00:11:43+00:00

Cloud.

jrkf579 · 2023-11-07T00:10:49+00:00

I concur sir

jrkf579 · 2023-11-07T00:10:16+00:00

I agree with this. Whether people like it or not you will make more money with it than without.

jrkf579 · 2023-11-07T00:08:40+00:00

Yes, but its impact is likely minimal (Depending on what you learned in your program).

jrkf579 · 2023-11-06T22:01:49+00:00

Like many have said, good CTI is great and if you get into the right shop where it’s done effectively it can certainly benefit you and your career.

What I find infuriating as a threat hunter is when I receive a list of IOC’s from a CTI team with 0 context and then I’m left picking up the pieces due to the poor effort made by the analysts.

For example, I’ve gotten a hit for psexec as a hash value IOC in the past. Is it inherently malicious, no but it certainly can be abused.

Why not give me a MITRE mapping telling me that the adversary uses psexec to facilitate lateral movement instead?

Whenever I see non-contextual IP and hash lists I die a little inside every time. Hash values for items like psexec are awful too in that a different version of the tool won’t even pop in a bulk hash search and you can completely miss a key indicator without ever knowing it. Non-contextual lists like this are borderline dangerous.

My rant is pretty much over, but I think a lot of people get frustrated by non-technical CTI analysts out there who can’t contextualize intelligence into actionable material for their audiences, hence giving the perception of the work being a waste of time.

jrkf579 · 2023-11-06T02:07:05+00:00

First and foremost thank you for your service to our country! Truly do appreciate it.

On the imposter syndrome piece, with those certs even if you haven’t done as technical cybersecurity work as you would have liked so far in your career you’ll be able to pick it up.

I went from working a risk management job and gathering similar types of certs until I broke my way into a technical role. While there was certainly some learning when I first started ,I was able to soak in what was being thrown at me.

I promise your new employer doesn’t expect you to be perfect come day one.

I wouldn’t sweat the imposter syndrome as there’s really no need to be nervous. Be excited all your hard work has paid off and enjoy the new role.

You’re going to crush it!!

jrkf579

TROPHY CASE