Post APbarycbgUluU8h3fU by MrsMouse@social.dsmouse.net
(DIR) More posts by MrsMouse@social.dsmouse.net
(DIR) Post #APbR7cCpnI8c3WSOMC by tek@freeradical.zone
2022-11-14T18:33:24Z
0 likes, 0 repeats
I have a friend who wants to get into #infosec. Hiring managers and recent hires: is there a training or certification program that strikes you as genuinely good and helpful for both learning and for getting a foot in the door?
(DIR) Post #APbReQN6oYvKuOuJlI by __p__e__t__e__@infosec.exchange
2022-11-14T18:39:16Z
0 likes, 0 repeats
@tek not a recruiter but trying to break into infosec like your friend. Foundations are important. The knowledge the CCNA / CompTIA A+ give are required. The cert would then be something like the CompTIA Security+.Full disclosure: I don't have any of those having committed too much time to school. Working on that currently.
(DIR) Post #APbSLRao9PZB9CpPt2 by djglass@infosec.exchange
2022-11-14T18:47:02Z
0 likes, 0 repeats
@tek Infosec as a profession is as wide and deep as IT and unfortunately specialization has become the norm at the entry level. Does your friend have a specific subject or career path they are interested in?
(DIR) Post #APbTVIrVZ90Yv5u9vU by MaaikeV@mastodon.social
2022-11-14T19:00:04Z
0 likes, 0 repeats
@tek has he read @alyssam_infosec’s book A cybersecurity career guide yet?https://www.manning.com/books/cybersecurity-career-guide
(DIR) Post #APbTiU0dQqkvFzSU52 by kamenrunner@freeradical.zone
2022-11-14T19:02:33Z
0 likes, 0 repeats
@tek @alyssam_infosec Alyssa Miller might be able to chime in. Would suggest checking out at a library Alyssa's book which has been well received by the community:https://www.simonandschuster.com/books/Cybersecurity-Career-Guide/Alyssa-Miller/9781617298202
(DIR) Post #APbTqF6cj6LdLqxYh6 by erosdiscordia@hackers.town
2022-11-14T19:03:49Z
0 likes, 1 repeats
@tek If your friend is a woman, POC, or gender/sexual minority, they can check this out this coming April:https://www.sans.org/scholarship-academies/diversity-academy/My preparation for that application included a lot of study for the A+, Net+, and Sec+, from books and videos (especially the Messer videos).Pay-what-you-can 4-day training sessions from John Strand / BHIS also helped an absolute TON:https://www.antisyphontraining.com/pay-what-you-can/
(DIR) Post #APbUWVkbER5D8XoTke by kamenrunner@freeradical.zone
2022-11-14T19:11:36Z
0 likes, 0 repeats
@tek Not a hiring manager, but I've seen this $50 in cert and training for (ISC)² Certified in Cybersecurity℠ shared a lot in my circles. Also seen Alyssa's book recommendedhttps://www.isc2.org/1mcc#
(DIR) Post #APbaQCWiOOsPVCh2PY by szakib@freeradical.zone
2022-11-14T20:17:34Z
0 likes, 0 repeats
@tek IT. Fundamentals: ITIL, helpdesk. Work at an org that has an ISO 27001 (or maybe Tisax) certification and participate in audits. As someone else said, do stuff, participate in things, hack the planet!Nowasays (since Solarwinds) there is also a side-path from DevOps: securing CI/CD + 3rd party stuff.The mindset is very important: always think about how things can break / be broken. I'm not sure if that's learnable, though.
(DIR) Post #APbarycbgUluU8h3fU by MrsMouse@social.dsmouse.net
2022-11-14T20:23:07Z
0 likes, 0 repeats
@tek does he have a goal job in infosec, or just... laterally transfer to managing a SOC team or something
(DIR) Post #APbaz1yhbV6UvDONHM by szakib@freeradical.zone
2022-11-14T20:23:58Z
0 likes, 0 repeats
@tek IT. Fundamentals: ITIL, helpdesk. Work at an org that has an ISO 27001 (or maybe Tisax) certification and participate in audits. As someone else said, do stuff, participate in things, hack the planet!Nowadays (since Solarwinds) there is also a side-path from DevOps: securing CI/CD + 3rd party stuff, passwords, signing keys.The adversarial mindset is very important: always think about how things can break / be broken. I'm not sure if that's learnable, though.
(DIR) Post #APc65tZUM5DjSHLsES by crowfather@ioc.exchange
2022-11-15T02:12:34Z
0 likes, 0 repeats
@tek if he's got the money then the SANS institute is world renowned.