this post was submitted on 08 Jul 2024
17 points (100.0% liked)

cybersecurity

3249 readers
9 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

top 7 comments
sorted by: hot top controversial new old
[–] KillingInc@lemmy.world 3 points 4 months ago (2 children)

Hey guys, I’m a new grad struggling to figure out where to go next. I went to Pennsylvania State University and completed a program called “Cybersecurity Operations and Analytics” where I earned a BS. I’ve been applying for IT help desk jobs and tier 1 SOC analyst jobs but haven’t had any luck. Any general advice would be great. Thank you.

[–] leastprivilege@lemmy.ml 2 points 4 months ago

Haven't had any luck getting interviews? Could be your resume. Haven't had any luck with getting offers? Could be your interviewing skills.

[–] MajorHavoc@programming.dev 1 points 4 months ago* (last edited 4 months ago)

It's a tough market for entry-level SOC analysts. It has been since...well, as long as I can remember.

IT Help Desk experience is a huge plus, for landing future SOC analyst roles, if you can get some.

My advice is:

  • Hang ang in there and keep at it. The first security job is the hardest to land.
  • Do some independent training if you have time. Hack the Box and OWASP Juice Shop have free resources, so you can keep growing. Remember that increasing your skills does lead to cash, but it sometimes takes a lot of time.
  • Be on the lookout for remote postings. There's very little done by a SOC, today, that can't be done remotely, so it's not critical to limit your search by geography, anymore.
  • Learn some programming, if you haven't already. SOC operations are less painful with some scripting skill. (My own path into Cybersecurity was due to my coding skills, not any Cybersecurity certificate.)
[–] jerry@infosec.pub 2 points 4 months ago

It’s a rough job market for several reasons. My best recommendation is to do something that will distinguish yourself from others (blog, podcast, etc etc) and also try to establish a relationship with someone at prospective employers to get them to “pull” you in. I know, I know, easier said than done, but that’s where we are at.

[–] br3ad@infosec.pub 1 points 4 months ago (1 children)

I am looking into attacking/defending applications using genai. Any resources would be helpful and if you have any experience in pentesting such applications, i would love to hear about it!

So far i have come across the owasp top for LLMs: https://owasp.org/www-project-top-10-for-large-language-model-applications/