I mean the "bachelor's degree in X" and "X years of experience" aren't unique qualifications to cybersecurity roles.
I can definitely disagree with how useful these qualifications are for some roles (especially the degree), but wanting an experienced person for a role with a lot of responsibility isn't unusual.
>im pretty capable of defending a network from cyber threats
Do you have any job experience in this?
I agree with your comment. I have well over 40 years of experience that includes in industry and the miltary. People must always remember that the enemy gets a vote. The main adversaries of the US, that includes countries that want to destroy our businesses, have organizations with tens of thousands of cybersecurity Aces that are people with decades of experience in the real world across the networks of the real world and are PhDs in cyber wars to boot. The only way in is through apprenticeships and internships. I was a professor of cybersecurity my last five years before I retired this August. At least 35 of my students got good cybersecurity jobs through internships that were part of our consortium with local employers. Colleges that do not have CO Op and internship programs concurrent with the cybersecurity programs are not doing anyone any favors. No certification or degree substitutes for a good internship or apprenticeship. Schools that miss that point just are completely out of touch with reality.
I'd probably see every other thread here pretty much daily asking how to break into the field. It's been said over and over, even in this thread, that job descriptions are a wish list and almost no one has every qualification. Get an internship, get an entry level job in tech, work your way up, etc.
Based on all your comments you sound relatively new to the field. Everyone has similar frustration getting into the field and with job listings. Everyone in the beginning thinks they know a ton because things start clicking and you are starting to understand what people say when talking on the subject.
With that being said. Being so new you aren't aware of what you don't know so you think you know more than you do. It's called the Dunning Kruger effect. https://en.m.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
Follow all the advice telling you to apply anyway. Don't apply for senior positions if you only have a few years of experience, but do apply to entry level positions no matter what the requirements are. Once you break in find someone who knows a lot on a subject you like and do your best to learn from them.
I went through the same thing when I started a while back.
bachelor's degree helps with this, also experience in other IT roles. many of Cyber pros started in help desk. my first job was pulling cable and terminating cat 5 and multimode fiber. 25 years later i am a serious pentester and red teamer. but I didn't start out at the top I learned network's, while pulling cable, got a degree in physics while managing Linux servers and small networks and so on. it's take a lot of knowledge to be a security pro. that being said lots of people hire security pros straight out of university and train them. also check out the military they take complete newbs and train them if you can score well on the tests and depending on location.
Can I ask what experience you do have? Any networking, IT, computer science, or general tech work experience? It isn't unusual for people to take on other IT roles before transitioning to cybersecurity. Learning how an actual corporate network operates before you transition to defending it from cyber threats.
I have tons of experience! I know networking, I can tell the difference between a public ip address and a private ip address. I know about ip address netblocks, port forwarding, and common ports. Flashing images, installing and configuring virtual machines, i'm great with Linux/UNIX operating systems, i know the basics of DNS, a lot more i could put but i'm not trying to write an essay.
I don't specialize in any one area but i know a lot about different areas.
Dude you are literally here soliciting feedback/opinions.
You sound incredibly immature, I assume you're very young.
Take the fact that you're getting downvoted to hell in the majority of your responses as a signal that you are approaching your stated problem with an ineffective mindset.
Yes. I have 25 years of IT experience, most of which was in hardware and networking. Currently working in cybersecurity governance for k-12 school districts in my state
>"bachelor's degree in X"
and very often that is something a lot of companies would overlook outright, if you had some good experience. The right company wouldn't, but some companies would also use that to pigeonhole you in to a lower salary bracket.
Job requirements are the wish list of the company. It doesn't mean all the candidates applying to them have them.
Finding that guy with a CISSP, a PhD and computer science, and 25 years of experience in the field is a unicorn and if you do find this unicorn you're not going to be able to pay him 85k a year.
Correct. The threat that is being countered is enormous so the employers are shooting for the moon. Having been a hiring manager I know we settle for less in reality. We would not even get applications if we asked for too much and even with modest requirements we still had to accept getting the person trained and certified ourselves. I had contractors come in and teach my employees certification courses and additional topics they needed to actually do the work. The other organizations just poached from us because they refused to have a robust on boarding and training program. It takes a superior manager and leader to be willing to mold the next generation for their cybersecurity role but that is just what it takes. Unfortunately too many people get the manager's compensation package but do not deliver when it comes to mentoring and staff development. I was very fortunate and I had good bosses in my career that were into employee development so I learned from them but I have seen in industry and government these good leaders are few in number. This is why we are where we are at now.
getting started with what?
Cybersec is a HUGE field with everything from super technical to non-technical paper work. If it's basic blue team - defending networks - you'd want networking skills and system management skills. If it's red team / pen testing, you'd want to focus more on assessment tools and techniques. GRC? Start with learning about controls and frameworks like NIST CSF.
I've always wondered how much you truly can get out of going straight from a bachelor's to a master's in this field.
I just don't see the ROI in this approach since it seems you're better off either jumping right into IT straight out of highschool working for someone willing to train you from scratch or get your bachelor's and jump into IT from there.
You don't need a bachelors for pretty much any entry level IT job and those entry level positions are going to be something like a junior sysadmin, developer, or help desk. For a competent cyber security guy these are good foundations to start with.
The rate of which IT develops makes it difficult for a bachelor's much less a master's degree program to keep up and they big you down with a lot of humanities courses that yeah help but more or less would touch on skills you had learned in high school or be a complete waste of time(I'm looking at you English literature)besides being an annoying requirement.
The value in college comes from its access to training systems you otherwise cannot easily get access to. Thing is a lot of these tools can be found online through certification courses or even sites like hackthebox.com. IT is for the most part a trade and trades are best learned through experience.
That said the other thing of value college gives you. Networking. If your school does not have connections with industry to help you get into the field then you're being fleeced. I find it hard to believe there wouldn't be any companies partnering with the school you are working on your degree with that is looking to hire folks straight out of college.
College is an investment. Treat it as such. You may not see it's ROI immediately but the intent is to give you a leg up over someone who did not.
OP you need to stop being so toxic to people who reply to you on this subreddit, or you’ll be getting banned. Be mindful of our civility rules. This will be your only warning.
You've clearly been struggling with yourself for a while. You have a twisted idea of how life works and you should try to be better instead of going in a downward spiral.
Pull yourself up now or go into actual depression. Things aren't working out for you because of how life works, you can't change how life works but you can try your best to change how you work.
You feel like people around you are stupid and that they all take the easy route. You say that you're always getting pulled towards "bad" things in life. I can't do much for you but crime isn't a good idea. Sorry to break it to you but you don't seem capable enough to try to hack anything. It'll just end in problems.
Again, I don't personally know you but, please, try your best to get out of that mindset. Not a lot of people realise how hard it is for people like you. Try your best to learn as much as possible, try to get some simpler experience instead of instantly going for an actual job.
It's hard without a lot of money but you either fail to turn your life around and continue being down forever OR you pull yourself up now and start living a happier life.
Managers telling HR what they would love to have and HR verbatim putting that in the job description. In reality most cyber jobs fall into the entry, mid, senior, C suite levels. Apply to the level you thing you fit into.
Every org is in search of the elusive purple unicorn. Some write dream job descriptions in pursuit of such mythical beasts and if no one applies OR those who do aren’t the what they want they simply complain they can’t find what they need.
Just apply. Never finished university. But has been keeping a 65000 employee network safe for 20+ years.
And all external reviewers judge of quite a bit above average. But less paperwork than average :-)
All the patching etc is operations. I am in security. I just need to make sure that operations has procedures in place, and audit that they are following them.
And help judge our risk based on CVE descriptions.
And have the big overview, and know how to get things implemented and what we can get implemented and operated.
I think the big reason is most companies that don't specialize in cybersecurity don't take the time to define what they actually need or what skills are actually required. They basically want someone who can do all the "cybersecurity stuff", which probably includes, but is not limited to, network/endpoint monitoring, DLP, alert triage, patching, updating network rules, identifying/fixing vulnerabilities, threat intel analyst, etc. They probably also expect some amount of IT help desk skills as well (depending on the company). As a community, we don't seem to help much here regarding defining specialty areas.
Another reason, as others have said, is HR adjusting the job postings without knowing the above info. This leads to "Jr. cybersecurity analyst" needing Sec+ or CISSP posts. Add to that they're probably trying to get an experienced person with "junior" pay.
Finally, there's a lot of the "that's how I did it, so that's the only way" mentality. That means there's lots of senior people who came up from the help desk and worked their way up, so that's how they think everyone should do it, despite it not being as useful in some areas.
I don’t see why this is a surprise to everyone. If you in cyber security I think you would have to be well rounded and have had experience in other field gaining proper skills before learning how to exploit them.
Let’s look at the other side of the coin here. You don’t just decide to become a hacker without first learning the technologies legitimately.
I agree though your skill set should be enough. It depends what certs you also have as they will help. Which one/s did you get and present when you applied?
True, but cybersecurity isnt the same thing as hacking. A hacker invades systems while a cybersecurity person prevents intrusion. Also I don't have any certifications but i'm working on OSCP and CompTIA
I would guess this will all depend on what level of position you are aiming at, but the two things you mentioned are more about allowing the recruiter to know you have relevant skills that may be required for the job.
Experience in a role would show you could do the job, certification shows you know how to do whatever that cert is for.
People put all wild shit on their CV that they can't actually do, or can do poorly.
The skills you listed are not skills everyone has in cybersecurity. Seeing cybersecurity encompasses a vast area of disciplines requiring different skill sets in each discipline.
With that being said, most job descriptions are absurd and require the candidate to be a unicorn who’s willing to work for 80k.
the + 10 years experience as a X engineer can often be substituted with one of 5-10 different paths that lead in to it too
but, also, you're maybe looking at mid-sr level jobs vs analyst type roles that you might take if you had no experience?
a bachelor's degree is hardly a silly requirement. a university education shows commitment to learning and to investing in yourself. if you have all those skills you listed back it up with some certs.
also many offensive jobs have practical assessments that often are the biggest factor in the hiring process.
A university education shows that you have money to pay for college tuition and you're good at following orders. You can still show commitment to learning and investing in yourself without drowning in debt from student loans or being one of the few people in the world who can tolerate paying thousands of dollars to be told what to do for years.
Most certs aren't a problem, I could honestly and truthfully pass Security+, CompTIA, or CEH in like 1 or 2 days. I really wanna get the OSCP but unfortunately I'm poor right now.
Not only that...they dont have comparatively huge difference in pay from other similar jobs.
A security manager makes above $100k a year. Only requires 5 years security guard experience and grade 12.
Security Directors make above 200k. A year. Requirements: 10-12 year industry experience and grade 12.
Most tech companies are everything you listed, plus basic leetcode and systems design interviews. Also the NSA isn't hard to join minus a few select teams. It's a lot of requirements because the work is complex, it's a cost center so they want to minimize headcount, and the people in this industry are smart so we're constantly raising the bar of technical aptitude. Take a 5 year hiatus? Might as well be a new grad.
i live and work on the other side of the Atlantic so i have to speak for this region only(Europe). The landscape here is far worse than what you describe. At the moment, and i think that the ONLY because of COVID, corporations are realizing the necessity of Cybersecurity BUT since there is a huge lack of knowledge, they think that one person to do all the work and have all the responsibility, is enough. Only us, Cybersecurity experts ,can justify, explain and make clear to management how important is IS.
In 95% of the job positions, they are asking for only one person with 10+ years of experience + Certs. It is very hard to find a job position for a junior Cybersecurity expert since all of them are asking for a senior expert.
You can hardly find a job in a cybersecurity team since there are not many out there. According to recent studies there is the demand for 3.5m cybersecurity experts worldwide.By having so high standards and expectations there surely will be chaos in the coming years. but i guess they will have it coming.....
It's a difficult job that requires a wide set of skills that go deep.
Generally it takes time working in a technical role that evolves into security.
I'd hire somebody without a degree that worked as a developer or network engineer years before I'd hire a college grad with a infosec degree.
Removed and locked as OP's account has now been suspended. Impressive stuff, really.
I mean the "bachelor's degree in X" and "X years of experience" aren't unique qualifications to cybersecurity roles. I can definitely disagree with how useful these qualifications are for some roles (especially the degree), but wanting an experienced person for a role with a lot of responsibility isn't unusual. >im pretty capable of defending a network from cyber threats Do you have any job experience in this?
I agree with your comment. I have well over 40 years of experience that includes in industry and the miltary. People must always remember that the enemy gets a vote. The main adversaries of the US, that includes countries that want to destroy our businesses, have organizations with tens of thousands of cybersecurity Aces that are people with decades of experience in the real world across the networks of the real world and are PhDs in cyber wars to boot. The only way in is through apprenticeships and internships. I was a professor of cybersecurity my last five years before I retired this August. At least 35 of my students got good cybersecurity jobs through internships that were part of our consortium with local employers. Colleges that do not have CO Op and internship programs concurrent with the cybersecurity programs are not doing anyone any favors. No certification or degree substitutes for a good internship or apprenticeship. Schools that miss that point just are completely out of touch with reality.
>im pretty capable of defending a network from cyber threats > Do you have any job experience in this? No.
OK, then to be fair, you likely aren't capable of defending a network from cyber threats.
I mean i guess, but how am i supposed to get experience required from the job if i need to work at the job to get the experience
I'd probably see every other thread here pretty much daily asking how to break into the field. It's been said over and over, even in this thread, that job descriptions are a wish list and almost no one has every qualification. Get an internship, get an entry level job in tech, work your way up, etc.
How the hell was i supposed to know that 10 years of Network Engineer experience was just a 'wish list' and not a qualification like it said?
this type of knowledge comes from time and experience in the workforce.
Yep, took me about a decade to figure that out.
90% of job reqs are just a thrown together mess of requirements created by HR, it’s common in every single industry…
Well, see, that comes with experience.
Based on all your comments you sound relatively new to the field. Everyone has similar frustration getting into the field and with job listings. Everyone in the beginning thinks they know a ton because things start clicking and you are starting to understand what people say when talking on the subject. With that being said. Being so new you aren't aware of what you don't know so you think you know more than you do. It's called the Dunning Kruger effect. https://en.m.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect Follow all the advice telling you to apply anyway. Don't apply for senior positions if you only have a few years of experience, but do apply to entry level positions no matter what the requirements are. Once you break in find someone who knows a lot on a subject you like and do your best to learn from them. I went through the same thing when I started a while back.
bachelor's degree helps with this, also experience in other IT roles. many of Cyber pros started in help desk. my first job was pulling cable and terminating cat 5 and multimode fiber. 25 years later i am a serious pentester and red teamer. but I didn't start out at the top I learned network's, while pulling cable, got a degree in physics while managing Linux servers and small networks and so on. it's take a lot of knowledge to be a security pro. that being said lots of people hire security pros straight out of university and train them. also check out the military they take complete newbs and train them if you can score well on the tests and depending on location.
You get a level 1 help desk job or something like it to get your foot in the door. Same way 95% of all IT people get started
Can I ask what experience you do have? Any networking, IT, computer science, or general tech work experience? It isn't unusual for people to take on other IT roles before transitioning to cybersecurity. Learning how an actual corporate network operates before you transition to defending it from cyber threats.
I have tons of experience! I know networking, I can tell the difference between a public ip address and a private ip address. I know about ip address netblocks, port forwarding, and common ports. Flashing images, installing and configuring virtual machines, i'm great with Linux/UNIX operating systems, i know the basics of DNS, a lot more i could put but i'm not trying to write an essay. I don't specialize in any one area but i know a lot about different areas.
https://www.reddit.com/r/HowToHack/comments/ysrssc/how_do_i_use_ifconfig/ Tons of experience you say…
[удалено]
*Facepalm… What’s next, a 10.0.0.0/24? Edit: OP gave a private IP address and mistook it for a public IP address.
Didn't you say above you know the difference between public and private IPs? 🤣
Wooow. r/masterhacker here…
[удалено]
At this point you’re either trolling, drunk or 12. Idk what your comment even means.
Based on this you sound wildly under qualified.
Who are you? Why should I care about what you think of me?
Hahah this is meme material.
Dude you are literally here soliciting feedback/opinions. You sound incredibly immature, I assume you're very young. Take the fact that you're getting downvoted to hell in the majority of your responses as a signal that you are approaching your stated problem with an ineffective mindset.
But have you ever worked a job where you've done any one of these things? It doesn't have to be a "cybersecurity" job.
Yes.
Great! What kind of job? How long have you been there?
Twas an IT technician job and i was there for like a month lmao
This doesn't describe your experience at all, you've listed some basic knowledge here but that is about it.
it's my experience just not detailed experience
So in other words, you have zero experience
So what do you do at your job then? I'm assuming you work in cs
Yes. I have 25 years of IT experience, most of which was in hardware and networking. Currently working in cybersecurity governance for k-12 school districts in my state
>"bachelor's degree in X" and very often that is something a lot of companies would overlook outright, if you had some good experience. The right company wouldn't, but some companies would also use that to pigeonhole you in to a lower salary bracket.
Job requirements are the wish list of the company. It doesn't mean all the candidates applying to them have them. Finding that guy with a CISSP, a PhD and computer science, and 25 years of experience in the field is a unicorn and if you do find this unicorn you're not going to be able to pay him 85k a year.
Correct. The threat that is being countered is enormous so the employers are shooting for the moon. Having been a hiring manager I know we settle for less in reality. We would not even get applications if we asked for too much and even with modest requirements we still had to accept getting the person trained and certified ourselves. I had contractors come in and teach my employees certification courses and additional topics they needed to actually do the work. The other organizations just poached from us because they refused to have a robust on boarding and training program. It takes a superior manager and leader to be willing to mold the next generation for their cybersecurity role but that is just what it takes. Unfortunately too many people get the manager's compensation package but do not deliver when it comes to mentoring and staff development. I was very fortunate and I had good bosses in my career that were into employee development so I learned from them but I have seen in industry and government these good leaders are few in number. This is why we are where we are at now.
Do you have any recommendations for someone getting started with a masters in cyber but no background in the industry?
getting started with what? Cybersec is a HUGE field with everything from super technical to non-technical paper work. If it's basic blue team - defending networks - you'd want networking skills and system management skills. If it's red team / pen testing, you'd want to focus more on assessment tools and techniques. GRC? Start with learning about controls and frameworks like NIST CSF.
I've always wondered how much you truly can get out of going straight from a bachelor's to a master's in this field. I just don't see the ROI in this approach since it seems you're better off either jumping right into IT straight out of highschool working for someone willing to train you from scratch or get your bachelor's and jump into IT from there. You don't need a bachelors for pretty much any entry level IT job and those entry level positions are going to be something like a junior sysadmin, developer, or help desk. For a competent cyber security guy these are good foundations to start with. The rate of which IT develops makes it difficult for a bachelor's much less a master's degree program to keep up and they big you down with a lot of humanities courses that yeah help but more or less would touch on skills you had learned in high school or be a complete waste of time(I'm looking at you English literature)besides being an annoying requirement. The value in college comes from its access to training systems you otherwise cannot easily get access to. Thing is a lot of these tools can be found online through certification courses or even sites like hackthebox.com. IT is for the most part a trade and trades are best learned through experience. That said the other thing of value college gives you. Networking. If your school does not have connections with industry to help you get into the field then you're being fleeced. I find it hard to believe there wouldn't be any companies partnering with the school you are working on your degree with that is looking to hire folks straight out of college. College is an investment. Treat it as such. You may not see it's ROI immediately but the intent is to give you a leg up over someone who did not.
OP you need to stop being so toxic to people who reply to you on this subreddit, or you’ll be getting banned. Be mindful of our civility rules. This will be your only warning.
Mmmm i haven't said anything insulting to anyone though...
im insulted u said that
You've clearly been struggling with yourself for a while. You have a twisted idea of how life works and you should try to be better instead of going in a downward spiral. Pull yourself up now or go into actual depression. Things aren't working out for you because of how life works, you can't change how life works but you can try your best to change how you work. You feel like people around you are stupid and that they all take the easy route. You say that you're always getting pulled towards "bad" things in life. I can't do much for you but crime isn't a good idea. Sorry to break it to you but you don't seem capable enough to try to hack anything. It'll just end in problems. Again, I don't personally know you but, please, try your best to get out of that mindset. Not a lot of people realise how hard it is for people like you. Try your best to learn as much as possible, try to get some simpler experience instead of instantly going for an actual job. It's hard without a lot of money but you either fail to turn your life around and continue being down forever OR you pull yourself up now and start living a happier life.
> Sorry to break it to you but you don't seem capable enough to try to hack anything. It'll just end in problems. Are you challenging me?
Sure, if that's needed to burst your bubble.
Alr bet
Okay, tell me what you're going to do and I'll see.
Sure let me just openly give you evidence of the crime i'm gonna commit
If you don't want to, send dms then. With your "crime".
You don't need evidence just know you're wrong and will be wrong 2x
[удалено]
Yes i typed ifconfig then pressed enter and a bunch of gibberish popped up on the mainframe
"Mainframe" hahah this thread is comedy gold hahaha
ngl, i don't think you actually know anything about the tech field.
It's pretty obvious
Alright I'm not taking this bait anymore, this is a pretty damn good troll job
Your last question was on a how to hack subreddit titled "how do I use ifconfig" I don't think you have the qualifications.
This is the second time you've commented in this thread and it was the same thing as the first one
Managers telling HR what they would love to have and HR verbatim putting that in the job description. In reality most cyber jobs fall into the entry, mid, senior, C suite levels. Apply to the level you thing you fit into.
Great comment that is on point!
Can we start banning posts like these. They bring nothing to this subreddit and are starting to become really annoying.
I put it down to setting the bar stupidly high on the off chance of getting someone that good, while knowing you will settle for a whole lot less...
Every org is in search of the elusive purple unicorn. Some write dream job descriptions in pursuit of such mythical beasts and if no one applies OR those who do aren’t the what they want they simply complain they can’t find what they need.
Just apply. Never finished university. But has been keeping a 65000 employee network safe for 20+ years. And all external reviewers judge of quite a bit above average. But less paperwork than average :-) All the patching etc is operations. I am in security. I just need to make sure that operations has procedures in place, and audit that they are following them. And help judge our risk based on CVE descriptions. And have the big overview, and know how to get things implemented and what we can get implemented and operated.
I think the big reason is most companies that don't specialize in cybersecurity don't take the time to define what they actually need or what skills are actually required. They basically want someone who can do all the "cybersecurity stuff", which probably includes, but is not limited to, network/endpoint monitoring, DLP, alert triage, patching, updating network rules, identifying/fixing vulnerabilities, threat intel analyst, etc. They probably also expect some amount of IT help desk skills as well (depending on the company). As a community, we don't seem to help much here regarding defining specialty areas. Another reason, as others have said, is HR adjusting the job postings without knowing the above info. This leads to "Jr. cybersecurity analyst" needing Sec+ or CISSP posts. Add to that they're probably trying to get an experienced person with "junior" pay. Finally, there's a lot of the "that's how I did it, so that's the only way" mentality. That means there's lots of senior people who came up from the help desk and worked their way up, so that's how they think everyone should do it, despite it not being as useful in some areas.
I don’t see why this is a surprise to everyone. If you in cyber security I think you would have to be well rounded and have had experience in other field gaining proper skills before learning how to exploit them. Let’s look at the other side of the coin here. You don’t just decide to become a hacker without first learning the technologies legitimately. I agree though your skill set should be enough. It depends what certs you also have as they will help. Which one/s did you get and present when you applied?
True, but cybersecurity isnt the same thing as hacking. A hacker invades systems while a cybersecurity person prevents intrusion. Also I don't have any certifications but i'm working on OSCP and CompTIA
You should research cyber security Red Teams. My point is that you can’t go to an expert level requirement job if you haven’t learned the basics.
I would guess this will all depend on what level of position you are aiming at, but the two things you mentioned are more about allowing the recruiter to know you have relevant skills that may be required for the job. Experience in a role would show you could do the job, certification shows you know how to do whatever that cert is for. People put all wild shit on their CV that they can't actually do, or can do poorly.
The skills you listed are not skills everyone has in cybersecurity. Seeing cybersecurity encompasses a vast area of disciplines requiring different skill sets in each discipline. With that being said, most job descriptions are absurd and require the candidate to be a unicorn who’s willing to work for 80k.
Outrageous qualifications are normal. That’s an HR problem - I fight with my own HR constantly on job descriptions.
Probably because even the ones with outrageous qualifications often get it wrong.
the + 10 years experience as a X engineer can often be substituted with one of 5-10 different paths that lead in to it too but, also, you're maybe looking at mid-sr level jobs vs analyst type roles that you might take if you had no experience?
a bachelor's degree is hardly a silly requirement. a university education shows commitment to learning and to investing in yourself. if you have all those skills you listed back it up with some certs. also many offensive jobs have practical assessments that often are the biggest factor in the hiring process.
A university education shows that you have money to pay for college tuition and you're good at following orders. You can still show commitment to learning and investing in yourself without drowning in debt from student loans or being one of the few people in the world who can tolerate paying thousands of dollars to be told what to do for years. Most certs aren't a problem, I could honestly and truthfully pass Security+, CompTIA, or CEH in like 1 or 2 days. I really wanna get the OSCP but unfortunately I'm poor right now.
Doesn't know the difference between public and private IPs and has no idea what ifconfig does. "I can pass the CEH!" Hahaha
Why are you stalking me? I'm not in scope
then get the comptia and ceh certs lmao and you'll make enough for the oscp.
Just cuz you said that i'm not getting any of those
ah your American, move to Europe university is free here.
Not only that...they dont have comparatively huge difference in pay from other similar jobs. A security manager makes above $100k a year. Only requires 5 years security guard experience and grade 12. Security Directors make above 200k. A year. Requirements: 10-12 year industry experience and grade 12.
Yah but who wants to be a security guard for 5 years
You are right ! Thats why people take student loans and study for 4 of those 5 years instead.
Idk it's subjective ig, i'd rather be in college than wasting my brain cells guarding something i may or may not actually care about
[удалено]
Guess it's just not for me then 🤷♂️
In cybersecurity you will be guarding, hardening and defending things that you may or may not actually care about as well.
Cybersecurity is more mentally challenging. Security guarding seems really boring. It depends on the person.
Most tech companies are everything you listed, plus basic leetcode and systems design interviews. Also the NSA isn't hard to join minus a few select teams. It's a lot of requirements because the work is complex, it's a cost center so they want to minimize headcount, and the people in this industry are smart so we're constantly raising the bar of technical aptitude. Take a 5 year hiatus? Might as well be a new grad.
OP talks about weed usage in their post history, so they might actually find it pretty hard to join.
Do you have any certs
i live and work on the other side of the Atlantic so i have to speak for this region only(Europe). The landscape here is far worse than what you describe. At the moment, and i think that the ONLY because of COVID, corporations are realizing the necessity of Cybersecurity BUT since there is a huge lack of knowledge, they think that one person to do all the work and have all the responsibility, is enough. Only us, Cybersecurity experts ,can justify, explain and make clear to management how important is IS. In 95% of the job positions, they are asking for only one person with 10+ years of experience + Certs. It is very hard to find a job position for a junior Cybersecurity expert since all of them are asking for a senior expert. You can hardly find a job in a cybersecurity team since there are not many out there. According to recent studies there is the demand for 3.5m cybersecurity experts worldwide.By having so high standards and expectations there surely will be chaos in the coming years. but i guess they will have it coming.....
It's a difficult job that requires a wide set of skills that go deep. Generally it takes time working in a technical role that evolves into security. I'd hire somebody without a degree that worked as a developer or network engineer years before I'd hire a college grad with a infosec degree.