@shellsharks@infosec.pub Sorry, was offline for a few days! Not really sure what I’m looking for, honestly? Mostly someone to kind of push me for doing more/exploring more? I’d like to focus in on AI security as well as container security and I know I can start that work on my own – I just know it’s easier/more likely for me to do things if I have someone filling in the blanks on things I don’t know that I don’t know. I’ll start with those there (been following She Hacks Purple and InfoSec Sherpa for a bit) and see if any long hanging fruit shakes lose from the tree, thanks again!

write_that_down.jpeg

This is amazing info, thank you! So I have a BS in comp sci and applied math but all my experience is from ~10 years in different roles in IT from helpdesk to now cloud engineering/devops. I’ve had been doing some CTF’s and Juice Shop for a bit but fell off because things got busy (as they always do). Lately I’ve been looking at reversing DRM for old shareware games just to get more familiar with the concepts but it’s been mostly looking rather than doing so far lol. What I really want to get better at are namely two things:

• Container security and exploiting it
• Getting better at understanding how things work at lower levels to be better at reverse engineering

Really appreciate the insight and hope that everything goes well with your plans!

That makes sense, thanks! Have you ever hired a mentor before? I imagine it’d be a lot like hiring a coach but how would you know that they’re not just being kind of a “yes man” or at the very least kind of reputable?

General question but how do y’all actually find a mentor? I feel like there’s probably a local group nearby me or something that I could look into but are there places/people that are more likely to say “yes, I will mentor you” in y’all’s experience?

Yeah, I would still be using mullvad if they hadn’t removed port forwarding – it’s too damn bad but I get why they needed it. Switched to Proton but I imagine they’ll run into the same issue down the road and will need to find a more permanent solution.

Awesome! I really appreciate your help and will absolutely start going through this and what my resume looks like.

Also, right?! How is it that in an industry that has a deficit of security personnel in it already is so damn hard to break into?!

I’m not sure if this is the right venue for this question so please let me know if that is the case – happy to ask elsewhere!

I’ve been in various IT roles for the past 10 years and seem to have gotten stuck in a support capacity. My career goal is to be more of a DevSecOps or Security Engineering role but I honestly can’t get the time of day with an interviewer. I’ve got experience with programming, cloud infrastructure, web application security, and am currently going for my CKA but I don’t have a ton of experience “on paper”. Most of my experience is either me doing things myself to further my knowledge or taking on security things within my current role – for ex. in one support role I did a web application penetration test to make sure there weren’t any gaping holes before we deployed it.

How can I make sure that I have the right experience down on paper for when I’m applying to roles? Has anyone here “broken out” of a support role into security? What was your experience with it? I also have a lot of interest in doing research work and I know this can dovetail with the two roles I listed above but maybe I need to focus on the core ideas of those roles more?

I use Miniflux and I’ve actually had luck just putting the channel url like youtube[.]com/channel/CHANNEL_NAME_HERE and the rss feed populates from there!

Seriously! I ended up blocking reddit and its subdomains with my pihole so that I’d stop clicking on things from google searches.