+ Reply to Thread
Results 1 to 17 of 17
  1. Senior Member
    Join Date
    Oct 2015
    Posts
    159

    Certifications
    GCIH, C|EH, MCSA Windows 10
    #1

    Default Landed my first security job - My story

    August 2015 I decided to try to get into the IT field. I went to a trade school called my computer career for a few months. While there I received A+, Server+, Mobility+, and some MTA certifications. I knew I wanted to get into CyberSecurity but knew it'd be hard to get into.

    February 2016 - July 2016 I worked a couple of desktop support contract jobs.

    July 2016 I got hired on at an MSP doing helpdesk. Learned a lot. Over 400 clients and as a level 1 tech I was a domain admin for all of them. I was basically allowed to do anything to the client's environment as long as I knew how to do it.

    One day I applied for a position on Craigslist. The ad said you could start off in desktop support and move into a number of other departments, security being one of them. They ended up offering me the job and when I put in my notice at my job, they said they were in the process of trying to get a security role going and if I stayed, I could be that guy. I was able to get them to pay for whatever security certs I wanted and give me a raise. I got the CEH and GCIH. Since GCIH was so expensive, they would only do it if I signed an agreement to stay on for at least 18 months. A few months later I got both certs and they ended up not being able to make the security position. I told them I wouldn't have signed the agreement if I knew that there was a possibility the position wouldn't be made. They let me out of the agreement, said I didn't have to pay it back if I left.

    Updated my resume on a all job sites to now show the CEH and GCIH. A recruiter contacted me about a Security Analyst Level 1 position in a SOC. It was two interviews. A technical interview was the first one where it was mostly linux questions and attack questions. I met with 3 team leads and they asked me the questions. I didn't know all of the questions and just told them I didn't know if I didn't know the answer. I also wrote all of the questions down that I didn't know. I always carry a notebook into interviews. The second interview was just so the managers could get a feel for the kind of person I was. I found out I got the job the same day. The job pays $30/hr.

    For the longest it was such an uphill battle. There aren't really many entry level security jobs. I feel like the main thing that got me there was just really grinding at my job. My job wanted everybody to have A+ and the Windows 10 cert. I already had the A+ cert and out of the other 13 technicians, 9 months later I'm still the only person to have the A+ and the Windows 10 cert. Having at least the required certs made it easier for them to agree to pay for the security certs. If I didn't have them, they wouldn't said "Well you don't even have your required certs". A lot of my days were 10 hour work days and I do the gym at least 3 days a week after work. I'd always get to work an hour early to study for whatever cert I was going for. I also have a wife. None of the guys at my job have any drive it seems and it just made it easier for me to look good. This year I got MCSA Windows 10, CEH, and GCIH. My first IT job was $14/hr last year and on the 16th I start a security job making $30/hr. It feels good to finally have my work pay off.

    To all of the guys trying to get in the field, I'd say be the hardest worker in the room and keep at it. Get whatever security certs you can. Preferably certs that are more well known if possible. The certs got me in the door. Actually knowing the material well enough to pass the technical interview is what landed the job for me.

    Thanks to everybody for there contributing words and experiences on here. Sorry for the novel.
    Reply With Quote Quote  

  2. SS -->
  3. Member NEODREAM's Avatar
    Join Date
    Apr 2016
    Location
    127.0.0.1
    Posts
    71

    Certifications
    letters, letters, and more letters
    #2
    Congrats, great to see that hard work and perseverance paying off.
    Currently Working On: B.S. Cybersecurity & Information Assurance
    Next Up:​ CCNA Cyber Ops [Cohort 6]
    Reading:The Cuckoo's Egg & Applied Network Security Monitoring
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,830

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #3
    Good job! I'm glad that the work that you put in paid off!
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  5. Senior Member mikey88's Avatar
    Join Date
    Jul 2017
    Location
    Seattle, WA
    Posts
    124

    Certifications
    Security+, Network+, Server+
    #4
    Congrats on the new role. I'm sure it will be beneficial for anyone trying to go the same route as you.
    2017 Goals: Security+ [] Server+ []
    2018 Goals: CCNA Cyber Ops, Security[ ] CISSP [ ]
    Reply With Quote Quote  

  6. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Galloway, NJ
    Posts
    1,271

    Certifications
    A+, Network +, GSEC, GCIH, Lunatic+
    #5
    Congratulation. I wager the GCIH really help land you that job. The CEH helped, but since you can get a self study book and take the exam, it's certainly easier (and cheaper) to obtain than a GIAC cert.

    Quote Originally Posted by fabostrong View Post
    Updated my resume on a all job sites to now show the CEH and GCIH. A recruiter contacted me about a Security Analyst Level 1 position in a SOC.
    When you say recruiter, what kind? A staffing agency? Or a company recruiter for full time position with benefits? Where did you "update" your resume? A job board?
    Last edited by TechGromit; 10-03-2017 at 06:15 PM.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  7. Senior Member tmurphy3100's Avatar
    Join Date
    Nov 2013
    Location
    PA
    Posts
    139

    Certifications
    A+, Network+, Cloud+, Server+, Security+, MCSA: 2012, CEH, VCP550
    #6
    Congrats! I am trying to follow a similar path. Do you feel like getting the GCIH was the key to get into an interview? Also, did you have any programming knowledge?
    2017 Goals: CCNA Cyber Ops
    2018 Goals: CCNA, VCP6, CSA+
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Jan 2015
    Location
    Chicago, IL
    Posts
    945

    Certifications
    Too many MCPs and MCTS, MCSA: Security, MCSE: Security, MCSA: 2003, 2008, 2012, MCITP: EA, CISSP-ISSAP, SCS DLP, GREM
    #7
    Congratz! Quite a pace!
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Oct 2015
    Posts
    159

    Certifications
    GCIH, C|EH, MCSA Windows 10
    #8
    Quote Originally Posted by TechGromit View Post
    When you say recruiter, what kind? A staffing agency? Or a company recruiter for full time position with benefits? Where did you "update" your resume? A job board?
    A staffing agency. The position is full time with benefits. And yes, job boards. Indeed, Dice, CareerBuilder.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Oct 2015
    Posts
    159

    Certifications
    GCIH, C|EH, MCSA Windows 10
    #9
    Quote Originally Posted by tmurphy3100 View Post
    Congrats! I am trying to follow a similar path. Do you feel like getting the GCIH was the key to get into an interview? Also, did you have any programming knowledge?
    Most definitely. In both interviews, they let it be known that GCIH is 1 of 2-3 certs that they really look for or like. So it definitely got me in the door for the interview. Not sure if the CEH would've been enough to get me the interview or not. I don't have any programming knowledge.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Oct 2015
    Posts
    159

    Certifications
    GCIH, C|EH, MCSA Windows 10
    #10
    Quote Originally Posted by TechGromit View Post
    Congratulation. I wager the GCIH really help land you that job. The CEH helped, but since you can get a self study book and take the exam, it's certainly easier (and cheaper) to obtain than a GIAC cert.
    I agree.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Oct 2015
    Posts
    159

    Certifications
    GCIH, C|EH, MCSA Windows 10
    #11
    Quote Originally Posted by gespenstern View Post
    Congratz! Quite a pace!
    Thanks, man. Trying to stay hungry.
    Reply With Quote Quote  

  13. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Galloway, NJ
    Posts
    1,271

    Certifications
    A+, Network +, GSEC, GCIH, Lunatic+
    #12
    Quote Originally Posted by fabostrong View Post
    A staffing agency. The position is full time with benefits. And yes, job boards. Indeed, Dice, CareerBuilder.
    So are you working for the staffing agency as a contractor for a client?
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Jun 2015
    Location
    De' Nile..
    Posts
    793

    Certifications
    "I eat SubNets like You for breakfast..."
    #13
    cool!!

    So, if i may ask, what is a general description of the day to day things you will be doing in this role?

    (i ask because i always see threads of people want to get into "IT security", but i'm not sure they know what it actually means)

    :]
    Reply With Quote Quote  

  15. Senior Member alias454's Avatar
    Join Date
    Sep 2014
    Posts
    609

    Certifications
    BSIT, A+, eJPT, GSEC, VCP5-DCV
    #14
    Good job. Hard work pays off.
    “I do not seek answers, but rather to understand the question.”
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Oct 2015
    Posts
    159

    Certifications
    GCIH, C|EH, MCSA Windows 10
    #15
    Quote Originally Posted by TechGromit View Post
    So are you working for the staffing agency as a contractor for a client?
    No, sir. I'm working directly for the security company as a full-time/permanent employee.
    Reply With Quote Quote  

  17. Senior Member coreyb80's Avatar
    Join Date
    Sep 2012
    Location
    Chicago
    Posts
    576

    Certifications
    A+
    #16
    Congrats OP on the position and keep pushin forward!!
    Up Next: CCENT
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Oct 2015
    Posts
    159

    Certifications
    GCIH, C|EH, MCSA Windows 10
    #17
    Quote Originally Posted by volfkhat View Post
    cool!!

    So, if i may ask, what is a general description of the day to day things you will be doing in this role?

    (i ask because i always see threads of people want to get into "IT security", but i'm not sure they know what it actually means)

    :]
    This is the job description

    Job Summary
    The Security Analyst role is responsible for performing accurate and precise real-time analysis and correlation of logs/alerts from a multitude of client devices with a focus on the determination of whether said events constitute security incidents.

    Primary Responsibilities
    · Monitor global NIDS, Firewall, and log correlation tools for potential threats
    · Initiate escalation procedure to counteract potential threats/vulnerabilities
    · Provide Incident remediation and prevention documentation
    · Document and conform to processes related to security monitoring
    · Provide performance metrics as necessary
    · Provide customer service that exceeds our customers’ expectations

    Required Skills and Experience
    · Basic command of Linux systems administration and working with BASH
    · Basic understanding of networking including TCP/IP
    · Basic experience with network monitoring and packet analysis tools
    · Basic understanding of a cloud environment & infrastructure (AWS, Azure, Google Cloud, etc.)
    · Basic understanding of HTTP, SSL/TLS, SOAP, and reverse proxies
    · Basic experience using an IDS eg, Snort.
    · Basic understand the Top 20 Critical Security Controls for Effective Cyber Defense
    · Basic understanding of the OWASP Top 10
    · Basic knowledge of threat vectors against the Windows or Linux platform
    · Basic hands-on experience with network security or equivalent study
    · Basic experience with anomaly detection based on security systems
    · Strong time management skills with the ability to multitask
    · Ability to work a flexible schedule including weekends and evenings, and night shifts
    · Detail oriented individuals that work well in a team environment and have a hunger to learn
    · Analytical and problem solving skills
    · Demonstrable verbal and written communication experience
    · Experience with ticketing systems, to include understanding work flow, ticket routing and resolution documentation
    · Operations Experience (SOC Operations an advantage)
    · Experience working in a customer service oriented organization
    · Basic experience using Microsoft Word, Excel and PowerPoint

    Desired Skills and Experience
    · Basic hands on experience working with Windows infrastructure
    · Basic possession of a diverse log message and windows event vocabulary
    · Basic experience with scripting in Python, Perl, Bash, PHP, JavaScript
    · Basic working knowledge of SQL
    · Basic hands on experience configuring Windows or Linux system logging
    · Basic understanding of Windows or Linux logging / auditing capabilities
    · Basic experience with configuration and troubleshooting of network switches, routers, and firewalls
    · Basic understanding of routing
    · Basic understanding of Security Information & Event Management (SIEM) concepts and functionality
    · Basic experience with vulnerability scanning and reconnaissance methods
    · Basic understanding of the 6 phases of Incident Handling (Preparation, Identification, Containment, Mitigation, Remediation and Lessons Learned)
    · At least one security certification such as SANS, EC-Council, or ISC2
    Education
    · Bachelor’s degree in Computer Science, Computer Engineering, Network Security, Information Security, Information Technology or equivalent work experience. 1- 3 years of work experience in the field.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks