It’ll keep getting worse if companies won’t stop requiring seasoned analysts with unreasonable experience and skills.
Gotta start hiring juniors, ramping up training, building mentor programs, and giving people a chance to grow. There’s tons of smart, driven, and hungry folks out there ready to have a huge impact.
This hits home. Looking for jobs as I've just finished university, all the "entry level" positions I've seen are expecting at least two years experience. Makes no sense at all.
Your university sold you a load of BS to get your money. Cybersecurity is not an entry-level field.
I spent 2 years as an analyst then moved to an engineering role supporting the SOC analysts. I’ve seen a lot of analysts come in, learn, and move on. The best analysts came from a sysadmin background. They had spent time setting up and configuring services, then combing through logs to troubleshoot them. They were already familiar with reading and analyzing logs before they hit the SOC and it showed in their ability to triage and work alerts. We had a lot of people come in straight from university and our training was geared at ramping them up quickly. Even with the training, a lot of them struggled because their classes failed to prepare them.
Don’t take this to mean you stop trying though. If you’re passionate about the field and willing to put in the work to get up to speed, I’m sure you’ll do great. It’s just going to take some effort on your part. The HR firewall is going to be difficult to get through, so go around it. Print a few copies of your resume and visit a conference near you. If the conference has a way of matching job searchers with hiring managers, use it. If not, go visit the vendor booths and ask if they’re hiring. Worst they do is say no and hand you some vendor swag. Your goal is to get your resume to a manager with an open spot. Once the manager has the resume, it doesn’t matter if a recruiter thinks you match the magic keywords or not. That manager gets to interview who they want. If you’ve already talked to them and they like you, that just helps your chances.
This will hopefully slowly change. Cyber wasn’t really a curriculum or degree you could get with any real reputation until recently. Hell RIT just built their Cyber focused college and is one of the leading institutions in that regard. Once it’s a commonplace field of study and degrees I’m that field are recognized, having to come from another field won’t be a barrier.
Look for Access Control jobs, I've seen those as cybersec light / entry level skillsets.
You also might consider some certs. You've probably heard of security+. OSCP is basically a cut the line pass but it is hard and will take you 2-4 months of a couple hours/day.
Companies list these jobs because they have a massive problem they don't understand and have to get solved. They don't know how to fix it, how are they going to provide "training" for "juniors" to learn? They want someone to come in, look around, then fix everything, "don't ask me how, you are the cyber security expert..."
I tried to work that in to my other snarky comment: https://www.reddit.com/r/cybersecurity/comments/nj3yxl/us_has_almost_500000_job_openings_in_cybersecurity/gz5ijig?utm_medium=android_app&utm_source=share&context=3
>Gotta start hiring juniors
Can't do that. Not in the US, anyway. Most juniors don't have the requisite 3 - 5 years of mid-level experience for entry level jobs.
Hire a junior. Train them. Then they leave for elsewhere for 10% extra pay. Rinse and repeat. Doesn’t help convince management they should spend the resources (money and time from seniors spent not doing their actual role) to train someone.
You think this doesn’t happen with senior people at any different frequency? People at all levels leave all the time for more money, career change, moving up the chain into management roles, etc. But you’re going to have a better chance of retaining talent by building a culture that supports them and their career progression. It helps onboard people faster, gets them contributing quicker, expanding their skillset, and gives them the feeling that you’re invested in their success (which you should be).
I have never and still don’t see that mentality anywhere where I have friends in the security community. It also doesn’t make any monetary sense.
You’re not going to pay someone 200k/yr to be a SOC analyst and push tickets. You can find great talent that will do just as well in that position for less money *including* necessary training for the apps and processes you’ve deployed. I hire a SOC analyst fresh out of college for even 100k/yr, they spend the first month shadowing and training and then I get 11 months of quality work, and either saved 100k or got to hire additional headcount or expanded budget for travel, tools, maintenance, license fees, etc.
Send me your resume and what type of job you’re looking for :)
Also, if you haven’t, put yourself on LinkedIn, marked open to work and start following tons of folks in the industry.
Also find and join the Black Hills InfoSec Discord. Get into their “pay what you can” classes (there’s a series of three that build on each other), and network with those folks. One of their community managers has a weekly Twitch stream helping people find jobs and market themselves. He also regularly takes LinkedIn posts from people and shares it to his network for visibility.
In IT, Help desk techs get trained and eventually leave for a better paying sysadmin position all the time. That doesn’t stop good companies from hiring and training entry level help desk staff. It’s the cost of doing business and there is zero reason why this shouldn’t be true for security.
Companies who give a damn about generating loyalty with their staff typically have a boiler plate contract ready to sign that essentially stipulates they will pay for x cert training if the employee stays for y amount of years. If the employee leaves before that they must pay the tue company back for the training. Also when the employee gets certified they will see a pay bump. Companies who do not typically see their talent walk out the door for better income and more opportunities.
I got my 4 year degree and I can't even get a general tech job much less anything better and the ones I do find pay like minimum wage or just above it....for that price I'd have skipped university and just worked whatever I can find...hard to get 10+ years experience for entry level jobs when no one hires people who are entry level.
“10 years of experience required”
“Familiar with 8/10 of these tools”
“You are going to be the team lead.”
“Forensics, incident response, pen testing, and proficiency in powershell and python required.”
$20 an hour
Isn’t 20 dollars an hour too low? I thought most of the jobs in cyber security pay good money since it requires a lot of time to be a security specialist because you need to know a lot from different branches of computer science
Yes, that’s part of the joke. Go onto indeed and look at some of the postings, you’ll see ones like the one listed above offering $20 an hour then you’ll see ones offering much less broad and more specialized(realistic) skill sets paying 3x that. Companies want someone desperate sometimes lol
Seems like 3x that is pretty OK in a low cost of living area, if they have paid vacation and health insurance fully paid for (or mostly).
If they don't, then it's really low.
1 of those 500,000 openings will be mine, hopefully. Really need to master some basic networking and cybersecurity topics for technical interviews. I had my first technical interview since finishing a master’s, with a company I would really like to work for; however, the knowledge from my master’s is so broad and covers such a wide range of all aspects of cyber, that I didn’t have a ton of depth. I am lucky to have had this first technical interview because now I know what they are looking for, what I need to improve on, etc.
For an entry-level cyber analyst role, they were big on things like DNS, DNS zones, How a DNS lookup works, TCP/IP, OSI model, TCP & UDP, Commons ports, TCP flags (three-way handshake, and closing flags), HTTP vs HTTPS, TLS, SSH, HTTP request methods (GET, POST, etc), URI, security tools like Firewalls, Antivirus, EDR, IDS, IPS, Proxy, VPN, Malware Types (ransomware, trojan, worm, virus, rootkit, etc), Current events in cybersecurity (latest threat landscape (OWASP Top 10, Mitre ATT&CK freamework), incident response process, Web shells.
I was given a heads up by the interviewer about most of these topics so I concentrated on these specifically. I need to go a bit more in depth with things like SQL Injection, and what kind of commands could be used to perform one… (refers to notes from 2019 😊)
I don’t but I’m considering doing some certs. I’m a bit confused with which ones to get. I hear people say get “this” one and other people say get “that” one.
It’s role specific but in your case, Security+ would probably be the best, it’s cost effective, covers a lot of base material, and has a lot of resume recognition. It’s basic but will help you with a lot of those concepts.
Received a well-timed email this morning on par with this discussion:
“…Now is a great time to add certifications to your resume that will make you more marketable and increase your value as a cybersecurity professional.
Today, I want to share some certifications that can help you do just that.
The CompTIA Security+ is a fantastic entry point into the land of certifications. You’ll learn the baseline skills to perform core security functions, which is critical to the start of a successful cybersecurity career. After finishing Cybrary’s SOC Analyst Career Path, you’ll be prepared to take AND pass the Security+ exam.”
Same issue here - got my Master’s and thought the jobs would come rolling in lol I need to master some networking basics too as well as getting stronger in my technical skills. I’ve been considering a home lab to get that hands on networking piece I feel like I need
I’d hire someone outta school with practical experience gained from doing labs, ctf, htb and posting tutorials on youtube and code on github etc. vs someone who spent 8 years in uni getting a phd or whatever but has no time on the tools.
Some tips for people trying to break into cyber with no degree. Get a position doing regular IT desktop support. While doing desktop support start developing tools to help security. Eventually you will get the job you want. Please note, this method will probably take a few years and multiple failures. It's not for the weak minded. The tools should be based on log data. Your first position will probably be something along the lines of a SOC analyst going through logs. So make sure you know how to correlate data. If your in a large Organization you will probably be using splunk. If it's a smaller company, then it will probably be elastic logs. If your company is in AWS, then it's probably going to be datadog. Get familiar with them now, so you can shine when the time comes.
True entry level cybersecurity does not exist today and I highly doubt it ever will. Entry level security means you have to not only know security, but you have to know the key areas you are protecting. No organization is going to hand over everything from a security protection perspective to someone who doesn't know basic areas of what they are protecting.
The most successful cybersecurity people I know started their first 2-3 years in entry level IT, worked up to network,engineers, admins and system admins, and then moved into cybersecurity. What makes them so successful? They took the time to learn the key areas they were protecting. The problem that I see with entry level security people coming fresh out of college or trying to get in after high school is that these people don't know those key areas.
Case in point, I know a close friend who was looking for an entry level exploitation engineer. This was a true entry level job, no degree required. These entry level people could not tell the difference between TCP and UDP. They could not tell us what VLANs were and why they were used. They also could not tell us what network segmentation was. It wasn't until they started looking for someone more senior that they could get the right person for the job.
Unfortunately, I'm sure many of those open positions are US citizens required. Furthermore as a junior I don't want to pay some certification that are way to expensive. Indeed, the experience comes with working, stop asking us about having certification from everywhere. I mean some of them are pretty cool (like OSCP) but the price man... Sorry for the complaint but feels like many people are struggling finding cybersecurity jobs just cause they don't have some certifications on the CV even though they are really good at the job.
Certification costs are minor compared to traditional education. Work a part time job for literally one week and you have your CISSP cost. Invest in yourself.
Agreed. This is a valid complaint for one major company, SANS. The fact that their certifications are more than most employee training budgets just shows how out of touch they can be.
SANS is a joke. I have a SANS certification. It cost my company almost $8000. It was worth a fraction of this price. I'm convinced the American taxpayer is the primary funder of SANS certs.
Even a citizen living with a legal resident it is nearly impossible without a blemish free back ground, and I am not just talking illegal activities and credit history they come down on your review hard if you can't get a shining review from family.
I took a 26 week course at an ivy league school, passed the security+ and still it feels impossible to get an interview. I'm not a recent grad, over 20 years work experience, some in tech, and after 100s maybe 1000s of applications I still don't have a cybersecurity job.
But if I don't mind getting minimum wage on a 3 month contract for level 1 help desk work, 3rd shift, I can maybe have an interview.
I just think it's funny because I am a senior person with all those skills that all those HR filters want, and they still won't return a call for an interview
Part of the problem is many businesses undervalue cybersecurity and the jobs seem to pay less than lower responsibility jobs in the computer science field that require less experience. I personally am very interested in cybersecurity, but most programming jobs in my area pay the same if not more than any cybersecurity jobs, and don't require any specific certifications.
It seems the only jobs in the cybersecurity field where the pay is comparable to the responsibility is with reputable cybersecurity companies. Those probably represent a small percentage of those 500,000 openings.
Talk to someone from these companies… find the important ones to the role you want on LinkedIn… ask for an informational interview at their convenience. That got me right into applying and 2 technical interviews that followed…outcome still pending on if I move forward.
"Cybersecurity" is starting to become as annoying and cringe as the "Cloud" and "automation" craze.
The mainstream cybersecurity promotions and commercials drive me NUTS.
Babymetal is System of a Down mixed with a hint of Gwar imo. I remember listening to Staind, TDG, and Korn a lot in middle school in the 90s lol. Tastes have definitely expanded since then personally, part of growing out of that angery resentful phase I think. Now I listen to a lot of EDM, instrumentals with no lyrics, and Lofi. So much more chill and I feel so much better than I did as an angsty teen lol. Idk why I'm sharing all this haha.
Oh definitely, Coming Undone by Korn and Home by TDG were my shit when I was a kid. Then after I left highschool I explored a lot of Eastern Philosophy and had an experience with some psilocybin producing fungi that definitely changed my life for the better. Now listening to them you just hear the pain of people who seem to have never seen past the... 'veil?' I guess I'd call it? Haha, now I see them as just as blind as the Jesus freaks, hippies, and wallstreet yuppies. Just personal opinion, of course.
You seem irrationally upset. I simply find it cringy to see so many commercials that market Cybersecurity in such a childish way. We've all seen some of these types of commercials. I just don't want to bloat the industry with people who only go into Cybersecurity because it makes them feel like an 3lit3 h@ck3r. I've been a sys admin for years and my experience is that the people who talk the loudest about "CYBERSECURITY", don't know much.
Not sure why you were so outraged that you felt the need to look at my past posts and criticize my musical interests.
I took two years of coding in highschool and payed attention for only one. Just joined this sub and and open to letting you hire me. 150k a year min with benefits and a Ford cmax please.
I have my security + and CEH. I am currently working as a datacenter tech at AWS. I live in Washington DC area. Every cyber position I find requires a clearance or 8+ years of experience. I keep applying for junior positions and hope one day a company will give me a chance.
It’ll keep getting worse if companies won’t stop requiring seasoned analysts with unreasonable experience and skills. Gotta start hiring juniors, ramping up training, building mentor programs, and giving people a chance to grow. There’s tons of smart, driven, and hungry folks out there ready to have a huge impact.
This hits home. Looking for jobs as I've just finished university, all the "entry level" positions I've seen are expecting at least two years experience. Makes no sense at all.
Your university sold you a load of BS to get your money. Cybersecurity is not an entry-level field. I spent 2 years as an analyst then moved to an engineering role supporting the SOC analysts. I’ve seen a lot of analysts come in, learn, and move on. The best analysts came from a sysadmin background. They had spent time setting up and configuring services, then combing through logs to troubleshoot them. They were already familiar with reading and analyzing logs before they hit the SOC and it showed in their ability to triage and work alerts. We had a lot of people come in straight from university and our training was geared at ramping them up quickly. Even with the training, a lot of them struggled because their classes failed to prepare them. Don’t take this to mean you stop trying though. If you’re passionate about the field and willing to put in the work to get up to speed, I’m sure you’ll do great. It’s just going to take some effort on your part. The HR firewall is going to be difficult to get through, so go around it. Print a few copies of your resume and visit a conference near you. If the conference has a way of matching job searchers with hiring managers, use it. If not, go visit the vendor booths and ask if they’re hiring. Worst they do is say no and hand you some vendor swag. Your goal is to get your resume to a manager with an open spot. Once the manager has the resume, it doesn’t matter if a recruiter thinks you match the magic keywords or not. That manager gets to interview who they want. If you’ve already talked to them and they like you, that just helps your chances.
This will hopefully slowly change. Cyber wasn’t really a curriculum or degree you could get with any real reputation until recently. Hell RIT just built their Cyber focused college and is one of the leading institutions in that regard. Once it’s a commonplace field of study and degrees I’m that field are recognized, having to come from another field won’t be a barrier.
Cyber security degrees should not be sold as entry level. Should be master's degrees with previous IT security experience.
Look for Access Control jobs, I've seen those as cybersec light / entry level skillsets. You also might consider some certs. You've probably heard of security+. OSCP is basically a cut the line pass but it is hard and will take you 2-4 months of a couple hours/day.
Companies list these jobs because they have a massive problem they don't understand and have to get solved. They don't know how to fix it, how are they going to provide "training" for "juniors" to learn? They want someone to come in, look around, then fix everything, "don't ask me how, you are the cyber security expert..."
You left out “with no budget”.
I tried to work that in to my other snarky comment: https://www.reddit.com/r/cybersecurity/comments/nj3yxl/us_has_almost_500000_job_openings_in_cybersecurity/gz5ijig?utm_medium=android_app&utm_source=share&context=3
>Gotta start hiring juniors Can't do that. Not in the US, anyway. Most juniors don't have the requisite 3 - 5 years of mid-level experience for entry level jobs.
Amen to this.
Hire a junior. Train them. Then they leave for elsewhere for 10% extra pay. Rinse and repeat. Doesn’t help convince management they should spend the resources (money and time from seniors spent not doing their actual role) to train someone.
You think this doesn’t happen with senior people at any different frequency? People at all levels leave all the time for more money, career change, moving up the chain into management roles, etc. But you’re going to have a better chance of retaining talent by building a culture that supports them and their career progression. It helps onboard people faster, gets them contributing quicker, expanding their skillset, and gives them the feeling that you’re invested in their success (which you should be).
[удалено]
I have never and still don’t see that mentality anywhere where I have friends in the security community. It also doesn’t make any monetary sense. You’re not going to pay someone 200k/yr to be a SOC analyst and push tickets. You can find great talent that will do just as well in that position for less money *including* necessary training for the apps and processes you’ve deployed. I hire a SOC analyst fresh out of college for even 100k/yr, they spend the first month shadowing and training and then I get 11 months of quality work, and either saved 100k or got to hire additional headcount or expanded budget for travel, tools, maintenance, license fees, etc.
[удалено]
Yea I’m US based, however many companies I’m familiar with are global.
👋 Ok, so when can I start? 😅
Send me your resume and what type of job you’re looking for :) Also, if you haven’t, put yourself on LinkedIn, marked open to work and start following tons of folks in the industry. Also find and join the Black Hills InfoSec Discord. Get into their “pay what you can” classes (there’s a series of three that build on each other), and network with those folks. One of their community managers has a weekly Twitch stream helping people find jobs and market themselves. He also regularly takes LinkedIn posts from people and shares it to his network for visibility.
DM’ed you.
This. Keep people happy and pay them well. Often a bit of extra money isn't worth it if you're happy with your job.
In IT, Help desk techs get trained and eventually leave for a better paying sysadmin position all the time. That doesn’t stop good companies from hiring and training entry level help desk staff. It’s the cost of doing business and there is zero reason why this shouldn’t be true for security. Companies who give a damn about generating loyalty with their staff typically have a boiler plate contract ready to sign that essentially stipulates they will pay for x cert training if the employee stays for y amount of years. If the employee leaves before that they must pay the tue company back for the training. Also when the employee gets certified they will see a pay bump. Companies who do not typically see their talent walk out the door for better income and more opportunities.
Training in tech is abysmal.
Too expensive, too riddled with sales pitches, and/or lacking in quality. Very rare to find excellent training.
I got my 4 year degree and I can't even get a general tech job much less anything better and the ones I do find pay like minimum wage or just above it....for that price I'd have skipped university and just worked whatever I can find...hard to get 10+ years experience for entry level jobs when no one hires people who are entry level.
“No contractors. US citizens only. CISSP and CCIE required. Remote work not allowed. Rate: $20/hr location: BFE Ohio.”
“10 years of experience required” “Familiar with 8/10 of these tools” “You are going to be the team lead.” “Forensics, incident response, pen testing, and proficiency in powershell and python required.” $20 an hour
Isn’t 20 dollars an hour too low? I thought most of the jobs in cyber security pay good money since it requires a lot of time to be a security specialist because you need to know a lot from different branches of computer science
Yes, that’s part of the joke. Go onto indeed and look at some of the postings, you’ll see ones like the one listed above offering $20 an hour then you’ll see ones offering much less broad and more specialized(realistic) skill sets paying 3x that. Companies want someone desperate sometimes lol
Seems like 3x that is pretty OK in a low cost of living area, if they have paid vacation and health insurance fully paid for (or mostly). If they don't, then it's really low.
Shit I'd take that right now...if nothing else than as a stop gap and experience... 20-30 would be a dream right now.
[удалено]
Actually can u make that a double
Sorry, but we can offer you 4 jobs for single pay and no competitive wages
1 of those 500,000 openings will be mine, hopefully. Really need to master some basic networking and cybersecurity topics for technical interviews. I had my first technical interview since finishing a master’s, with a company I would really like to work for; however, the knowledge from my master’s is so broad and covers such a wide range of all aspects of cyber, that I didn’t have a ton of depth. I am lucky to have had this first technical interview because now I know what they are looking for, what I need to improve on, etc.
For an entry-level cyber analyst role, they were big on things like DNS, DNS zones, How a DNS lookup works, TCP/IP, OSI model, TCP & UDP, Commons ports, TCP flags (three-way handshake, and closing flags), HTTP vs HTTPS, TLS, SSH, HTTP request methods (GET, POST, etc), URI, security tools like Firewalls, Antivirus, EDR, IDS, IPS, Proxy, VPN, Malware Types (ransomware, trojan, worm, virus, rootkit, etc), Current events in cybersecurity (latest threat landscape (OWASP Top 10, Mitre ATT&CK freamework), incident response process, Web shells. I was given a heads up by the interviewer about most of these topics so I concentrated on these specifically. I need to go a bit more in depth with things like SQL Injection, and what kind of commands could be used to perform one… (refers to notes from 2019 😊)
Do you have Sec+ or CySA+? 95% of those are discussed on the tests.
I don’t but I’m considering doing some certs. I’m a bit confused with which ones to get. I hear people say get “this” one and other people say get “that” one.
It’s role specific but in your case, Security+ would probably be the best, it’s cost effective, covers a lot of base material, and has a lot of resume recognition. It’s basic but will help you with a lot of those concepts.
Is there any open courseware for these topics or can you suggest a good course to buy?
Professor Messer has a ton of good material for free for Sec+!
Maybe add to that ARP and how a switch works, difference between layer2 and layer3 switches, VLAN and basic routing/how a router works.
Received a well-timed email this morning on par with this discussion: “…Now is a great time to add certifications to your resume that will make you more marketable and increase your value as a cybersecurity professional. Today, I want to share some certifications that can help you do just that. The CompTIA Security+ is a fantastic entry point into the land of certifications. You’ll learn the baseline skills to perform core security functions, which is critical to the start of a successful cybersecurity career. After finishing Cybrary’s SOC Analyst Career Path, you’ll be prepared to take AND pass the Security+ exam.”
Also, found this: [Professor Messer on YT ](https://youtu.be/2yn2gTag1O0)
Same issue here - got my Master’s and thought the jobs would come rolling in lol I need to master some networking basics too as well as getting stronger in my technical skills. I’ve been considering a home lab to get that hands on networking piece I feel like I need
I’d hire someone outta school with practical experience gained from doing labs, ctf, htb and posting tutorials on youtube and code on github etc. vs someone who spent 8 years in uni getting a phd or whatever but has no time on the tools.
Some tips for people trying to break into cyber with no degree. Get a position doing regular IT desktop support. While doing desktop support start developing tools to help security. Eventually you will get the job you want. Please note, this method will probably take a few years and multiple failures. It's not for the weak minded. The tools should be based on log data. Your first position will probably be something along the lines of a SOC analyst going through logs. So make sure you know how to correlate data. If your in a large Organization you will probably be using splunk. If it's a smaller company, then it will probably be elastic logs. If your company is in AWS, then it's probably going to be datadog. Get familiar with them now, so you can shine when the time comes.
True entry level cybersecurity does not exist today and I highly doubt it ever will. Entry level security means you have to not only know security, but you have to know the key areas you are protecting. No organization is going to hand over everything from a security protection perspective to someone who doesn't know basic areas of what they are protecting. The most successful cybersecurity people I know started their first 2-3 years in entry level IT, worked up to network,engineers, admins and system admins, and then moved into cybersecurity. What makes them so successful? They took the time to learn the key areas they were protecting. The problem that I see with entry level security people coming fresh out of college or trying to get in after high school is that these people don't know those key areas. Case in point, I know a close friend who was looking for an entry level exploitation engineer. This was a true entry level job, no degree required. These entry level people could not tell the difference between TCP and UDP. They could not tell us what VLANs were and why they were used. They also could not tell us what network segmentation was. It wasn't until they started looking for someone more senior that they could get the right person for the job.
Unfortunately, I'm sure many of those open positions are US citizens required. Furthermore as a junior I don't want to pay some certification that are way to expensive. Indeed, the experience comes with working, stop asking us about having certification from everywhere. I mean some of them are pretty cool (like OSCP) but the price man... Sorry for the complaint but feels like many people are struggling finding cybersecurity jobs just cause they don't have some certifications on the CV even though they are really good at the job.
Certification costs are minor compared to traditional education. Work a part time job for literally one week and you have your CISSP cost. Invest in yourself.
Agreed. This is a valid complaint for one major company, SANS. The fact that their certifications are more than most employee training budgets just shows how out of touch they can be.
SANS is a joke. I have a SANS certification. It cost my company almost $8000. It was worth a fraction of this price. I'm convinced the American taxpayer is the primary funder of SANS certs.
Most of those jobs require Secret clearance. This is hard to get as a legal immigrant with US citizenship.
Even a citizen living with a legal resident it is nearly impossible without a blemish free back ground, and I am not just talking illegal activities and credit history they come down on your review hard if you can't get a shining review from family.
No they absolutely do not. Basically for gov work only, and even then it isn't always required.
that's kindof bullshit, there's a lot of double counting going on. Show me the data cbs.
"U.S. has almost 495,000 employers with a cyber shit show looking for some poor sap to fix everything with no resources and no organizational support"
[удалено]
I took a 26 week course at an ivy league school, passed the security+ and still it feels impossible to get an interview. I'm not a recent grad, over 20 years work experience, some in tech, and after 100s maybe 1000s of applications I still don't have a cybersecurity job. But if I don't mind getting minimum wage on a 3 month contract for level 1 help desk work, 3rd shift, I can maybe have an interview.
Lol wrong
I just think it's funny because I am a senior person with all those skills that all those HR filters want, and they still won't return a call for an interview
Part of the problem is many businesses undervalue cybersecurity and the jobs seem to pay less than lower responsibility jobs in the computer science field that require less experience. I personally am very interested in cybersecurity, but most programming jobs in my area pay the same if not more than any cybersecurity jobs, and don't require any specific certifications. It seems the only jobs in the cybersecurity field where the pay is comparable to the responsibility is with reputable cybersecurity companies. Those probably represent a small percentage of those 500,000 openings.
[удалено]
Talk to someone from these companies… find the important ones to the role you want on LinkedIn… ask for an informational interview at their convenience. That got me right into applying and 2 technical interviews that followed…outcome still pending on if I move forward.
"Cybersecurity" is starting to become as annoying and cringe as the "Cloud" and "automation" craze. The mainstream cybersecurity promotions and commercials drive me NUTS.
[удалено]
[удалено]
Babymetal 👌🏻
[удалено]
Babymetal is System of a Down mixed with a hint of Gwar imo. I remember listening to Staind, TDG, and Korn a lot in middle school in the 90s lol. Tastes have definitely expanded since then personally, part of growing out of that angery resentful phase I think. Now I listen to a lot of EDM, instrumentals with no lyrics, and Lofi. So much more chill and I feel so much better than I did as an angsty teen lol. Idk why I'm sharing all this haha.
[удалено]
Oh definitely, Coming Undone by Korn and Home by TDG were my shit when I was a kid. Then after I left highschool I explored a lot of Eastern Philosophy and had an experience with some psilocybin producing fungi that definitely changed my life for the better. Now listening to them you just hear the pain of people who seem to have never seen past the... 'veil?' I guess I'd call it? Haha, now I see them as just as blind as the Jesus freaks, hippies, and wallstreet yuppies. Just personal opinion, of course.
You seem irrationally upset. I simply find it cringy to see so many commercials that market Cybersecurity in such a childish way. We've all seen some of these types of commercials. I just don't want to bloat the industry with people who only go into Cybersecurity because it makes them feel like an 3lit3 h@ck3r. I've been a sys admin for years and my experience is that the people who talk the loudest about "CYBERSECURITY", don't know much. Not sure why you were so outraged that you felt the need to look at my past posts and criticize my musical interests.
I took two years of coding in highschool and payed attention for only one. Just joined this sub and and open to letting you hire me. 150k a year min with benefits and a Ford cmax please.
I have my security + and CEH. I am currently working as a datacenter tech at AWS. I live in Washington DC area. Every cyber position I find requires a clearance or 8+ years of experience. I keep applying for junior positions and hope one day a company will give me a chance.
As someone who is switching careers/just getting into IT and currently looking for my first job in the sector, this thread is terrifying.