Info Sec Vs Developing - Sajha Mobile
SAJHA MOBILE
Info Sec Vs Developing
Posts 14 · Viewed 7550 · Go to Last Post
alche
· Snapshot 0
Like · Likedby · 0
Devi ra sajjan haru, I just got a job as a infoSec analyst at a reputable company. Hourly , roughly about $35. Tara yesko scope kasto cha? How does it compare against developing jobs? Security position ma koi mahanubhab haru hunu huncha ki? Yeso sallah pau na.
alche
· Snapshot 1
Like · Liked by · 0
p.s Its not through a consultancy.
Saajha
· Snapshot 44
Like · Liked by · 0
Scope is very good! The only condition is - you've got to keep up with it with a sincere passion. It's a 'snooze you lose' profession. What that means is --- if you stick with a 9-5 work attitude, you'll hit the ceiling very soon.

That $35 an hour can easily triple or quadruple as long as you hold on to it, simply being a learner every day. If you are up for spending a slice of your personal time learning, breaking and fixing stuffs, and challenging yourself with technical know-hows, you WILL excel.

Sajjan's suggestion --> Go for it. :-)

~@~

meraj
· Snapshot 159
Like · Liked by · 0
Security is too broad ...which domain of security you are in? Based what you say seems like you are east ...may be D.C. ,Virginia etc where you want to settle in long run ?

I have a mixed feelings about this industry . One good thing is you won't mostly hit fakers with fake resumes , it's too difficult to make entry like that.
alche
· Snapshot 287
Like · Liked by · 0
saajha, thanks for the suggestion. I find the idea of playing with computers and networks really interesting. But I also find the idea of being able to develop something fascinating as well. Sometimes I feel the constant need to get all these certifications will probably get tedious. Are you a security professional?
Meraj, I will be working at Statefarm in Dallas. Right now I dont know what exactly i will be doing. They will put me wherever they need.
Saajha
· Snapshot 326
Like · Liked by · 0
Development background (or interest) will actually help you with InfoSec tasks and make you stand out in a crowd. I often find myself referring to some of the old C++ textbooks from the college days. :-)

skripting, and interpreted languages such as perl and python are equally valuable and handy. So are Javaskript, PHP, etc if your functions are web-security oriented. 

I see certifications as a tool that helps set goals. You keep disciplined because of your investment of time and money, your aim to pass the cert, and the tight timeline to prepare and be ready to tackle the exam.

SANS certifications are very good for starters, but are expensive. If your company offers you to pick a training, your best bet is to go for one of theirs.. such as SANS401/Security Essentials, or SANS504/Incident Handling - if you are already comfortable with the Network and Security basics.

Good Luck Alche.. your new role will hopefully make you 'active'. :D

~@~

Last edited: 08-Nov-16 11:23 AM
fdpower
· Snapshot 335
Like · Liked by · 0
Yes , what domain do you guys work in ? Security is very broad term ..Unless you work in a information security company itself you are bound to only a couple of product such as a firewall or a proxy.
Saajha
· Snapshot 348
Like · Liked by · 0
All domains for me. Been in the InfoSec industry >10 years and never had a 'domain requirement' for any of my roles. I did, however start leaning towards specializing (personally, outside of work) in certain realms after a few years being in the industry.

I do know that some land in a specific role from the get-go. My old buddy here on Sajha: 'pyaradeshbasiharu' started as a security researcher if I remember correctly (haven't seen him here in years!), but I see the specialization as a fork that should be apparent only after gaining proficiency of the general - sort of like 10 domains (now 8?) of CISSP.

~@~

P.S: Read 'skripting' as 'skripting' on my previous post. It didn't let me correct and save for some reason. :-/
Saajha
· Snapshot 361
Like · Liked by · 0
Nvm.. Looks like San blacklisted the English version of स्क्रिप्टिंग while tightening the XSS mishap last time. :(

~@~
fdpower
· Snapshot 386
Like · Liked by · 0
Sorry but CISSP is overrated af. One of the stupidest exams in seurity. People who have CISSP are the wannabes in the infosec industry.
meraj
· Snapshot 426
Like · Liked by · 0
@ alche

Looks like you are just starting. I would recommend to give it a try, but if you don't like it much move away quickly, don't stick to it for the sake of job.

I am probably in IT for approx 10 yrs, started as server admin, network , Cisco stuff then moved slowly to firewalls , ips/ids, siem, several white listing /baseling tool. But things just keep on changing and new stuffs keeps on coming . I probably have worked on several domains over the time ...here and there. Linux is something I haven't worked much but cloud/container security is hot these days.

But I often get bored these days and think I should have started career as developer . But like alche I got first internship in support position, and keep working whatever came in my way.

So security in corporate is very different then security research, malware engineering/analysts developing IOC etc in sectool companies . May be these fit you well if you are interested in both coding and infrastructure.
meraj
· Snapshot 429
Like · Liked by · 0
And by the way I stopped taking certs after 2012, you need some if you are looking for job. I might get one this year to stick on my resume for job hunting next year.

You will certs if you are specially in DC area. CISSP is popular because it's vendor nutural and govt intustry wants to stay nutural, but personally I hate all these it certs culture .
Last edited: 08-Nov-16 04:07 PM
Saajha
· Snapshot 427
Like · Liked by · 0
Hmm.. so someone would turn into a 'wannabe' upon achieving CISSP..
I'll think about that a little more. :-)

My point was - general infosec knowledge prepares an individual to tackle specialized roles, and CISSP outlines most of the common areas one would encounter in their career.

In regards to certification, what matters more is the amount and quality of knowledge you gain during the preparation, than the title you achieve.

Titles can help you land a new job or get a salary bump. But once you take up the role, you're back to reality ---- the knowledge!! Use your cert pursual effort to learn, than collect the titles, and you may find yourself a very successful Infosec professional next time you assess yourself.

Speaking of certs, I'm tackling OSCP on December 11.. if anyone else is considering it (currently or in the future), give me a shout.

~@~
alche
· Snapshot 522
Like · Liked by · 0
thank you guys for your valuable suggestions. If you dont mind, I would like to add you guys on my linkedin. Please pm me your contact details.I would like to create a network of professionals in similar field or IT in general.
Please log in to reply to this post

You can also log in using your Facebook
View in Desktop
What people are reading
You might like these other discussions...
· Posts 9 · Viewed 12065 · Likes 1
· Posts 7 · Viewed 3515 · Likes 1
· Posts 1 · Viewed 959
· Posts 1 · Viewed 919
· Posts 1 · Viewed 832
· Posts 1 · Viewed 911
· Posts 1 · Viewed 902
· Posts 21 · Viewed 9095 · Likes 1
· Posts 3 · Viewed 2286
· Posts 5 · Viewed 7388 · Likes 1



Your Banner Here
Travel Partners
Travel House Nepal