+ Reply to Thread
Results 1 to 13 of 13
  1. Senior Member
    Join Date
    Feb 2017
    Posts
    196
    #1

    Default Offered a threat hunting job - double my salary but ...

    I've been offered a job as a Threat Hunting manager ... it's a new team in a very big company which is based in 8 countries. There will be about 4-5 people under me.

    Im really worried I may be under qualified. Mainly as:

    - I've never used any SIEM tools
    - never worked in any soc environment
    - never worked as a threat hunter
    - never done malware analysis other than some basic stuff in my own time

    my experience is within digital forensics and incident response.

    The job description does say other stuff like Python which I've used a fair bit, forensics which I have done, some pen testing (I have oscp but never used these skills outside of labs).

    Am i just lacking confidence?
    Or am I setting myself for failure?
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  2. SS
  3. Senior Member PCTechLinc's Avatar
    Join Date
    Jan 2016
    Location
    King City, CA
    Posts
    470

    Certifications
    CISSP, CCNA Security, CHFIv8, CEHv8, CCNA R&S, CCENT, MCSA Server 2008, Project+, Server+, Security+ce, Network+, A+
    #2
    It is quite possible that you are short-changing your skillset based on your self evaluation. What I always go back to is comparing my skills to the job description, and if I have been completely honest with the company about the skills I have. If I tell them what I CAN do and what I CANNOT do but can learn and they STILL offer me the position, then I don't see a problem.
    Master of Business Administration in Information Technology Management - Western Governors University (Started 10/1/16)
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
    Reply With Quote Quote  

  4. Well ain't that shiny! TLeTourneau's Avatar
    Join Date
    Mar 2011
    Location
    MN, USA
    Posts
    598

    Certifications
    CISSP, C|EH, MCITP:EA, SA, EDA7, MCTSx4, MCSA 2008, CCNA (expired), Project+, CIW JS Specialist, CIW WFA
    #3
    There was a reason they offered you the position. If you were straight forth with your CV and interviews I would trust that they want you. Also, a management position contains more, well, management and that may be a reason you were selected.
    Thanks, Tom

    B.S: IT - Network Design & Management
    M.S. - CSIA (Started 3/1/2017)Progress T1: C688, JIT2; T2:TFT2, C700, VLT2; T3:
    C701, C702; T4: FXT2, LQT2, C706
    Black = Not Started, Blue = In Progress, Red = Complete
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    May 2016
    Posts
    1,986

    Certifications
    70-461
    #4
    That's the best part of IT, is the gaps and trying to make them up. I have never felt comfortable transitioning to a new role, and quite frankly I like that. Get's me going.....

    My first database job I was a complete joke.... I thought I was going to get fired, come COLA time I got a 5.5% for my effort and how fast I grew. Like others have mentioned if you were honest, you are fine.

    You'll be fine.....
    Last edited by DatabaseHead; 07-11-2018 at 09:11 PM.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jan 2015
    Location
    Chicago, IL
    Posts
    1,115

    Certifications
    Too many MCPs and MCTS, MCSA: Security, MCSE: Security, MCSA: 2003, 2008, 2012, MCITP: EA, CISSP-ISSAP, SCS DLP, GREM
    #5
    Just accept the offer.
    Reply With Quote Quote  

  7. Senior Member mikey88's Avatar
    Join Date
    Jul 2017
    Location
    Virginia
    Posts
    252

    Certifications
    CySA+, Security+, Network+ and others
    #6
    "If you think you can or if you think you can't, you're probably right".
    2018 Goals: CySA+[] CISSP [ ]
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Apr 2014
    Posts
    276
    #7
    literally the only part of that that sounds like it will be remotely challenging is the malware analysis part, and that will come with exposure and time.

    take it, enjoy the first few months of getting comfortable and congrats on your efforts bearing fruit.
    Reply With Quote Quote  

  9. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,598

    Certifications
    GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #8
    It will take some time to catch up with the SIEM tool they use but it's not super challenging really. You said it's a multi-national company, so you'll probably have a chance to work with your colleagues on some of the problems initially just to get your hands wet.

    Take it and learn as you go, you have OSCP, Digital forensics, incident response, you're not a beginner
    Goal: MBA, March 2020
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Jun 2015
    Location
    De' Nile..
    Posts
    903

    Certifications
    "I eat SubNets like You for breakfast..."
    #9
    Quote Originally Posted by mikey88 View Post
    "If you think you can or if you think you can't, you're probably right".
    ^^ Yep




    https://en.wikipedia.org/wiki/Impostor_syndrome

    ^^ or maybe this :P
    Reply With Quote Quote  

  11. Achieve excellence daily
    Join Date
    May 2012
    Location
    Washington State
    Posts
    1,415

    Certifications
    CISSP
    #10
    Take the gig!
    When you go the extra mile, there's no traffic.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Jan 2012
    Posts
    461

    Certifications
    GSE, GREM, GCFA, GNFA, GCIA-g, GPEN, GWAPT, GCIH, GSEC-g, GCED, GSLC, GISP, CISSP
    #11
    I can see why you feel that you wouldn't be able to do it due to your background. What is the impression of the culture of the new firm? The culture is more important as your hiring manager should understand the situation with your background and give you time to pick it up. Secondly, why do you think that they hire you over other candidates? I think it is necessary for you to evaluate this, there may be rare cases whereby the manager purposely hires a wrong candidate due to competition reasons, deliberately setting up the department to fail so to secure jobs for their own department.

    After considering the culture and the hiring reason, you should prepare for the move to the new team. You shouldn't worry threathunting or technical aspects of the work. As a manager, you should be thinking about ideas and asking for feedbacks from people under you. Think of ways to ask for advice from the team, engage with them and help build the culture with constant communication and casual chats. People come to work for a living, getting them into casual conversations before and after any serious discussion can help to bring up the culture. Try to rethink the approach as in driving up the culture and how you will be getting the best ideas to drive threathunting. Lots of googling for threathunt frameworks help. Communicate the idea with the team and move forward with the best one.
    Reply With Quote Quote  

  13. Senior Member E Double U's Avatar
    Join Date
    Apr 2014
    Location
    The Netherlands
    Posts
    1,343

    Certifications
    CISSP, CISM, CISA, GPEN, GCIA, GCIH, C|EH, and more.
    #12
    Quote Originally Posted by CyberCop123 View Post

    Am i just lacking confidence?
    Or am I setting myself for failure?
    Both, but I think you should still do it
    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
    Reply With Quote Quote  

  14. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    376

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, CSAE, C|EH, OSCP, Splunk Certified User, Splunk Certified Power User, Splunk Certified Admin
    #13
    Stop second guessing yourself, you never will get anywhere by doing that. In fact, you are already the best threat hunting manager that company has ever seen, hell, maybe even in the entire world ( see what I did there). Man up, embrace the challenge and profit.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks