[Show all top banners]

alche
Replies to this thread:

More by alche
What people are reading
Subscribers
:: Subscribe
Back to: Kurakani General Refresh page to view new replies
 Info Sec Vs Developing
[VIEWED 8974 TIMES]
SAVE! for ease of future access.
Posted on 11-05-16 12:50 PM     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Devi ra sajjan haru, I just got a job as a infoSec analyst at a reputable company. Hourly , roughly about $35. Tara yesko scope kasto cha? How does it compare against developing jobs? Security position ma koi mahanubhab haru hunu huncha ki? Yeso sallah pau na.
 
Posted on 11-05-16 12:51 PM     [Snapshot: 1]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

p.s Its not through a consultancy.
 
Posted on 11-05-16 2:24 PM     [Snapshot: 44]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Scope is very good! The only condition is - you've got to keep up with it with a sincere passion. It's a 'snooze you lose' profession. What that means is --- if you stick with a 9-5 work attitude, you'll hit the ceiling very soon.

That $35 an hour can easily triple or quadruple as long as you hold on to it, simply being a learner every day. If you are up for spending a slice of your personal time learning, breaking and fixing stuffs, and challenging yourself with technical know-hows, you WILL excel.

Sajjan's suggestion --> Go for it. :-)

~@~


 
Posted on 11-06-16 2:15 AM     [Snapshot: 159]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Security is too broad ...which domain of security you are in? Based what you say seems like you are east ...may be D.C. ,Virginia etc where you want to settle in long run ?

I have a mixed feelings about this industry . One good thing is you won't mostly hit fakers with fake resumes , it's too difficult to make entry like that.
 
Posted on 11-07-16 9:40 PM     [Snapshot: 287]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

saajha, thanks for the suggestion. I find the idea of playing with computers and networks really interesting. But I also find the idea of being able to develop something fascinating as well. Sometimes I feel the constant need to get all these certifications will probably get tedious. Are you a security professional?
Meraj, I will be working at Statefarm in Dallas. Right now I dont know what exactly i will be doing. They will put me wherever they need.

 
Posted on 11-08-16 11:06 AM     [Snapshot: 326]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Development background (or interest) will actually help you with InfoSec tasks and make you stand out in a crowd. I often find myself referring to some of the old C++ textbooks from the college days. :-)

skripting, and interpreted languages such as perl and python are equally valuable and handy. So are Javaskript, PHP, etc if your functions are web-security oriented. 

I see certifications as a tool that helps set goals. You keep disciplined because of your investment of time and money, your aim to pass the cert, and the tight timeline to prepare and be ready to tackle the exam.

SANS certifications are very good for starters, but are expensive. If your company offers you to pick a training, your best bet is to go for one of theirs.. such as SANS401/Security Essentials, or SANS504/Incident Handling - if you are already comfortable with the Network and Security basics.

Good Luck Alche.. your new role will hopefully make you 'active'. :D

~@~

Last edited: 08-Nov-16 11:23 AM

 
Posted on 11-08-16 11:20 AM     [Snapshot: 335]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Yes , what domain do you guys work in ? Security is very broad term ..Unless you work in a information security company itself you are bound to only a couple of product such as a firewall or a proxy.
 
Posted on 11-08-16 11:46 AM     [Snapshot: 348]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

All domains for me. Been in the InfoSec industry >10 years and never had a 'domain requirement' for any of my roles. I did, however start leaning towards specializing (personally, outside of work) in certain realms after a few years being in the industry.

I do know that some land in a specific role from the get-go. My old buddy here on Sajha: 'pyaradeshbasiharu' started as a security researcher if I remember correctly (haven't seen him here in years!), but I see the specialization as a fork that should be apparent only after gaining proficiency of the general - sort of like 10 domains (now 8?) of CISSP.

~@~

P.S: Read 'skripting' as 'skripting' on my previous post. It didn't let me correct and save for some reason. :-/
 
Posted on 11-08-16 11:50 AM     [Snapshot: 361]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Nvm.. Looks like San blacklisted the English version of स्क्रिप्टिंग while tightening the XSS mishap last time. :(

~@~
 
Posted on 11-08-16 1:05 PM     [Snapshot: 386]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Sorry but CISSP is overrated af. One of the stupidest exams in seurity. People who have CISSP are the wannabes in the infosec industry.
 
Posted on 11-08-16 4:01 PM     [Snapshot: 426]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

@ alche

Looks like you are just starting. I would recommend to give it a try, but if you don't like it much move away quickly, don't stick to it for the sake of job.

I am probably in IT for approx 10 yrs, started as server admin, network , Cisco stuff then moved slowly to firewalls , ips/ids, siem, several white listing /baseling tool. But things just keep on changing and new stuffs keeps on coming . I probably have worked on several domains over the time ...here and there. Linux is something I haven't worked much but cloud/container security is hot these days.

But I often get bored these days and think I should have started career as developer . But like alche I got first internship in support position, and keep working whatever came in my way.

So security in corporate is very different then security research, malware engineering/analysts developing IOC etc in sectool companies . May be these fit you well if you are interested in both coding and infrastructure.
 
Posted on 11-08-16 4:03 PM     [Snapshot: 429]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

And by the way I stopped taking certs after 2012, you need some if you are looking for job. I might get one this year to stick on my resume for job hunting next year.

You will certs if you are specially in DC area. CISSP is popular because it's vendor nutural and govt intustry wants to stay nutural, but personally I hate all these it certs culture .
Last edited: 08-Nov-16 04:07 PM

 
Posted on 11-08-16 4:15 PM     [Snapshot: 427]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

Hmm.. so someone would turn into a 'wannabe' upon achieving CISSP..
I'll think about that a little more. :-)

My point was - general infosec knowledge prepares an individual to tackle specialized roles, and CISSP outlines most of the common areas one would encounter in their career.

In regards to certification, what matters more is the amount and quality of knowledge you gain during the preparation, than the title you achieve.

Titles can help you land a new job or get a salary bump. But once you take up the role, you're back to reality ---- the knowledge!! Use your cert pursual effort to learn, than collect the titles, and you may find yourself a very successful Infosec professional next time you assess yourself.

Speaking of certs, I'm tackling OSCP on December 11.. if anyone else is considering it (currently or in the future), give me a shout.

~@~

 
Posted on 11-09-16 10:51 PM     [Snapshot: 522]     Reply [Subscribe]
Login in to Rate this Post:     0       ?    
 

thank you guys for your valuable suggestions. If you dont mind, I would like to add you guys on my linkedin. Please pm me your contact details.I would like to create a network of professionals in similar field or IT in general.
 


Please Log in! to be able to reply! If you don't have a login, please register here.

YOU CAN ALSO



IN ORDER TO POST!




Within last 365 days
Recommended Popular Threads Controvertial Threads
शीर्षक जे पनि हुन सक्छ।
डीभी परेन भने खुसि हुनु होस् ! अमेरिकामाधेरै का श्रीमती अर्कैसँग पोइला गएका छन् !
What are your first memories of when Nepal Television Began?
Sajha Poll: नेपालका सबैभन्दा आकर्षक महिला को हुन्?
ChatSansar.com Naya Nepal Chat
NRN card pros and cons?
TPS Re-registration case still pending ..
Basnet or Basnyat ??
TPS Re-registration
निगुरो थाहा छ ??
Nas and The Bokas: Coming to a Night Club near you
Toilet paper or water?
Anybody gotten the TPS EAD extension alert notice (i797) thing? online or via post?
अमेरिकामा छोरा हराएको सूचना
ढ्याउ गर्दा दसैँको खसी गनाउच
Sajha Poll: Who is your favorite Nepali actress?
Do nepalese really need TPS?
Problems of Nepalese students in US
nrn citizenship
TPS EAD auto extended to June 2025 or just TPS?
Nas and The Bokas: Coming to a Night Club near you
Mr. Dipak Gyawali-ji Talk is Cheap. US sends $ 200 million to Nepal every year.
TPS Update : Jajarkot earthquake
NOTE: The opinions here represent the opinions of the individual posters, and not of Sajha.com. It is not possible for sajha.com to monitor all the postings, since sajha.com merely seeks to provide a cyber location for discussing ideas and concerns related to Nepal and the Nepalis. Please send an email to admin@sajha.com using a valid email address if you want any posting to be considered for deletion. Your request will be handled on a one to one basis. Sajha.com is a service please don't abuse it. - Thanks.

Sajha.com Privacy Policy

Like us in Facebook!

↑ Back to Top
free counters