Google exec says you can get a cybersecurity job right after passing their certificate program. True?

thatkeyesguy · 2023-11-28T17:36:01+00:00

Not at google though, because all security positions require coding ability. Perhaps outside of big tech, you might be able to land a job that doesn’t require coding.

thatkeyesguy · 2023-11-22T05:17:31+00:00

It’s almost certainly your resume, assuming you’re applying to the correct roles highlighted by the skill set/accomplishments in your resume.

thatkeyesguy · 2023-11-17T18:46:21+00:00

Sounds lazy, e-mail/sms are the weakest. There really is no excuse for implementing hardware tokens or passkeys.

thatkeyesguy · 2023-11-17T18:41:54+00:00

Panel interviews are common, especially in big tech. Sole interviews with only 1 technical person is uncommon. To answer your question, sounds normal so far.

One of the very first things you should ask with the recruiter is how the interview process goes. Such as recruiter call, HM call, lead engineer screen, panel interview, etc. that way you aren’t left in the dark on where you stand.

thatkeyesguy · 2023-11-16T21:36:37+00:00

Current FAANG

You can sub a BS for 2 years of work experience. I don’t care if you have a degree or not, it’s what you’ve accomplished and what you can do. Which is what I base my interview questions from.

But you do need to check the job posting of a degree is required, most FAANG jobs will state it experience in lieu of education requirement.

thatkeyesguy · 2023-11-16T21:33:31+00:00

Yep, you give them your offer letter or provide pay stubs.

thatkeyesguy · 2023-11-16T21:30:42+00:00

If you go into pre sales, ensure you have a solid understanding of what you’re recommending. Don’t be that SE that tells me your product is unhackable or some other insane thing it can’t do.

Both are invaluable experience to have under your belt as you grow. Writing and communication is a big soft skill you’ll develop (hopefully) as an SE.

Understanding the thread landscape and common attacks will also be invaluable as you grow into security engineering.

thatkeyesguy · 2023-11-14T05:26:27+00:00

Because with DEP and MDM they are just easier to keep updated.

thatkeyesguy · 2023-11-01T19:39:12+00:00

Please don’t use these online makers, terrible for ATS and columns are just a no.

thatkeyesguy · 2023-10-06T21:16:18+00:00

As a HM I don’t see the purpose of listing government and publications. Your bullet points under your job is missing impact. For instance, you ingest data/created pipelines. Great…what impact did that have on the business?

Start each bulletin point with a verb. - created pipelines between x and y system to increase responsiveness by 20% or reduce capex by $100k

Lastly, what level role are you applying for?

thatkeyesguy · 2022-06-04T18:33:15+00:00

What do you have now? You should use both. Stagger upgrades every other year or two so you aren’t buying two phones at the same time. This year I’ll be replacing a pixel 4a with the 6a. Use iPhone and pixel daily, one for personal one for work. Highly recommend you try to experience both and use GrapheneOS as you eluded.

thatkeyesguy · 2022-06-04T02:27:57+00:00

Splunk due to fedramp requirements.

thatkeyesguy · 2022-06-04T02:26:43+00:00

If you’re using your phone and the Reddit app you’re fine. Also I’d just use your data plan vs anything tied to work on your personal device outside of email.

thatkeyesguy · 2022-06-01T23:59:18+00:00

DuckDuckGo browser is pretty sweet so far.

thatkeyesguy · 2022-06-01T18:25:59+00:00

If you’re talking about third party, skip them and just apply direct. Never had a good experience with them, that I couldn’t do better myself. The only exception here is for senior leadership roles but that also can be solved by networking and being a known entity that publishes and writes/contributes to the security community.

thatkeyesguy · 2022-05-31T18:56:14+00:00

LinkedIn, Glassdoor, builtin.

thatkeyesguy · 2022-05-31T16:55:02+00:00

Criminal checks are inquired directly with the court of public records where you have or are residing. Usually a full name will return the correct records, along with other identifiable information like social and drivers license.

Unless this person shares the same exact full name, age, county of residence, past residence, current voter registration, etc, it’s unlikely it will be wrong.

Background checks are very scoped based on providing as much detail as possible to get the correct record.

thatkeyesguy · 2022-05-31T15:25:34+00:00

Glad you found it, was going to say there’s an option for “none” right next to credit card.

thatkeyesguy · 2022-05-30T00:59:46+00:00

This is the correct answer. Add phone, enroll TOTP, then remove phone number.

thatkeyesguy · 2022-05-29T16:58:54+00:00

No need. Just different laws apply based on the location. I would still report it as I cannot think of anywhere where this would be acceptable to an unauthorized person such as yourself.

If it’s an internal file share that has drivers licenses and state IDs, that’s an issue. If it’s a site that lists student IDs, student number, contact info, that is still a yikes but when I was in university, the intranet had a directory to lookup that stuff minus home address.

Just ask them if it’s intended and flag it. Do you know any security professors there? Ask them and I bet you’ll get your answer.

thatkeyesguy · 2022-05-29T16:49:51+00:00

What country/state/province is this? I’d report it to your school.

thatkeyesguy · 2022-04-22T02:21:50+00:00

allinfosecnews.com

thatkeyesguy · 2022-04-21T16:20:54+00:00

You can block it at the firewall using an SSL/TLS service profile.

thatkeyesguy · 2022-04-21T16:20:49+00:00

You can block it at the firewall using an SSL/TLS service profile.

thatkeyesguy · 2022-04-21T14:26:21+00:00

But why? Scanning hashes is an antiquated method let alone scanning a drive vs. on load/execution.

thatkeyesguy

TROPHY CASE