Looking for advice



Post Tue Sep 09, 2008 6:58 pm

Looking for advice

Hello all.

Kinda hoping someone can point me in the right direction.  I just recently graduated and was hoping to get a job in the security field which didn't pan out too well.  While taking 6 months to find a job everyone kept coming back with the "not enough exp" card.  Any advice on how I can build exp without actually having a security related job?  ???

If you want some background:  I did my BS in 2 years in Computer Science, with a minor in Business Management, I have the A+, Net+, and am 1 test away from MCSA, I have done helpdesk IT for retail for 5 years and just recently got hired by a school's IT dept (again for helpdesk).


User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Tue Sep 09, 2008 7:51 pm

Re: Looking for advice

Just my humble opinion on it, but here are a few ideas.  Do you know what sub field of Security you are interested in?  Network, Auditing, Pen Testing, Testing Code, forensics, C level?  What is your goal, figure that out and plan accordingly.  There is another thread going about various specialties in the Security field and the various certs that go along with that.  If you are after Pen testing, plan accordingly.  C level... make sure you're getting your CISSP etc.  When you lack the experience in the field certs can get you closer to an interview... and they make HR feel important. 

1)  Plan certs according to desired path.
2)  Study.  Besides working full time, and going back to school fulltime, I spend lots of my bus ride/free time shoring up my weak points.
3)  Network, which is part of why you are here I assume!

Without knowing what are your goals, it is difficult to give advice.

My own path is going like this:

I started helpdesk, but had the goal in mind of doing security.  A bit of my work is devoted still, unfortunately, to taking care of tickets; though a growing amount of my time at work is devoted to Network security and very soon vulnerability testing.  How I made the transition was by increasing my own personal knowledge on the subjects, and working to make myself indespensable at the office in said areas.  I had a heavy background in the networking via my CCNA courses etc, so moving toward network security was a no brainer for me.  I have started moving toward the vuln scanning aspect... because I caught someone scanning my work computer... and traced it back to one of the source IP.  I then emailed the gentleman who is contracted to do the scanning... and politely mentioned some ways he could do so better via following a few tips from the Nessus user manual.  Make your interest known to your boss, and get in contact with the people currently in those positions.  That is to say... if you are interested in getting the experience at your current job in that capacity.  If the school you are working for... lacks any security (computer), perhaps you should make a case to the network admin for such.  Offer your services, even if you are just planning to use it as a way to pad your resume with 'security' experience. 

In the end, the best advice I can give is to read up on AND experience (even if at home in a home lab) the security concepts you are hoping to be working toward for your target job in security.  If you want to pen test, start reading networking, coding, protocols, and learning tools.  If code assurance is your thing, learn your fuzzers and such... AND your code.  If you know what you are doing in the desired field you are going for, and you can demonstrate it to the person you are seeking employment from... (perhaps a group you meet at a Con or conference), you will have an in.  I'm sure others here will have far more experienced advice, but I hope mine has been somewhat helpful. 
"Bad.. Good?  I'm the guy with the gun"


Post Tue Sep 09, 2008 8:18 pm

Re: Looking for advice

Thanks for the reply, it is def a step in the right direction.  I am interested in pen testing for certain.  I like programming as a hobby and learning it but I wish it to remain a hobby ;)  I'm pretty good with networking and although I haven't passed the CCNA I have read the books.  I have a lab at home so I try to practice with whatever I can get my hands on.  I  haven't worked at my current job very long although I have tried from the bat to show them I am interested in security. 

Return to Career Central

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software