Is security+ a good entry cert to help transfer to cyber positions (vulnerability mgmt/threat intelligence)? I come from a IT governance and controls background. Been applying to cyber positions but no luck.. Also don't feel like studying for cissp right now. I got CISA and CISM

like
Posting as :
works at
You are currently posting as works at

2nd a lot of what’s been said. I see a Sec+ come in for an entry level app, I’d give it more attention than another that didn’t but experience > all. That said, if you’re looking specifically for VM roles adding on vendor certs would help a lot too (if they’re free though usually not). As mentioned elsewhere, get familiar w at least one VM tool, start slamming some VMs from VulnHub, or look at Juice Shop and Multillidae (both very OWASP and web app focused). Also consider looking at flAWS.cloud and flAWS2.cloud to gain a better understanding of common vuln sec configs in cloud (spec AWS). Start getting up to speed on current events (vuln reported) and try to understand them. Familiarize yourself with CVEs and understanding them and how they relate to the overall VM process, which you had better understand (including possible remediations and controls l). Google, NIST, and your own company resources are a good place to look (both ppl and sample deliverables/templates if you have access to them). While you’re at it see if you can pickup a little python (bash and powershell as well if you can find the time). Lastly, consider building your own vuln VM in the cloud with a guide/hints - your “secrets” people hunt for could be insights into your personality, likes/dislikes, etc. instead of your typical hash.

likesmarthelpful

Its a check in the box for most places, what they are really looking for is hands on experience. I got my Sec+ and applied to a lot of places but no luck.

likehelpful

@SC1 look into vetsec. It's a community of veterans in cyber security. Lots of good people and good info.

Sec+ can be a door opener if you’ve got minimal cyber experience. Obviously experience is king, but you’ve got to start somewhere and it can give you an edge in a entry level role.

likefunny

Qualys offers free training and certifications that can help you stand out for vuln mgmt roles. I think some other vendors offer free certs as well.

likehelpful

I don’t think sec+ is enough. Do the cissp

likesmart

Cissp is a great cert to move from governance into more technical infosec. Besides, it gives you cred if you want to move up into management wether that will be technical or not.
Not like the investment is that huge.. The exam is 600 dollars?

like

In industry, yes it is. Especially government of you’re going that route.
Is your resume geared towards cyber, have you highlighted all your relevant governance and controls background?

smart

Yea, guess the ones I applied to want more technical skills. So governance work doesn't really make a difference

Also, if you want to start with some hands on and have a lab, you can get free licenses for Nessus, get Kali, and download machines from Vulnhub and HacktheBox for practice.

helpful

No. No one cares about Sec+ unless you are doing government work...

funny

CiSM covers a large check box. Isaca version of cissp and is in higher regard then sec+. From that standpoint you’re covered. I recommend u network ur way in because from a certain standpoint you’re covered.

smart

Sec+ is not worth your study or exam $, it’s basic. Get a top 3 vendor tool vuln mgmt tech cert (Qualys, Tenable, QRadar). If needed consider a SANS GIAC technical cert. Then your gold.

smart

Both of those qualify for cyber my friend. You good.

Related Posts

What is everyone making directly out of their I/O Psych or MBA programs? Bonus if you can provide insight on Associate Consulting roles

like

Currently a Federal Tax Manager looking to get away from compliance in at least some capacity. Has anyone ever done a rotation or taken on an internal role within Big 4, while also keeping some compliance clients? Not looking to reach that next promotion right away, I just don’t want to do tax returns forever and want to explore what’s out there before hitting the gas again on my career trajectory…advice? Deloitte seems supportive but I want to hear from someone who’s done it 🤷‍♀️

like

Anyone here currently interviewing or recently interviewed with Roland Berger? I’m wondering how different the process would be from MBB.

like

Hi fishes. I have an offer from BofA for senior analyst (Data Science). The interviewer said I'll be working on marketing analytics. Can any existing data science fishes in BofA tell me what to expect in in terms of learning and working on ML? 3Yoe Data Scientist.

like

I am having 6 year's of experience in Microsoft technologies. Core is SharePoint online.

Can anyone suggest how to prepare for Microsoft interview and what kind to interview process.

Is any suitable vacancies are there..

TIA.

Microsoft

likeuplifting

Is it normal to complete a project and present it to a client for the 3rd round of the interview process?

funnylike

Is 85k + 10% bonus fair for a financial analyst position in Orlando FL? I have zero finance experience but 4 YOE in planning/logistics and an MBA

like

Recently started working in ops consulting (specifically in government projects) but my educational background is in tech (not coding tho). I’m pretty new to my career in general and just concerned that it may be hard to pivot if I wanted later on? Is government operations too specialized if you don’t wanna work in government later on? Don’t get me wrong, I’ve really been enjoying it so far, but my only concern is the long term game if I ever decided to get out of consulting. Thoughts?

like

How common is it for ex-consultants to take loans to go to MBA (assuming no sponsorship)? Genuinely curious

like

I got an offer for an entry-level position for Deloitte at the USDC, (us delivery center) I have seen a lot of negative things on here regarding this division. Is there any reason why I shouldn’t accept? I also have an offer for a private firm that is considerably higher.

like

I am trying to land a role as a human resources business partner and I'm wondering which certification would be the best for me going forward. Phr? Shrm? Thoughts? Thanks!

like

I appeared for an interview with Sears past week and I got through it. Now, I read something about bankruptcy at sears and how transformco picked it up. Is Sears US and Sears Holdings India same? @SearsIndiaHolding

like

Hi! I’m a first-year associate working at a large regional firm. I attended a well-ranked, but regional law school and my grades weren’t stellar. School was never very motivating for me, and I put way more effort into internships and networking than my studies during law school. Luckily, I love to network and landed an awesome job at a big firm. Eventually, I’m hoping to work in-house. My question is this, will my grades always follow me? I’ve heard that with time and experience, not so much.

like

Clinical genetics/bioethics/counseling/rare disease trained clinician trying to pivot into life science consulting. I was referred to and applied to a few different roles at Deloitte - any idea on how long it could take to hear back after applying (if at all of course)?

like

Fishes, Any one attended interview IQVIA Technology stack: Java , Spring boot.? Please DM or commentTech Mahindra Tata Consultancy

likesmart

Recommendations for facilitator training for lawyers? More and more of my T&E practice is shifting to requests to facilitate family meetings on business succession, something I enjoy but have no formal training in. Would like to explore some training to add tools to my toolbox.

Any tips for an equity research analyst interview at canalyst Vancouver?

Just had 2 of 5 virtual/on-site PM interviews today and not feeling very confident going into day two on Friday. Time for a drank.

like

Any PE folks want to interview a rock star consultant who is burned out of the Monday to Thursday grind?

uplifting

More Posts

like

How do we get the market data of salary . I am looking for investment banking field. Any websites? Pls help

like

How can I connect with filmmakers to volunteer to be a part of their projects?

like

Hi Fishies,

I only have few days to decide which company to join.


Citiustech Healthcare Technologies or Wissen Technology (Client: Flipkart)

Please help in deciding based on wlb, projects etc . It will be of great help.

Thanks in advance.

like

Does anyone else feel like they haven’t developed any truly transferable skills? I’m a manager in our Internal Audit practice and I think this idea keeps me from exploring other options.

like

Have people tried to renegotiate their rent? I haven’t been laid off so don’t know if it’s ethical or worth to try to.

like

PwC give this last week of Dec as holiday every year. Does any of from CHWTIA has same policy?

What is the salary range of L6 Business Analytics Manager?

like

Can anyone please refer me to data analyst related roles in valuelabs.. i am already serving my notice period

like

What are people's thoughts on corporate Treasury roles, fortune 50.

What is the general compensation like and the career path after analyst? Is it more stimulating than FP&A? Does Treasury have desirable exit opportunities or do people typically continue the course and climb the company ladder?

like

פיטורים וכאלה:
סתם מסקרנות - האם יש פיטורים אצלכם בחברה?
אני אתחיל: רישמית אין פיטורים אצל Accenture אבל בפועל בשבועיים האחרונים היה ליל סכינים ארוכות בחסות העובדה שהיה שקט לפני דיווח רבעון והעובדה שכולם עובדים מהבית כך שאי אפשר לשים לב שמישהו נעלם.
בקרוב יש שיחות ביצועים והנחת היסוד ש10% התחתונים הולכים הביתה.
אבל רישמית "אין פיטורים".
מה אצלכם?

When interviewing as the first legal hire at a company, what questions should one ask?

like
like

Hi fellow fishes,

Capgemini engineering is hiring for multiple roles. Go to
https://www.capgemini.com/careers search for the role you are looking for and share the ref code as shown in the screenshot attached. To all my fellow data scientists and Java developers you can email me your resume along with a few details like your year of experience, notice period, offer in hand etc.

Email id- billion.electrons.1@gmail.com

Post Photo
like

Can I get a referral to Amazon/AWS I'm applying for field effectiveness role (sales & leadership dev and training)? L6

like

Been a week since my first round, how long does it take for big4s to come back with an update?

like

Hi Fishes,
I have received offer from Icon International PLC as a Validation Specialist II

How's the role and benefits and work-life balance in this company

Your information is kindly needed

Hi guys. So I have decided to give my resignation today. @Any idea who to contact? My coach or relationship manager? Or can i give it directly? Also if anyone goes through the same will appreciate some insight.

like

I’m trying to plan a ski trip for me and a bunch of friends (mid-20s), all first time skiers, any recommendations where to go? Preferably a place with a variety of activities and nightlife

like

Hello Fishes,
I have two offers in hand: 1 Senior Associate (MC) at PwC
2. Manager, Program Management at Amazon Selection & Catalogue team
Which one is better from career progression & WLB POV?

like

Additional Posts in Cyber Security Bowl

Consulting or industry?

like

VPN recommendations for personal device (iOS)? Thanks!

How many of these do y’all get a week? 😏

Post Photo
like

Folks interested in Deloitte Cyber, DM for a referral. WE NEED BODIES

funnylikeuplifting

Anybody know of a company hiring a junior penetration tester? I have a couple certifications and have passed numerous CTFs, and completed THM entry level courses, along with a couple TCM Security courses (Python 101, Linux 101, Ethical Hacking course) Security+, Network+, and Pentest+. But my degree is in Accounting, hopefully that doesn’t matter. I’m looking forwards to learning more!

like

Most impactful certifications for cyber?

like

What are some your favorite blogs, magazines, or news sources for security?

like

Which firm has the largest and most active red team or penetration testing services?

like

Do any firms actually “do” cyber properly or is it smoke and mirrors everywhere?

likefunny

I’m expecting an offer from Exabeam tomorrow’s thought on the company; product &/or culture? TY in advance!

like

Anyone have a security / bug bounty contact for New York's Excelsior Pass?

like