I currently work as Helpdesk analyst for a company that produces projectors. I am on the NOC that field technicians call into for any assistance. I would describe my job as having some elements of network, software, and hardware troubleshooting. Ultimately with my end goal I want to get into cybersecurity and be on a SOC somewhere. To achieve that I am working on my Net+ and building a home lab with some hardware I have to practice building a virtual network. Eventually I want to develop my coding skill and get my Sec+ and other certs. What are the opinions of those who are in both industries and any advice?
I currently work in cybersecurity in a Senior Incident Response role. Fair warning, my opinion is biased by my own route into cybersecurity and the fact that I deal with incidents and not managing people. Though, I do get involved in interviewing and hiring. I’d say you have a good start at it. While I am sure I will be accused of gatekeeping, I much prefer working with analysts who have spent time in help desk and even as a sysadmin/netadmin. It helps if you have a good understanding of how systems and networks work. I don’t expect new analysts to just jump into Wireshark and start reading through packets with me (I’m a weirdo who really enjoys that), but I will assume that I can talk, at a high level, about TCP/UDP, LDAP, SMB/CIFS, RDP or SSH and they won’t be completely lost. Though, no one is expected to know everything and we all have our weak spots; so, don’t be intimidated if any of that acronym soup isn’t instantly familiar. Everyone is Googling stuff constantly. You’ll memorize some of it due to repetition, but never be afraid to ask questions.
The last time my company was hiring for the SOC, the number one thing I was looking for in interviews was some evidence of an inquisitive mind. Someone geeking out over their home lab, TryHackMe or stuff like that was a sure-fire way to get my vote. I tend to be ambivalent about certs. I had some Windows 2000 certs (technically, those don’t expire, but ya…), a Sec+ (it’s expired) and an active CISSP (mile wide, inch deep, only useful for impressing hiring managers). I took a week long, in person training for the CEH but never took the test due to the COVID pandemic. Also, if the course (an official EC-Council course) was anything to judge by, that cert is just high-grade bullshit. I also have dealt with far too many “paper tigers” in my career to fall over swooning when someone has a bunch of alphabet soup behind their name. So, while I would recommend getting some certs, hiring managers love them, don’t get too caught up on them. You’ll learn far more just breaking stuff and troubleshooting it. The Net+/Sec+ duo is usually a good start.
On coding skills, I do recommend getting some ability to read/write code. The language isn’t super important. Python is a good one to have some literacy in, it gets used everywhere. But, unless you are going to push heavily into security development, you don’t need to be at the same level as a developer. If you can pop open exploits in exploit-db.com and make sense of what they are doing, and be sure the code isn’t going to root your test box, that’s usually enough.
Let me also recommend that you work to keep your communications/writing skills sharp. A lot of what one does in cybersecurity revolves around getting other people to do stuff. You will be regularly writing reports and needing to convince people to do stuff and/or explaining why you just kicked their system off the network. It really sucks to read incident reports from someone whose grasp of the language is lacking. Get in the habit of documenting what you do, taking screenshots, and writing in clear, concise language. You don’t need to be Shakespeare, but at least get your spelling right (spell check exists, use it), and get the basics of grammar down. If you hand me a resume with there/their/they’re mixed up, you’re going to walk into an interview with negative marks already against you.
On the upshot, now is a fantastic time to be getting into cybersecurity. Organizations are desperate to hire trained people and some will be willing to roll the dice on a less experienced analysts who shows potential. Feel free to ask questions, I enjoy what I do most days and am happy to talk about it.
How’d you get into IT? I feel like my path into computer work has been a bit unorthodox. I have a political science degree but no college experience with cs just otj experience. It feels like having my background definitely helps on the soft skills just may be a bit of hindrance compared to those with cs degrees.
I just kinda “fell” into IT. In terms of college, I hold an Associates Degree in Math/Science from a community college; so, slightly more than nothing, but only just. I was very lucky in that my father spent an insane amount of money in the early 80’s to buy a computer and then turned me loose on it. I was doing simple programming in GW-Basic by the time I was a teenager and got pretty good at making boot disks to play games. I just became that kid who “knew computers”. After leaving college, a friend of mine convinced me to put a resume in at the company he worked for. They needed a computer tech and I fit the bill. From there it was a long sequence of job hops every 3-5 years until I ended up as a sysadmin dealing with mostly Windows systems, Active Directory, Exchange and SQL. Plus, anything else which just needed someone to “figure it out”. That eventually landed me at a gig working as a sysadmin at a US FedGov site (which is why I got my CISSP). There I often worked closely with the cybersecurity team, as they would need stuff done on the domain, and I would get it done. When they had an opening on their team, they did everything short of drag me into the office to apply for that spot. I worked in cybersecurity for that site until a bit after the COVID pandemic when I got a message on LinkedIn about a “FULLY REMOTE” (yes, the message put that all in caps) position. I was curious and applied. I now work from home, reading other peoples’ email and trying to keep the network secure for a Fortune 500 company.
The best advice I can offer is: keep learning and never be afraid to just try.
A lot of my career is based around “oh shit, it’s broke. Here sylver_dragon, you figure it out.” I loved logic puzzles as a kid and now I basically do them for a living. I would also recommend nurturing professional relationships and don’t burn bridges you don’t need to. That friend, who got me my first IT job was also pivotal, about a decade later, in getting me to apply to a different company he worked for at the time. When I put my resume in, it passed through the hands of several different people, people whom I had worked with at that first job. Between my performance and them knowing what type of person I was, everyone one of them said, “yup, hire this guy”. Having good working relationships now can pay a lot of dividends in the future.
Start hacking the FBI until they notice and hire you.
Wanna help there’s always memes in numbers
Don’t spend too much money on certs. Employers should be paying for that. Maybe get Sec+ on your own dime (or if you can get your current employer to pay for it), but hold off on the more advanced and expensive certs until you find a job that pays for it.
The homelab is a great idea. If you want to get into a SOC role, maybe try setting up alienvault, ELK, or any of the opensource log analysis tools out there; and you can use the experience to demonstrate your knowledge on interviews.
I’ll echo this. Doing quite well for myself in IT and I have a big fat 0 for certs. I’ve interviewed many people for jobs as well, and I learned certs are bullshit.
Many will pay to have people do them for them. Or brain dump them. Many times I’ve danced circles around people that look way better on paper than me.
If you learn the concepts, work and apply them, get that hands on experience, it will help.
Honestly maybe even a quick run through an MSP is a good place to start. You get to touch a lot of things and learn quickly.
I’d recommend doing some CTFs and reading some write-ups on previous ones, https://ctftime.org/event/list/upcoming has a good listing of upcoming ones. It probably wouldn’t go on your resume, except maybe filler at the bottom, but can be a great thing to talk about in interviews.
I’ve been looking into forming a team with my friend who is also in IT. While they may not go on a resume, I was considering putting them on a personal portfolio website.
deleted by creator
Yeah that’s kind of what I have been doing, I have been trying to do things focused on networking and trying to understand cinema servers since many use a form of Linux. Though Microsoft skills always seem to be some of the most popular