Mentorship Monday - Discussions for career and learning! (infosec.pub)

submitted 1 month ago by shellsharks@infosec.pub to c/cybersecurity@infosec.pub

7 comments fedilink hide all child comments

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

top 7 comments

sorted by: hot top controversial new old

[-] KillingInc@lemmy.world 3 points 1 month ago

Hey guys, I’m a new grad struggling to figure out where to go next. I went to Pennsylvania State University and completed a program called “Cybersecurity Operations and Analytics” where I earned a BS. I’ve been applying for IT help desk jobs and tier 1 SOC analyst jobs but haven’t had any luck. Any general advice would be great. Thank you.

[-] leastprivilege@lemmy.ml 2 points 1 month ago

Haven't had any luck getting interviews? Could be your resume. Haven't had any luck with getting offers? Could be your interviewing skills.

[-] MajorHavoc@programming.dev 1 points 1 month ago* (last edited 1 month ago)

It's a tough market for entry-level SOC analysts. It has been since...well, as long as I can remember.

IT Help Desk experience is a huge plus, for landing future SOC analyst roles, if you can get some.

My advice is:

Hang ang in there and keep at it. The first security job is the hardest to land.
Do some independent training if you have time. Hack the Box and OWASP Juice Shop have free resources, so you can keep growing. Remember that increasing your skills does lead to cash, but it sometimes takes a lot of time.
Be on the lookout for remote postings. There's very little done by a SOC, today, that can't be done remotely, so it's not critical to limit your search by geography, anymore.
Learn some programming, if you haven't already. SOC operations are less painful with some scripting skill. (My own path into Cybersecurity was due to my coding skills, not any Cybersecurity certificate.)

[-] jerry@infosec.pub 2 points 1 month ago

It’s a rough job market for several reasons. My best recommendation is to do something that will distinguish yourself from others (blog, podcast, etc etc) and also try to establish a relationship with someone at prospective employers to get them to “pull” you in. I know, I know, easier said than done, but that’s where we are at.

[-] br3ad@infosec.pub 1 points 1 month ago

I am looking into attacking/defending applications using genai. Any resources would be helpful and if you have any experience in pentesting such applications, i would love to hear about it!

So far i have come across the owasp top for LLMs: https://owasp.org/www-project-top-10-for-large-language-model-applications/

[-] shellsharks@infosec.pub 2 points 1 month ago

Some resources here https://shellsharks.com/online-training#ai and here https://www.databricks.com/blog/introducing-databricks-ai-security-framework-dasf

[-] br3ad@infosec.pub 2 points 1 month ago

Thanks for sharing!

this post was submitted on 08 Jul 2024

17 points (100.0% liked)

cybersecurity

3077 readers

1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub