I'm feeling burnt out in my current role. Two years ago, I joined a SIEM vendor as a Cloud Security Analyst, but the title was a bit misleading. I've actually been functioning more as a Site Reliability Engineer.
I've been pushing to move to a security focused team for a while now, but with no official security experience on my resume, it's been tough.
I stay on top of all the latest security threats and trends. I even built my own home lab to experiment with replicating attacker behavior and writing detection rules to catch them. I'm aware of current geopolitical trends and their impact on cybersecurity. I truly believe I have the skills and passion to be a great security analyst/ engineer.
The challenge is getting past the initial application stage. Despite my skills, I'm not getting interview callbacks. For example let’s say, I could potentially track and respond to an APT before a breach occurs, I can't showcase this ability without an opportunity.
So, that's where I'm hoping you guys can help. Any advice on how to gain the experience needed to overcome these application rejections would be greatly appreciated.
Yo to be in cysec “Analyst” sections certs are they absolute way cause this is a no risk area org don’t risk this section to less exposed candidates and how to prove it loops to experience and certs right and obv certs are pricey like giac certs sans soo if you can get one giac or sans go for it and also since you have already set up an home lab do one thing reference the mitre doc and gather the info of the recent APT actions for formal stuff but do surf the glitch spaces for the real objective stuff recreate them scenarios in your VM’s start small don’t go some thing like for APT29 and enterprise level stuff Ik all the steps wont be mentioned online but atleast recreate the initial steps of it and apply your probabilistic/optimal solution to it write a blog on it on like not how to avoid it as they are common but try to see them from a fresh perspective like write a support one based on the APT vectorisation ability and figure out to conclude the blog as a blue teamer I mean how would you catch the cat or what could have or should have been the rules that should have been implement to prevent this from happening from the beginning so start with basic phishing/trojan attacks scenarios to malware based that are currently happening as we speak of like the apex legends RCE and stuff
And also please don’t focus on getting a job asap
Since you are already in one —> we are easily gazed on if shit goes side ways as you prolly know so keep at what you doing be passionate as well as determined and you’ll reap for your knowledge and contribution
Ps:- Be passionate not for a job I meant cause blue teamer I see it as a job but if you really want to be a Cy analyst be prepared to think like a attacker and write like a manic
This is completely opinionated please feel free to take what you like from this view
Hi Folks,
I am a penetration tester having 7 years of experience. Though I am doing pretty well in my current role, I am not feeling the impact it creates. Security is seen as a support function and does not bring real value other than ...
Currently I’m working with a finance company as a operations manager for an year now. It is my first full time job after graduating. I only have one year of experience as of now. The thing is altho my role is completely remote and I’m g...
Hi,
8 YOE, Security engineer trying to switch to PM role. Studied everything related to PM. Joined cohort based course who promised interviews but nothing came. Currently writing cold emails.
I am expert at cyber security who can under...
Hey everyone, I'd like to hear your thoughts. Have any of you successfully aced an interview solely through tutorials, YouTube, or side projects without hands-on work experience? I am a SDET exploring a transition to SDE role, internall...
Hi I am working in one of the service based company for 2 years now. My regular tasks include Web,api and Android penetration testing. But I want to improve my skills and also want to get into some product based company. I am trying out ...