I’m interested in IR, malware analysis, and threat intelligence but currently focus primarily on cloud architecture, governance as code, and DevSecOps. Currently have AWS security and associate architect certifications + a technical masters. I’m debating whether to go for CISSP or OSCP. How can I leverage my existing skill set into security operations/blue team work? Should I just accept that I’d need to take a pay cut? (Currently at 5yoe 230k tc)

like
Posting as :
works at
You are currently posting as works at

No way should you take a pay cut. I think you need to tailor your LinkedIn and resume accordingly. More Incidents are happening in the Cloud… there is a lot of value here for someone who can be cloud IR specific! Good luck.

likehelpful

If you join a consulting firm that does both cloud and IR/ Readiness you can easily shift with no pay cut - feel free to DM if interested by Accenture

like

Does Palo Alto Networks count as a firm that does both ?

like

OSCP May be of better help but tbh you are far off better with GIAC if malware analysis is of your interest. You don’t have to take a cut but will have to learn quickly and out to practice what you know. Not impossible imo

helpful

Thank you, I’d really appreciate that.

Neither....get you sans 500 cert, maybe 611 or 508.

Also read practical malware analysis

like

Makes sense, CISSP might end up being a mandatory work thing but the SANS certs are definitely next on the list. I’ve taken some coursework in malware analysis and have that book but haven’t really dug deep into it yet.

IR positions are usually Analyst or Senior Analyst level so definitely a level down. Whats making you switch? I am planning to do opposite and get into cloud security.

Spend 5 mins actually building for every minute you spend studying for a cert.

I’d say they are not focused on the IR side of things - ACN and PAN are huge partners but ACN IR team is recognized within the industry and the Global Lead is one of the best MDs I’ve seen at ACN

Related Posts

I have FAR and REG left for CPA. Not sure I really want to stay in Big 4. Want to move to Corporate Finance, FPA, or IB. Thinking of just pausing CPA and studying for GMAT. Never given time to study f

like

I am in the process of finishing up my MBA but considering also getting my SPHR or PHR cert. Is it even worth it or a waste of time and money?

like

As a person in the ABA field, I have my RBT however I want to counsel hence, why I’m attending Liberty University to obtain my masters in clinical counseling and LPC. I want to get out of the ABA Field but don’t know where to start, any advice?

like

What is the average salary of a supply chain major with ~5 years experience? Green belt certified, no post grad.

like

Tips to build my brand and network as a junior practitioner navigates their career to the next level at the firm?

like

What’s the Just-Plain-Coolest Series 7, 66, 24 career path?
Purely hypothetical, it isn’t a compensation thing I just want to know what you think the sweetest gig is.


Tc 58k.
4 YOE.
I know.

like

what would be expected salary of salesfoece tester at KPMG Global Services for 4.5 years of experience? How much salary % hike used to be for annual appraisal at KPMG Global Services? How is the work life balance? Which is better KPMG global Services Or Deloitte USI if package is same?

like
like

Hi everyone,

What is the salary range for a Lead DevOps Engineer in ZS Associates ? My current salary is 27LPA, YOE: 7yrs and will be undergoing HR discussion soon...

Thanks in advance!

like

What’s a typical salary for a Director of Operations in the NYC area?

like

Anyone here moved from EY to Accenture? Curious to know how was the shift, pros and cons for each company, any regrets? Waiting for an offer from Accenture but very conflicted on whether I should leave EY. Been there all my career and going to be a big jump.

like

Hello Men, do you still think, that you should switch to domain you like instead of what you are doing currently. Please tell why or why not. I know switching to a Domin we like will take us a bit back in our career but still want to know.....will you take the risk

Any1 who have joined recently or 6 months back...Could you pls confirm if Cognizant is that negative as discussed in many forum.
1)Howz the hike goes
2) Howz the culture especially in kolkata
3)Is this right time to join there...
4) Promotions

like

Book recommendations on leadership, career development, etc?

like

Salary credit timings? Icici bank

like

I'm looking to get into production accounting, specifically interested in becoming a production accountant for a media production company. Any tips or advice? Any companies I should look into/reach out to in Toronto?

like

I don't know if anyone can answer this. But how much do most civil engineers make? There are so many conflicting reports about "overpaid consultants" and it's almost impossible to get an actual answer

like

Can anyone please help me with expected salary under loan management current exp-3 years

like

What is the maximum percentage of joining bonus Accenture offers?

like

What is the exit formalities at PwC AC Bangalore?

As my new company wants me to join immediately

Will there be any issue they raise, if we waive the notice period (60 days)?

If so what should I do, to get smoothly exit with waiving notice period?

like

More Posts

Hi People, Need some advice. Currently I am in EY India, joined it 7 months back.
Got an offer from Nagarro with 18LPA(17 fixed).
Should i consider switching? Please suggest. YoE-3.6 years. Current CTC- 10.7 Lpa. Tech stack- Java Spring Boot.

like

Interested in how much others spend on food per month and what that breakdown looks like between at home or ordering out.

My husband and I have no kids and order/go out very rarely, maybe once a month, and our grocery bill for just the 2 of us has risen to around $750-$800 per month this year.

It's starting to feel very unreasonable to spend so much despite not wasting much. I do buy mostly produce but not always organic, and very little meat.

like

Does anyone mind looking over my resume and giving some feedback?

like

What kind of questions can one expect in interviews with the A&M PEPI practice?

like

What are the weirdest reasons you have heard for people being laid-off? I have heard someone getting laid off because they missed submitting their time-sheets for 3 times in a year.

like

Anyone live in east harlem in New York around 104th street? Thinking of leasing near there. Is the neighborhood fairly safe?

like

$DPZ 370c 3/27

like

Hello Fishes,
We are looking for Python developer with exp. of 2+ years.
Company name - PwC India (base Kolkata)
Any Python developer who has interest in it do ping here.

Is there anyone who completed the last SHL test and is waiting for the result or call back from HR. For me it's almost a week now after completing the last SHL test but no reply from HR.

Note: Completed all the rounds and documents are also submitted.

Please share here if anyone faces the same situation or any relevant scenario.

like

Hi all! As part of joining formalities, Barclays requires the document showing epfo linked with Aadhar. I have not linked aadhar with epfo. Only pan linked. Is there any alternatives available?
Also I tried aadhar seeding in Umang app, that too didnt work.

like

Is there any specific payscale for each corporate grade band?

like

Is it common to receive feedback after multiple interviews?

Got a rejection late last night after probably 3 hours of interviews and a take home assignment & presentation. They told me they wanted to consider me for other positions, but would like to know if there is anything actionable I can improve on for other companies.

This was for a unicorn tech/healthcare startup.

like

Am I understanding utilization rate correctly? It’s chargeable time over total time? Charged 40 hours and had 10 hours non-charge so my utilization is 80%? If so, wouldn’t it benefit me to understate non-charge hours so my utilization is higher since they only really care about chargeable time anyways? Charge 40 hours still but only put 5 hours non-charge for utilization to be 89% instead of 80%? Or am I misunderstanding how utilization works?

like

Via @NonEquityPartner on Instagram

Post Photo
likefunny

I wipe boogers on the seats of every Uber I ride in.

like

If I have to book 20 meetings a month, how many conversations do I need to be having a day ( email, LinkedIn, cold calls, dark social ) with a drop out rate at 20%.

Hello! What is the best way to structure a discovery call for SaaS sales? e.g. share a deck, only focus on their use case (current state, goals, pain, etc.), share a story, etc. Lastly, how do you go further than surface level, like if they mention they are having issues with xyz, which is usually a symptom of the problem and not the problem itself. Any info would be appreciated, thanks.

like

What happens if I get terminated from Infosys? I will never join IT anymore so will it be a problem if I get myself fired?

like
like

Thoughts on specialty life insurance? I don’t have my LLQP. This is based in canada. They are offering paid training

like

Additional Posts in Cyber Security Bowl

Privacy fish - Anyone taken the CIPM and can share what the exam is like?

Content outline seems like application of standard consulting approach, so how do they test it on an exam?

On a phone call today, my client suggested our project team provide 24/7 coverage for scanning support. My team size is two, including myself.

Post Photo
likefunnysmart

Anyone studying toward the CIPM have any tips or study resources? Particularly those with a legal background working in privacy and regulatory compliance (non-IT cybersec). Would be delighted to connect. TIA ⭐

like

What cert to go for next? Currently have AWS-SAA and Security+. Thinking about CISSP but how difficult is it compared to the AWS-SAA?

likefunny

AWS Cloud question- what the difference between an SCP and IAM? Thanks in advance

like

Any tripwire pros here? How did you get started?

like

Do we have professionals from Brisbane, or other Australian cities here?

I wanted to know what do you guys think I should ask for expected compensation - my profile is :

3 Years into InfoSec compliance around ISO27001; SSAE-18; CIS

1 Year into Identity and Access Management (PAM focussed)

Holding ISO27001LA, CompTIA Security+, AZ900.

In next 4 months I target to achieve AZ500, and CISSP.

Can someone please evaluate and tell me what can I ask in AUD ? Pre and Post CISSP

Thanks in Advance

like

Views on carbon black as a product?

helpful

Any recommended study material for CIPP and/or CIPM (still debating the two)?

Deloitte 🐠, does your company cover tech courses in the first year? Looking to make a move over there but also wanna take a SANS course soon

like

Salary range for PwC S1 in Cyber Risk MCOL?

like

Hello Deloitte 🐠 20 YOE. Have referral for a content and marketing M role in cybersecurity -- the focus of my career pivot. Submitted my application today, but my referrer isn't in Cyber. Interested to widen my Deloitte Cyber network to get my resume in front of a human, since ATS has no vision or imagination. If you're willing to connect, please DM. So far, made it several interview rounds into roles with EY and Accenture. Optimistic, but want to be as proactive as possible. Thanks!

like

For those who have passed the CIPM exam, what is it like (and how does it compare to the CIPP/US exam)?

Anyone ever heard of or worked for Sygnia?

like

How long did you guys study for The new cissp exam , and how are the questions like on the exam

like

Deloitte Cyber, how long did it take you to receive an offer after final interview?

like

Has anyone gone through the deloitte cyber risk interview process recently? How many interviews did you have and how was the process?? Salary?

like

Is there a demand for privacy professionals? Been seeing this discussed more and more recently

like

For 🐠 who got your CISSP, about how much study time did it take you? E.g. how many weeks/months did you study for, and how many hrs/week? It's a goal of mine to get certified, just trying to (cont.)

likefunny

I have a younger family member (almost 13) who is very interested in cybersecurity. How can this person learn and grow in a safe manner if he/she isn’t near a city with youth clubs and etc? Idea is to reinforce ethics, but this material is far too advanced for the parents.

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal