IT/Software career thread: Invert binary trees for dollars.

ZyyzYzzy · Aug 11, 2016

Noodleface said:
I don't have one and the job (if I am being offered the one I applied for - like I said, no one interviewing me knew what I was applying for) requires Secret clearance.

No TS/SCI but not bad.

Ao- · Aug 11, 2016

Big_w_powah said:
Security and Linux are my weak points in IT, unfortunately.

Well, Linux whatever, MS ain't going anywhere and since most large places are windows focused for endpoints, you won't have a problem.

But having security as a weakpoint? C'mon man. Do one of the free online trainings for Security+ equivalency to learn it. Most of it is common sense, some of it is "oddball" that you probably won't ever need to learn ("What's the correct heigh of a fence designed to keep intruders out?" fuck that noise, I work on servers).

Big_w_powah · Aug 11, 2016

Ao- said:
Well, Linux whatever, MS ain't going anywhere and since most large places are windows focused for endpoints, you won't have a problem.

But having security as a weakpoint? C'mon man. Do one of the free online trainings for Security+ equivalency to learn it. Most of it is common sense, some of it is "oddball" that you probably won't ever need to learn ("What's the correct heigh of a fence designed to keep intruders out?" fuck that noise, I work on servers).

Like, I know the basics. I get that ACLs are important, chinese walls for permissions, I know what an IPS is an how to configure it..I just don't have any formal training/experience in it beyond basic sysadmin stuff. I'm far from a specialist, basically.

a_skeleton_06 · Aug 11, 2016

I dunno. Everywhere that I interviewed last year was running tons of shit on RHEL/Centos for their backend. Having a firm grip on the Linux environment will open up a ton of doors for you, especially if you know Windows enough to be dangerous.

a_skeleton_03 · Aug 11, 2016

Big_w_powah said:
Like, I know the basics. I get that ACLs are important, chinese walls for permissions, I know what an IPS is an how to configure it..I just don't have any formal training/experience in it beyond basic sysadmin stuff. I'm far from a specialist, basically.

Set up a homelab and browse r/homelab on reddit for help with that.

I did that a couple months ago and you are browsing a forum now based on a lot of the things I learned and fine tuned.

Big_w_powah · Aug 11, 2016

a_skeleton_06 said:
I dunno. Everywhere that I interviewed last year was running tons of shit on RHEL/Centos for their backend. Having a firm grip on the Linux environment will open up a ton of doors for you, especially if you know Windows enough to be dangerous.

I'm a bit more than dangerous with Windows

Big_w_powah · Aug 11, 2016

a_skeleton_03 said:
Set up a homelab and browse r/homelab on reddit for help with that.

I did that a couple months ago and you are browsing a forum now based on a lot of the things I learned and fine tuned.

You're speaking of Linux, or Security? Cause for the homelab to have benefit for security I've gotta have a way to test if it worked.

a_skeleton_03 · Aug 11, 2016

Big_w_powah said:
You're speaking of Linux, or Security? Cause for the homelab to have benefit for security I've gotta have a way to test if it worked.

Both, start off with just linux and then make a VM for pen testing with that has metasploit or whatever else. Sure it is script kiddie stuff but you will learn with it.

Ao- · Aug 11, 2016

Big_w_powah said:
I'm a bit more than dangerous with Windows

Super dangerous?

a_skeleton_03 said:
Both, start off with just linux and then make a VM for pen testing with that has metasploit or whatever else. Sure it is script kiddie stuff but you will learn with it.

He's right. Fuck around with it until you're comfortable. Then get a Security+ or CISSP. The "CISSP" experience requirements are in 'domains' that you should have experience with just from doing normal computer work (some domains, not all...).

Big_w_powah · Aug 11, 2016

a_skeleton_03 said:
Both, start off with just linux and then make a VM for pen testing with that has metasploit or whatever else. Sure it is script kiddie stuff but you will learn with it.

Didnt even think of VMing up a pentest box. I guess I just need to screw around with Linux first.

Big_w_powah · Aug 11, 2016

Ao- said:
Super dangerous?

He's right. Fuck around with it until you're comfortable. Then get a Security+ or CISSP. The "CISSP" experience requirements are in 'domains' that you should have experience with just from doing normal computer work (some domains, not all...).

Yeah, I was responsible for DR for a long time--I just dont know a CISSP that can verify that shit to make it so I actually get the cert.

And yeah, I'd consider myself super dangerous with Windows. I can make it do what I want it to do pretty much without much issue.

Big_w_powah · Aug 11, 2016

Yeah, re looking at the domains I'd consider myself to have at least 5 years experience in at least two of those.

Ao- · Aug 11, 2016

Big_w_powah said:
Yeah, I was responsible for DR for a long time--I just dont know a CISSP that can verify that shit to make it so I actually get the cert.

And yeah, I'd consider myself super dangerous with Windows. I can make it do what I want it to do pretty much without much issue.

Go to one of the local security meetings for a few months, and after that see if someone in there will vouch for you. Or check if other people in your company have one.

Hell, you don't even need to have a someone with a cert endorse you, you can detail it all out: https://www.isc2.org/uploadedfiles/...ant-endorsement-help-form-universal-final.pdf

Tinycoffin · Aug 11, 2016

If your looking to go into management then do CISSP, It's the least hands on focused of any security cert out there. HR drones love it but most people that have come up through the ranks have little respect for it.

If your'e looking to get into red team / blue team work go with a SANs cert or OSCP

Big_w_powah · Aug 11, 2016

I'm just looking to get paid a decent wage to sysadmin shit..I've got no interest in being a gray hat pen tester or anti-cyber-icecream-terrorism shit. I just wanna come into work, fuck with day to day tasks, and work on some projects, while collecting more than a piddance.

a_skeleton_06 · Aug 11, 2016

That's sort of the problem with the SysAdm title, in general. In my experience, you're expected to have at least medium level knowledge across such a broad range of subject matter (Windows, Linux, SAN/NAS, SQL, Layer2/3, Firewalls, etc, etc) and the pay is rarely compensatory for these skills.

Big_w_powah · Aug 11, 2016

I'm using sysadmin as a very broad term, as you pointed out. I don't need the sysadmin title, however. I'd be glad to cruise along in whatever title they want to give me, doing whatever IT related (outside of what I outlined above--F that S) in whatever specialized discipline they want me in. Just right now I'm very much a generalist for the most part, with an amazing ability to troubleshoot (to toot my own horn), so maybe I'm more suited to a break/fix kinda role...Break/Fix just pays like shit.

To clarify my focus on pay: I just want to make a good, dont have to worry about shit getting paid pay. My 40k atm doesn't quite cut that, but its close. I have to budget a bit tighter than I'd like.

a_skeleton_06 · Aug 11, 2016

Good example -

SA gig - Pays 80k - Requirements

Responsibilities:
* Manages and maintains all corporate servers running AD, DNS, DHCP with little or no supervision
* Reviews and architects Active Directory design improvements
* Maintains/updates: Exchange 2010, Lync 2010 and SharePoint 2010
* Configures and maintains SAN solution
* Manages Patch management processes

REQUIREMENTS:
* Must have Bachelor's degree
* Understands networking technologies and infrastructure
* Understands Windows infrastructure (AD, DNS, GPO, etc)
* Microsoft technical design and implementation experience
* Exchange 2003/2010
* Lync 2010
* SharePoint 2007/2010
* MS HyperV
* Excellent fundamental problem solving and analytical skills
* Able to maintain a high level of confidentiality
* Excellent oral and written communication skills
* PowerShell Scripting
* Experience with clustering

DBA - Pays up to 125k - Requirements

*Provide technical support for warehouse management systems (WMS) including user support and IT system software configuration/maintenance.

*Administration of Microsoft SQL database structure
*Develop and maintain WMS software functionality
*Facilitate problem/issue resolution and business process analysis/ improvements.
*Security and user maintenance for SQL software.
*Highjump software experience is a plus, but not mandatory.
*Education/Certification requirements

BS in MIS, Computer Science or equivalent is required

Core Competencies

*Microsoft SQL database architecture and support
*Knowledge of Warehouse Management Systems
*Understanding of systems development life cycle (SDLC)
*Microsoft office proficient (Work, Excel, etc.)

Big_w_powah · Aug 11, 2016

I will take either of those jobs..IDGAF.

Daelos · Aug 11, 2016

Starting a new job on Monday.

I lucked into infosec some 13 years ago when I started my career: I have a degree in CompSci that was very much a Software Engineering-degree, but graduated together with the bubble bursting and there were no coding jobs to be found for months. So I got desperate, and applied for a job in something they called a sock. Which turned out to be a SOC, and started my career on what turned out to be a very useful trajectory.
Some years as IDS/firewall admin, security architecture design, governance/risk/compliance and later security monitoring consultancy later, I'm about to make the next jump.

Since I started my career I've been with small consultancies (30-100 employees), and on Monday I start as an Expert InfoSec Advisor for the biggest bank in Norway. So, it's time to navigate the political side of business as well as just making do with my technical/subject matter knowledge. And I'm more than a bit apprehensive - this is one area where I'll probably discover that I suck. So; learning curve is going to be steep and interesting.

I can't wait, though. Never looked this much forward to starting a new job.

Search

IT/Software career thread: Invert binary trees for dollars.

ZyyzYzzy

RIP USA

Ao-

¯\_(ツ)_/¯

Big_w_powah

Trakanon Raider

a_skeleton_06

a_skeleton_03

Big_w_powah

Trakanon Raider

Big_w_powah

Trakanon Raider

a_skeleton_03

Ao-

¯\_(ツ)_/¯

Big_w_powah

Trakanon Raider

Big_w_powah

Trakanon Raider

Big_w_powah

Trakanon Raider

Ao-

¯\_(ツ)_/¯

Tinycoffin

Blackwing Lair Raider

Big_w_powah

Trakanon Raider

a_skeleton_06

Big_w_powah

Trakanon Raider

a_skeleton_06

Big_w_powah

Trakanon Raider

Daelos

Guarding the guardians