I Am Security Analyst (but Nobody Knows It)

I'm feeling burnt out in my current role. Two years ago, I joined a SIEM vendor as a Cloud Security Analyst, but the title was a bit misleading. I've actually been functioning more as a Site Reliability Engineer. I've been pushing to move to a security focused team for a while now, but with no official security experience on my resume, it's been tough. I stay on top of all the latest security threats and trends. I even built my own home lab to experiment with replicating attacker behavior and writing detection rules to catch them. I'm aware of current geopolitical trends and their impact on cybersecurity. I truly believe I have the skills and passion to be a great security analyst/ engineer. The challenge is getting past the initial application stage. Despite my skills, I'm not getting interview callbacks. For example let’s say, I could potentially track and respond to an APT before a breach occurs, I can't showcase this ability without an opportunity. So, that's where I'm hoping you guys can help. Any advice on how to gain the experience needed to overcome these application rejections would be greatly appreciated.

Onira

Unnamed

6 months ago

Yo to be in cysec “Analyst” sections certs are they absolute way cause this is a no risk area org don’t risk this section to less exposed candidates and how to prove it loops to experience and certs right and obv certs are pricey like giac certs sans soo if you can get one giac or sans go for it and also since you have already set up an home lab do one thing reference the mitre doc and gather the info of the recent APT actions for formal stuff but do surf the glitch spaces for the real objective stuff recreate them scenarios in your VM’s start small don’t go some thing like for APT29 and enterprise level stuff Ik all the steps wont be mentioned online but atleast recreate the initial steps of it and apply your probabilistic/optimal solution to it write a blog on it on like not how to avoid it as they are common but try to see them from a fresh perspective like write a support one based on the APT vectorisation ability and figure out to conclude the blog as a blue teamer I mean how would you catch the cat or what could have or should have been the rules that should have been implement to prevent this from happening from the beginning so start with basic phishing/trojan attacks scenarios to malware based that are currently happening as we speak of like the apex legends RCE and stuff And also please don’t focus on getting a job asap Since you are already in one —> we are easily gazed on if shit goes side ways as you prolly know so keep at what you doing be passionate as well as determined and you’ll reap for your knowledge and contribution Ps:- Be passionate not for a job I meant cause blue teamer I see it as a job but if you really want to be a Cy analyst be prepared to think like a attacker and write like a manic This is completely opinionated please feel free to take what you like from this view