Okay so I want to make my transition over to cyber security eventually, so what learning should I begin with in order to start getting my feet wet?

Posting as :
works at
You are currently posting as works at

You are in IT Audit

likefunny

Get the Security+ certification. Great coverage on topics and good mix between entry level introduction and practical knowledge

like

D1, Join BAH's commercial cyber strategy group. We just hired two IT auditors who wanted to do cyber so they got their CISSP. 😉

like

Let me know if any of you are interested in coming to EY cyber

like

You first need to figure out what part of cyber security you want to do: forensics? risk management? Pen testing? Engineering? App developer? Cloud engineer? GRC?

like

Deloitte 1, Right now I’m part of guidewire implementation projects for insurance clients.

like

I would say EY is the easiest to transfer into cyber internally out of the big 4. Deloitte likes to pigeon hole people and not let people move around. If you are looking to make the move my advice is to get your CISSP. Begin by learning frameworks and doing assessments. It will help you build a foundation

like

ACN cyber recruiting too ;)

like

Honestly with your audit background and having the CISSP, you might consider becoming a QSA for PCI-DSS. You get exposed to a ton of security policies procedures tools etc through the attestation process. None of the Big 4 are certified QSA companies though so unless you move you can’t officially be a QSA but the work might be interesting for you.

like

@D2 PwC is actually a QSA but we have a special agreement with the Council where we do not sign ROCs or SAQs, instead we focus on advising clients via PCI readiness, scope reduction, etc.
That being said, @OP - PwC Cyber is also hiring like crazy across the country. If you’d like to apply, happy to drop my burner. We’ve pulled a few IT auditors over into our Cyber Risk Management portion of cyber.

like

Check out the sans blogs. Tons of great resources.

like

People- you're at a consulting firm with thousands of people. If you haven't figured it out - progress is half your personal work ethic half your political skills to get people to go to bat for you

like

PwC4. Spot on!

like

Tell me about it.. I am in IT audit.. I got CISSP and technology background.. yet haven’t been able to move.. what am I doing wrong..

U wanna try ur hand at ACn? Can probably do our strategy and risk domain under cyber

SCS 1, I’m leaning towards risk management..

EY OP.. what is that u do now?

To the EY people, cyber is not easy to transfer into. If anything it’s harder because almost everyone in the IT audit world wants to switch into that line of work.

It is if you a high performer on the IT audit side, you take on work outside of your audits, you pursue certifications, and you network with the right people

Related Posts

I’m interested in reaching for a position as manager for a local retailer, but I hate having to play the bad guy. How can I become more comfortable with fulfilling that role?

like

Advice on taking and passing the SPHR exam?

likehelpful

I started a new job in August. What’s the earliest I can start looking for something new? I don’t see a future for myself on this team and I don’t see them helping my career goals.

I don’t want to stay longer than I need to but I know a job search requires some time

likehelpful

Does anyone know what an IT Network Inventory Specialist is as a designation?

I graduated with my MBA in finance in 2020 and began working at a bank as a Management Trainee. 2 years later, I am an assistant to a financial advisor studying to become a financial advisor. However, I have to do this on MY time and not the bank's.
I am not in a Management position, I make as much as a teacher in a good district and I just don't feel my overall self worth at this job. Does anyone have any advice that can help this situation?

like

Nervously waiting on CPA exam results over here… How did people feel coming out of AUD? I felt very prepared going into the exam and don’t usually get much test anxiety, but was surprisingly not confident as I actually took it.

like

Is joining consulting just for the exit opportunities a bad idea? If you had other good offers coming out of college would you still choose to go into consulting?

like

Anyone knows the best fintech firms that offer Technical Product Manager roles? Looking to make a change from Microsoft into a smaller sized company that is still innovative.

like

I start a master’s in global management in August. I am thinking of getting an online certificate during this time. I am interested in strategy, international development, trade/commerce, and consulting. My background: I am 23. I have a BA in Latin American Studies and History. I speak english and Spanish and I am learning basic Mandarin.

like

Hey, looking for a good work life balance company for analyst position so as to find out some time for competitive exam preparation. Any suggestions?

like

Do you think it’s better to work at a startup - in hopes of an IPO, or is it better to work for a Big 4 tech company? (In hopes of making the most money)

like

I feel like I lost track of my progress as a soldier, I used to take into account any variable, all my workout and training hours, but now I just let it flow and don't plan as often anymore, I wonder if that will affect my development

like

Is there a good argument for getting both PHR and SHRM-CP?

like

Looking for a mentor for career advice;
I can trade free cocktails, German language tutoring and my list to underground techno parties (in Berlin and Brooklyn).

DM me for details 🖤

likefunny

What is the best way to start your ACCA journey as an associate ? ( knowing i have the first 3 exams as exemptions)

like

Hi fishes,

I have an offer with Fujitsu as Application developer in Application development and management services

Tech: .net, SQL
Yoe: 3

How is Career growth and job security in Fujitsu?
I was confirmed with Developer role at the time of interview. Will i surely get development role or they will put in any role?

like

Would you accept a RMA position at Brown Brothers Harriman? Do you believe the job could open opportunities and be interesting?

like

Anyone made the switch from Tax/Audit to analyst/Consulting?
What's your favorite thing about the switch?

I just received an offer from Accenture as an Analyst for something unrelated to my last position. Really fired up. 🎉

like

How often/rare and difficult is it to get early (2 or 2.5 instead of 3 years) promoted to senior (Assurance) at pwc? Share your story

like

More Posts

What you should do when dealing with a very toxic worker that keep on sending passive aggressive messages to you as well as in group chat and email.
Things like when you answer his question he respond: I know that
Or when he keeps on saying my change requests were just minor in group meeting but actually not.
And keep on saying how hard he works when he clearly wasn’t and already underperformed compared to an intern level.

How to not let this toxic co-worker not poison me any further?

like

What irks me is when you connect to someone on platforms like LinkedIn for example but you have a feeling that your connections are just using you to rake in numbers. You can’t get to chat with them (to know them) or even see anything of benefit in being acquainted to them.

like

Hi All, anyone interested in below Job profile, please share your email I'd.

Post Photo
like

Anyone kind enough to help me start a PE fund model with a waterfall.
Struggling to get started.

like

Has anyone here come across inspiring planning portfolios recently? If so, how where they set up, what did they include? Thank you!

like

Is Columbia EMBA worth it in terms of prestige, opportunities, RoI? It seems too easy to get in with 3-4 options for EMBA and their class profile, videos, and testimonies doesn’t seem competitive

like

A recruited asked to chat over the phone to discuss my emailed counter offer. I countered at $75k even though their top of the salary range was $68k. I have my reasons for countering, including increased out of pocket expenses for benefits and overall experience I bring to the table. What can I expect from the call?

like

This bowl is undersubscribed - there are 4700+ EY bowl members, and only 420 LGBT members for all firms!? Time to recruit!

like

Anyone using a glassdoor alternative/competitor? Why not glassdoor?

like

Hi all,

What's the market standard package of Data analysts with skills: Adv Excel, python,SQL, tableau, Power Bi

like

Hi everyone, was wondering if anyone here can recommend a shop where I can get my iPhone screen repaired? My phone just fell off my hand! 😔

like

Allyship
I recently failed in an opportunity to show allyship. During a meeting, the presenter called an attendee the English version of the attendee’s (ethnic) name.

I noticed it right away, and thought about it but failed to correct them. The person whose name was colonized was very hurt and expressed it.

Next time, I won’t hesitate. I’ll be ready next time.

Have you had any similar experiences?

like

Will any of you be going out of your way to address the social climate of today or even go as far to create a unit or embed it into regular class instruction/ rehearsal? Why or why not?

like

Those with student loans how do you feel about federal student loans potentially being paused again? Probably until after the midterms...

Have you been paying even though you don't have to? Why or why not?

Does walmart give permanent work from home in India ?

like

Joined EY on March, so hike will also be pro data basis like we have bonus?

like

Deloitte's poor management & culture is starting to wear on me. Prob some residual resentment at how layoffs were handled tbh. Has anyone left D for another Big 4 & care to share if grass is greener?

like

Can you be on paid or unpaid leave while on h1b? I'm just so burned out and want to be on leave for a month

likehelpful

Is WLB in the region really as bad as it's made out to be? Any firms or countries to target that offer better wlb than others?

Additional Posts in Cyber Security Bowl

Georgia Tech Cybersecurity masters or the analytics masters? Currently in a cyber role at Deloitte. I was thinking it might be better to do the analytics master and get a CISSP. I feel like there is more value in the cissp than a MS cybersecurity

like

Got screwed over by promotions for the second year in a row. Ready to jump. Anyone hiring seniors? Thanks!

Comp for Google cyber threat intelligence analyst? (UK)

Currently in D cyber risk and considering this role - anyone know £ and WFH/remote options?

like

Best states and countries for cyber security?

like

Can anyone recommend a good book/materials to prep for the CIPP/CIPM? 🙏🏽

Should I stay in cybersecurity at EY (generalist - senior consultant ) or join google as a Cloud Infra consultant? (Not security related)
While google may pay more now, isn’t security better long term?

like

Can someone provide me with the contact info of the recruiter for someone for the Deloitte Cybersecurity group? I am trying to help place a student looking to work with their incident response team 🤘

My manager asked me today which area in cyber do I want to focus my career in moving forward, and I honestly had no answer. Being 23, and only having background in python and data analytics I haven’t really thought about which area in cyber would peak my interest/would be a right fit. Guessing it would be a lot of trail and error on my part. But I wanted to see if you guys can provide some guidance into any specific areas that is interesting/good for beginners (Excluding Pentesting). Thanks!

like

Woot have my cissp and want to enter cloud security. Should I pursue ccsp, aws cloud cert, some other cyber cert?

like