this post was submitted on 12 Aug 2024
9 points (100.0% liked)

cybersecurity

3249 readers
5 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 3 months ago* (last edited 3 months ago) (2 children)

Yes, I have been eyeing a soft switch into cybersecurity. Maybe not head-over-heels and maybe not entirely, but I do plan to have a significant part of my work to be in infosec.

For context, I am currently working as Tech Lead/Software Architect for a company that has a security-focused product (with an, as of today, 0 incident track record), but I work on design and scalability most days. When involved in security-related tasks, I mostly coordinate and sometimes implement security critical code under the guidance of our (small) security team.

I do have enough insight to have a positive impact on security related discussions on higher levels (think “lol, this proposed change opens up the endpoint to being exploited by x or y”) but not enough to discuss our cryptographic primitives.

In order to get my feet wet, I started doing THM (quite actively, yet I’ve hit a rut with the Windows-focused buffer overflow rooms), and I can say I enjoy it more than I expected.

However, I am unsure what concrete steps I should take after THM.

I’ve been thinking of working towards the OSCP exam, but honestly the certification landscape is quite confusing.

[–] [email protected] 2 points 3 months ago

I've worked in security for decades and nobody has ever asked me about certifications. I know a guy with CISSP and he said it has been useful sometimes, but basically I wouldn't worry too much. Getting more involved with the security stuff where you work will give real experience which is likely more valuable.

load more comments (1 replies)