+ Reply to Thread
Page 1 of 3 1 23 Last
Results 1 to 25 of 61
  1. Member
    Join Date
    Jun 2015
    Location
    DC
    Posts
    62

    Certifications
    Sec+, C|EH v9, CCNA Cyber Ops
    #1

    Default Trying to break into CyberSec, yet no one wants to hire entry level

    Hey Guys, I have almost 7 years infrastructure support, 3 in Helpdesk, and 4 as SA. I've been trying to build my resume with certs since I don't have cybersec exp. I currently work in the DC area, and hold a Secret Clearance. I'm having a hard time finding a new position(I'm currently working, but SA is getting old real fast).

    Is there a way to get actual experience working with SEIM, Firewalls, IPS, or IDS? Should I just download Security Onion and get familiar? Should I get the free "user" certs from Splunk, Palo Alto, etc.?

    I'm currently studying for CISSP to make myself more marketable, and once I finish I'll probably start WGU's Cyber program. I get quite a few bits for SA work, but I'm not interested at all.

    Any advice? Also, anyone know of a SOC position in the area, please let me know.
    Last edited by Shane2; 04-12-2018 at 10:22 PM.
    Reply With Quote Quote  

  2. SS
  3. Senior Member mikey88's Avatar
    Join Date
    Jul 2017
    Location
    Virginia
    Posts
    273

    Certifications
    CySA+, Security+, Network+ and others
    #2
    Quote Originally Posted by Shane2 View Post
    Hey Guys, I have almost 7 years infrastructure support, 3 in Helpdesk, and 4 as SA. I've been trying to build my resume with certs since I don't have cybersec exp. I currently work in the DC area, and hold a Secret Clearance
    Are you willing to relocate?/work a contract? There is ACAS/HBSS training you can take that'll make you a bit more marketable.

    I was in a similar position, and I moved across the country for a role. I've read through many job descriptions and tried to learn as many tools and technologies as I could.

    There is no simple answer. Keep learning, keep progressing.. and keep trying.
    2018 Goals: CySA+[] CISSP [ ]
    Reply With Quote Quote  

  4. Member
    Join Date
    Oct 2010
    Location
    Jacksonville, FL
    Posts
    53

    Certifications
    MSc Cybersecurity, CISSP, CCNA (R&S + Cyber Ops), Linux Essentials, A+,N+,Sec+, MCP
    #3
    I'm going to watch this since I'm just about in the same boat. Although I do have CISSP and a Masters in Cybersecurity, plus CCNA Cyber Ops... No "real world" experience in an actual security role. I have tried to list anything I have done that remotely relates to security (firewalls, network ACLs, etc... I'm a network admin currently) as the primary focus of experience on my resume. I have actually received a few phone interviews here and there, for positions that aren't really entry level, because I've experienced the same thing as you (not many, if any, entry/junior security positions). I think they go okay, but at this point they seem to be dragging their feet and perhaps holding out for someone with more experience before passing on me entirely.

    I'm also not in DC, so if you're having trouble over there finding infosec work I don't see how it would bode well for me where I'm at.
    Reply With Quote Quote  

  5. Member
    Join Date
    Jun 2015
    Location
    DC
    Posts
    62

    Certifications
    Sec+, C|EH v9, CCNA Cyber Ops
    #4
    Quote Originally Posted by mikey88 View Post
    Are you willing to relocate?/work a contract? There is ACAS/HBSS training you can take that'll make you a bit more marketable.

    I was in a similar position, and I moved across the country for a role. I've read through many job descriptions and tried to learn as many tools and technologies as I could.

    There is no simple answer. Keep learning, keep progressing.. and keep trying.
    I’m actually slowly making my way through the ACAS training, but between work and CISSP studies, it is very slow. I know the HBSS won’t take me long at all, as I had the certificate of completion before(and let it lapse).
    Reply With Quote Quote  

  6. Member
    Join Date
    Jul 2012
    Location
    Los Angeles
    Posts
    41

    Certifications
    B.S.-Business Admin, A+, Security+, CCENT, CCNA: RS, CCNA:Cyber Ops
    #5
    Quote Originally Posted by Shane2 View Post
    Hey Guys, I have almost 7 years infrastructure support, 3 in Helpdesk, and 4 as SA. I've been trying to build my resume with certs since I don't have cybersec exp. I currently work in the DC area, and hold a Secret Clearance. I'm having a hard time finding a new position(I'm currently working, but SA is getting old real fast).

    Is there a way to get actual experience working with SEIM, Firewalls, IPS, or IDS? Should I just download Security Onion and get familiar? Should I get the free "user" certs from Splunk, Palo Alto, etc.?

    I'm currently studying for CISSP to make myself more marketable, and once I finish I'll probably start WGU's Cyber program. I get quite a few bits for SA work, but I'm not interested at all.

    Any advice? Also, anyone know of a SOC position in the area, please let me know.
    When you say you're thinking about WGU Cyber program, do you mean BA or Masters? Do you have any degree? How long have you been searching? I would say you have the leg up being in DC. From what I can see, there seems to be 2-3x more Sec jobs in DC vs other major metropolitan areas. That being said, I would not recommend moving.
    Reply With Quote Quote  

  7. Member
    Join Date
    Jun 2015
    Location
    DC
    Posts
    62

    Certifications
    Sec+, C|EH v9, CCNA Cyber Ops
    #6
    Quote Originally Posted by emek View Post
    When you say you're thinking about WGU Cyber program, do you mean BA or Masters? Do you have any degree? How long have you been searching? I would say you have the leg up being in DC. From what I can see, there seems to be 2-3x more Sec jobs in DC vs other major metropolitan areas. That being said, I would not recommend moving.
    I’ll be going for my BA. No current degree. Been looking for a few months, i’ll turn it into overdrive in June when I hopefully pass the CISSP.

    I don’t plan on moving. Jobs are here, just need to find the right one.
    Reply With Quote Quote  

  8. Member H-bomb's Avatar
    Join Date
    Oct 2015
    Posts
    82

    Certifications
    CASP, CCSK, SSCP, ITIL, Security+
    #7
    CISSP should help a lot. Luckily you are located in an area where Infosec jobs are plentiful. Have you tried any cyber job fairs? They have been popping quite frequently. Companies like ManTech, Raytheon, DXC, CACI, have held job fairs in the DC area within the past two months.
    Reply With Quote Quote  

  9. Member
    Join Date
    Jul 2012
    Location
    Los Angeles
    Posts
    41

    Certifications
    B.S.-Business Admin, A+, Security+, CCENT, CCNA: RS, CCNA:Cyber Ops
    #8
    Quote Originally Posted by Shane2 View Post
    I’ll be going for my BA. No current degree. Been looking for a few months, i’ll turn it into overdrive in June when I hopefully pass the CISSP.

    I don’t plan on moving. Jobs are here, just need to find the right one.
    I think it may be the lack of degree holding you back. More so than other fields in IT, a bachelors seems to be required by a lot of jobs I see posted. There appears to be a big push from parents and from the colleges themselves, to encourage new grads to go into the info sec industry.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Apr 2013
    Posts
    2,136
    #9
    You have clearance, some experience and are in DC, maybe it's your resume?
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    May 2014
    Posts
    235

    Certifications
    Security+, CISSP
    #10
    Quote Originally Posted by Syntax View Post
    I'm going to watch this since I'm just about in the same boat. Although I do have CISSP and a Masters in Cybersecurity, plus CCNA Cyber Ops... No "real world" experience in an actual security role. I have tried to list anything I have done that remotely relates to security (firewalls, network ACLs, etc... I'm a network admin currently) as the primary focus of experience on my resume. I have actually received a few phone interviews here and there, for positions that aren't really entry level, because I've experienced the same thing as you (not many, if any, entry/junior security positions). I think they go okay, but at this point they seem to be dragging their feet and perhaps holding out for someone with more experience before passing on me entirely.

    I'm also not in DC, so if you're having trouble over there finding infosec work I don't see how it would bode well for me where I'm at.
    How do you have CISSP with no security experience? Same with the OP, why go after a cert that requires 5 (or4) years of relevant experience if you don't have it?
    Reply With Quote Quote  

  12. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,723

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure,FW), LFCS, CEH, PA ACE
    #11
    Quote Originally Posted by Shane2 View Post
    Is there a way to get actual experience working with SEIM, Firewalls, IPS, or IDS? Should I just download Security Onion and get familiar? Should I get the free "user" certs from Splunk, Palo Alto, etc.?
    Yes, get this and lab it. Also start a mini blog showing your research and results. This will win you huge points with any employer.
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), SpecterOps: Adversary Tactics Red Team OPS (complete), eCPPT (obtained), OSCP PWK (2nd Attempt), Demystifying Regular Expressions (in progress), SLAE (October Start), OSCE CTP (DEC Start)
    Reply With Quote Quote  

  13. Member
    Join Date
    Jun 2015
    Location
    DC
    Posts
    62

    Certifications
    Sec+, C|EH v9, CCNA Cyber Ops
    #12
    Quote Originally Posted by jt2929 View Post
    How do you have CISSP with no security experience? Same with the OP, why go after a cert that requires 5 (or4) years of relevant experience if you don't have it?
    With almost 7 years of It work, I definitely have 4 years of relevent security work. You don’t need to hold a security position for 5 years. You just need to have worked in the domains. Between my work as HD and SA, I definitely have 4 years of experience in 2 domains. I only need 4 since I have my Sec+.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    167

    Certifications
    OSCP, OSWP, GCFA, CISSP, CCNA Cyber Ops, Sec+
    #13
    There are people just out of school with no experience looking for entry level infosec.
    Then there are people out there who've worked 3+ years of IT at some level and...are...looking for entry level infosec?

    Especially for someone with a CISSP, you probably have security experience that you're not focusing on very well. And half of security is knowing how something works, so if you've built/maintained IT at all, you know half the stuff you need.

    For instance, have you managed user AD accounts? Service accounts? AD groups?
    Set up privileged access on systems, or limited access on systems?
    Worked with HTTPS/certs at all?
    Patched systems? How did you do that?
    Did any troubleshooting on why one thing can't talk to another? Found out it's a firewall problem? Understood why?
    Did any troubleshooting with pstools/procmon/etc?
    Looked at logs on a system? Moved logs somewhere more convenient to look at? Configured log collection?

    Don't undersell yourself is you understand how the web works, how DNS works, how to do low level troubleshooting on permissions, file writes, processes, or feel comfortable in more than just Windows (Cisco IOS, Linux, etc).
    -------------------------------------------------------
    Security Engineer/Analyst/Geek, Pen Testing
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Apr 2014
    Posts
    302
    #14
    Quote Originally Posted by Danielm7 View Post
    You have clearance, some experience and are in DC, maybe it's your resume?
    right, there's clearly something not adding up.

    Have you posted your resume on clearancejobs.com?

    checked the reddit /r/netsec quarterly hiring threads?
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    May 2013
    Posts
    1,522

    Certifications
    Cisco (3), CompTIA (2), EC-Council (2), GIAC (3), ISACA (1), ISC2 (1)
    #15
    If you want to stay in govt / defense, information assurance (IA) is probably one of your easier ways to get into cyber. You will get exposure to the security regulations on a deeper level, but be prepared it is paperwork heavy. SOCs can be more challenging to get into unless you have some solid certs like CCNA/CCNP Security, GCIH / GCIA.

    Also, for govt / defense I see no reason to relocate because you are in the hub being in the DC area. If you can relocate it opens doors but you might end up in a less desirable location and in turn needing to relocate again down the road.
    Reply With Quote Quote  

  17. Member
    Join Date
    Jun 2015
    Location
    DC
    Posts
    62

    Certifications
    Sec+, C|EH v9, CCNA Cyber Ops
    #16
    Quote Originally Posted by josephandre View Post
    right, there's clearly something not adding up.

    Have you posted your resume on clearancejobs.com?

    checked the reddit /r/netsec quarterly hiring threads?
    I'm almost positive it is the resume, I'm going to work on it in the nexst month or so. I'll list the projects I have contributed to, instead of boring bullets on what I generally do.

    I do have a fear of listing things I did a while ago, and then getting asked specifics.
    Reply With Quote Quote  

  18. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,981

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #17
    Quote Originally Posted by Shane2 View Post
    I'm almost positive it is the resume
    I didn't read everyone else's posts but saw this at the bottom. I was assuming it would probably be that. You really have to tailor your resume and make it sound like your current job you do a lot of security things. Try and think of any activity you do or have done that might involve security. Then list your resume on here and have some people look at it.
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    May 2016
    Posts
    2,167

    Certifications
    Teradata Database Certified Associate | 70-461 | ITIL ST OSA F V3
    #18
    Quote Originally Posted by Shane2 View Post
    I'm almost positive it is the resume, I'm going to work on it in the nexst month or so. I'll list the projects I have contributed to, instead of boring bullets on what I generally do.
    Good idea.
    Reply With Quote Quote  

  20. Member
    Join Date
    Feb 2018
    Posts
    58

    Certifications
    CNE NetWare 3/4/5.x, MCP, Security+
    #19
    There's a ton of open-source IDSs, pentesting tools, and vulnerability scanners out there (for Linux; I don't know about Microsoft). If you don't have this sort of access at work, you can build a little Linux network at home and play with these plus set up self-signed certificates, etc.
    Reply With Quote Quote  

  21. Member
    Join Date
    Sep 2012
    Posts
    79
    #20
    Damn, if you have IT experience, security certs and a clearance trying to get in a field they claim has a shortage, in an area that has plenty of those jobs, and having no luck, looks bleak for others trying to get in.
    Reply With Quote Quote  

  22. Senior Member scaredoftests's Avatar
    Join Date
    Dec 2013
    Location
    behind you!
    Posts
    2,452

    Certifications
    ACAS,Comp TIA Security +, Novell CNE, HDI Customer Service, ITIL Foundation, MTA
    #21
    Quote Originally Posted by Shane2 View Post
    I'm almost positive it is the resume, I'm going to work on it in the nexst month or so. I'll list the projects I have contributed to, instead of boring bullets on what I generally do.

    I do have a fear of listing things I did a while ago, and then getting asked specifics.
    YES take out the BULLETS!!
    Never let your fear decide your fate....
    Reply With Quote Quote  

  23. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,981

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #22
    Quote Originally Posted by YesOffense View Post
    Damn, if you have IT experience, security certs and a clearance trying to get in a field they claim has a shortage, in an area that has plenty of those jobs, and having no luck, looks bleak for others trying to get in.
    None of those matter if your resume doesn't look good or isn't tailored to the position you're trying for.
    Reply With Quote Quote  

  24. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,723

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure,FW), LFCS, CEH, PA ACE
    #23
    Quote Originally Posted by Shane2 View Post
    I'm almost positive it is the resume, I'm going to work on it in the nexst month or so.
    That is not the attitude to have. I am not trying to pick on you or criticize you but why would you wait until the next month or so to improve your quality of life?
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), SpecterOps: Adversary Tactics Red Team OPS (complete), eCPPT (obtained), OSCP PWK (2nd Attempt), Demystifying Regular Expressions (in progress), SLAE (October Start), OSCE CTP (DEC Start)
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    Apr 2017
    Posts
    391
    #24
    Your professional network will take you farther than any degree or CISSP certification. Get out and network with people. The Security community is not large in many locations so you're usually only a few hops from someone who makes hiring decisions.
    Reply With Quote Quote  

  26. Member
    Join Date
    Oct 2010
    Location
    Jacksonville, FL
    Posts
    53

    Certifications
    MSc Cybersecurity, CISSP, CCNA (R&S + Cyber Ops), Linux Essentials, A+,N+,Sec+, MCP
    #25
    Quote Originally Posted by jt2929 View Post
    How do you have CISSP with no security experience? Same with the OP, why go after a cert that requires 5 (or4) years of relevant experience if you don't have it?
    I have security experience... I just meant none of my roles, past or current, have been focused on cybersecurity as the primary responsibility.

    As an update, I am starting to get more responses and actually have my first in-person interview this week. I think many companies are just slow or aren't that interested in filling the position in a timely manner. I just have to be patient and keep being optimistic.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 3 1 23 Last

Social Networking & Bookmarks