Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I’ve worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I’m also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!
This is great! I should do one of these
Thank you for the AMA.
Do you regularly feel overwhelmed? - Keeping up with the sec news and patch accordingly, firewall/ips and endpoint alarms, logs, meetings, and more. It shouldn’t be the case, but it seems that everything in security is prio 1.
EDIT: and being the party pooper and saying no to everything, bc people do not think about security.
Honestly I don’t get overwhelmed by infosec. Though my personality is to take on more projects than I can chew and that can sort of overwhelm my time - I don’t get emotionally overwhelmed easily though. Some of that I credit to my personality but I also credit how organized I am, it helps me keep track of everything on my plate and daily prioritization. Inbox Zero, using a task manager, having a personal Wiki (i.e. Obsidian/Simplenote) all help with this.
In the early days of my career I heard that sec people were the “no”-sayers in the group. I have learned over time that we don’t need to be. Instead, we become the - “let us find a way to do that securely”-sayers. It’s about creating that we’re-a-team mentality.
Good points and thank you for your input. What kind of TaskManager do you use? Any system, or just simple list?
Hi Mike.
I am interested in roles that marry the Cloud, Networking and Cybersecurity together. What would such a role look like? Is there a demand for something like this? I’m not a programmer, and don’t think I’ll be a good fit for application/operating system security. But Networking security is easier for me to jump into, and I hear that roles in this industry are fairly well paid?
I’m looking to progress my career in a path related to the Cloud, and wanted to explore cybersecurity rather than just going for the Cloud architect role (or maybe they are somewhat connected the higher up you go? I’m so confused).
Thanks for your time. I’m very interested in some of the SANS courses you mentioned, I’ll take a look. Thanks!
I think this describes a lot of enterprise cloud security architect roles. I think there is enough delineation between cloud security folks who focus on infrastructure versus those who are more focused on the app/product side. I’d go take a look at the cloud certs from AWS/Azure and see if there is one that looks fun to you. Those certs are typically mapped to common job roles.
I’m new to the field (I’ll start masters in Sept). What all topics should I focus on to improve my resume? My previous exposure to the field is 1 ctf competition that’s all.
Having a CTF on your resume and being able to speak to that experience is great imo. Early-career is always a bit difficult for resumes since you wanna beef it up but you don’t want to fill it with things that don’t matter. CTFs, trainings, content you’ve created (blog, podcast, write-ups, GitHub), etc… are all great things to put on there imo. If you have any coding projects or cloud experience (easy enough to get) you can put that on there too. Will you be looking to get a job while pursuing your masters?
I’ll go for something like a TA maybe. I have some job experience already (sde, not cybersec) so idk if it counts.
things that don’t matter
Can you give some examples so that I can avoid that
Mostly non-tech experience. This is subjective and will vary hiring team to hiring team but in this field I have always glossed over any non-tech things on a resume. There’s so much opportunity for people to learn and get involved with IT/security that there’s no excuse to not just focus on those competencies on the resume. Just my opinion.
Did you pay for all those SANS certs yourself, or company foot the bill?
What’s been most memorable incident or PenTest finding?
I’d be either very broke or have to be very rich to have paid for all of those haha. Fortunately, I worked for a company that had a very generous training allotment. I’ve also managed to take quite a few entirely free by being part of their vTA (virtual TA) community, whereby I help instructors throughout the week of the course with student questions, lab setup, etc…
I can’t go into too much detail on vulns specifically but I’ve found a number of high impact vulns in public-facing websites for companies I have worked for as well as one vuln in a popular proxy appliance that I should have submitted a CVE for but never did at the time.