Cyb Sec is so fucking boring. why didn't anyone warn me?

>boo hoo I get paid to do an easy job
you a bitch

>I just update stuff
>this job would have me stop hackers everyday
????

>Studies for a job where you'll be sitting at a computer all day
>Complains about sitting at a computer all day
wew

I think a better question is how didn't you already know

look man, I'm a hacker myself and It's not boring at all

Fuck you faggot I'm a bank teller and you're "dying inside"? I'm beyond death. I have work tomorrow for $16/hr so enjoy fucking Stacy with your bar money

dude just do stuff or passion hobbies while at work then let the hackerman moments kick in when an emergency occurs

or you can always create the hackerman moments yourself

>or you can always create the hackerman moments yourself
This. Hack into your own company while at the same time defend it from yourself.

16$hr is a lot
especially if you live in europe

how did you get in the field op?

>he joined the defense side of 'cyber' security, not the offense side.

Attached: 1451808595511[1].jpg (1111x597, 379K)

I can hardly imagine a worse tech job than sitting all day everyday monitoring packets on wireshark

Attached: corpse-died-in-the-office-skeleton-trapped-in-a-cubicle_no-1dcksx__F0007.png (1920x1080, 1.65M)

there are people who do both and are billionaires now

spooky

*activate the backdoor*

that's not quite how it works
It's mainly writing tools to do that for you - the way we do it is that there's a team that writes analytics for those packets - if that detects anything it gets put into a queue for a SOC. They stare at blinking lights and if they see something that could be bad, they pass it on to analysts. They're basically a human check for an automated process so I don't envy them.

Then you get people investigating the incident to see if it's anything worth worrying about, and if so, how best to respond to it.

If you think it's just wireshark you're... just not right

t. defence side of sec tard

I sit here automating analyst's jobs and it's pretty comfy. I can just listen to music and program all day whilst in control of far too much infrastructure. Pretty decent desu.

Attached: tumblr_mqeq18Uv4n1s5mgubo1_500.gif (500x357, 1016K)

saaaake
meant for

No its not, its above average but not alot.
t. living in europe.

>writing tools to do that for you
That's actually the essence of proper administration in general.

security analyst is a monkey job. you should know. even when I applied at tier-1 infosec consultant, the security expert warned on they job-desc about the job could be boring.

>Me and others now just play some ps4 game while we just shit talk each other.

They allow that shit on the job?

It is my fault.
In the last 3 years I only visited Jow Forums a few times, but before that I was there in every thread warning people how fucking boring security work is, combining the worst of paper pushing and sysadmin.
I am sorry user I have failed you.

t. KDE user

Sometimes I wonder if there's actually a GOOD job in infosec. All I've seen so far are:

Analysts who have not touched a single line of code since Bush senior was president. They usually have meme certs like CISA.

Managers who have done a couple pentests during their entire lives, CISSP's and CEH. They usually teach courses where you exploit vulnerable windows 7 boxes (with the firewall turned off).

Then you have actual pentesters with OSCP and offensive security certs, I don't know where they get the jobs, but it looks interesting, haven't personally met anyone on this group.

And yet, some people say it has zero unemployment.

I don't understand this world

I'm doing my OSCP right now, hopefully I will be able to land a pentesting job...

Good luck with the exam, they say that shit is intense.
I once met a guy who did the OSCE and he said he did not sleep for 2 whole days.
He also did a lot of coke, not recommended though.

Maybe you should follow in your hero's footsteps and use your access and skills to bring down society.

Attached: 4L_mSvJ7XA4.jpg (540x586, 57K)

Learn to speak russain

>OSCE
That's horseshit. I went cybersec after I got my law degree and the whole OCSP cert was a laugh after that. If you get past 12 hours without crashing or falling asleep, the other 12 are as good as done.

Welcome to IT work
99% you're bored out of your mind
1% shit is hitting the fan and everything is on fire

>12+12
>48-hour exam

The maths don't check out

Does Mr. Robot specifically mention KDE?

That's like not cybersec what they gave you to do, you ain't investigating, planning, researching nor remediating anything, the hell is your real job name ?

youtube.com/watch?v=FQM5fU7V-MM

Already blocked. But I got the idea.

KDE IS A PERFECTLY FINE ENVIRONMENT

Attached: 1527592437449.gif (935x670, 674K)

OSCP is 24 hours long. OSCE is 48 hours long.

OSCE is pretty good but the material is not as up to date as OSCP.

I see. My mistake.

In a similar position. Except I'm in an open office so constantly have to play the 'is anyone important watching me slack off' game. It's psychologically taxing doing nothing, let me tell you.

Attached: dilbert-pepe-the-frog.png (1200x1200, 134K)

This.

Also a "cyber" security analyst for a pretty big organisation. Mostly end up resolving tickets between playing wargames and CTF challenges throughout the day, sure there's the occasional investigative work but the job itself is rarely rewarding. It's mostly pretty easy though and the pay is nice so I can't really complain.
I do aim to get into a more technically involved role at a different company in the near future, ideally doing security research of some description.

tldr; general "security" work sucks but a chimp could do it and there's usually some room for growth.

Attached: gay6.gif (268x368, 610K)

>stealing lines from tarantino movies
im amazed that show has an audience

I wish I could find one job or one thing in life worth doing . But none of it is. My degree sucks and so does my life I'm not qualified for anything and hate technology

Attached: 115160_Throttle.jpg (640x359, 68K)

>I'm not qualified for anything
BIG TWIST: no one is
almost everyone is winging it
maybe try therapy

Fuck off with your therapy bullshit

said the boy who needed therapy

fuck sign me up

desu what job is not boring?

How? I'd rather be myself than have some dumb shit forced on me cause it's "better"

What kind of job (if at all) can you get with OSCE?

How do I get started in any IT job? Are certs or a degree a must? Getting an AS in IT.

I really don't know if it's worth doing the OSCE, most jobs are looking for OSCP. OSCE is much more expensive. But the job both certs are going for is pentesting.

Attached: pen1.jpg (500x411, 26K)

jobs that make you deal with emergency shit all the time.

Jobs are either boring or stressful.
Very few strike a proper balance.

I always ask myself what future does exploit development has in a future of memory-safe languages. It looks like a cert for a 733t haxx0r that doesn't have a lot of use beyond bounty hunting for big companies (MS, Google,etc) or selling said exploits in the black market

exploit development is only a small part of the cert. It's mostly about finding common problems you'd find on corporate networks. Insecure SMB configs, unpatched systems, credential reuse etc

Also not all bugs are memory safety issues. Web applications have become the major problem nowadays. SQL/command injection, XSS, race conditions, logic errors etc etc

Didn't know that, maybe I got mixed up with another cert. Doesn't sound like something particularly interesting either.

Right, but if I recall correctly Offensive Security has a cert exclusively for that, the whole OWASP world. Plus, if you get SQLi in 2018 you're a fucking retard, maybe you could get something like an Hibernate obscure-whatever-the-fuck injection, but the typical escaped shit is fucking pathetic, you can't fall for that one in this day and age.
I don't know what logic errors are exactly

The OSCP course is they give you access to a network with hundreds of vulnerable machines that you have to compromise. The scope is quite wide, many different operating systems etc. I found it quite fun to do.

OffSec have some other certs that you can only do in-person at defcon. IIRC the only ones you can currently do from home are OSCP/OSCE and OSWP, which is WiFi attacks, which is complete waste of time and outdated AF.

>Annoying other students by clicking
>Making little airplanes that look like this
you got me

>oh god this well paying and easy job of explaining things to idiots isn't exciting as in some dumb meme show.
Heres a tip OP, go play leap frog on a stop sign.

Attached: 1368830756898.png (647x761, 927K)

If you think pentesting is going to be any less boring you are in for a rude awakening... all you do is run the same 3 tools over and over and write reports....

>gets paid to do nothing
>complains
god I fucking hate you so much I hope you get leukemia asshole

it appeals to retards who have no idea what is going on
kind of like Silicon Valley but without the "kiss my piss" and seeing an algorithm in a literal circlejerk

Elliot hates All Safe... You dumb

Keep going, as someone who missed a chance on becoming a pentester I'm genuinely Interested

>be pentester
> spend most days doing nothing because no work for me
> still getting paid so cool
> get call “user” be in bumfuck Midwest city tomorrow
> rush rush rush, plane, car, rush rush
> sit in meeting with tard network admins and managment
> spend day running Nessus/metasploit from conference room
>go home spend next 30 hours generating pen test report full of suggestions
> do the same thing every year for same clients nothing in the report ever changes b/c they are only really looking to check a box and say they are compliment

Do you get paid well? Do you have any certifications? degree?

Pentesting is something I really want to get into. I'm doing OSCP and a software development degree. Any recommendations?

You make okay money to start then within. Few years you can make really good money.

I don’t have a degree. Most places worth their salt will pay for certs after you get in.

Most places are more interested in a github and clean record and an even cleaner piss test. Turns out the big money contracts all want you to have security clearances so having one is a big plus.

Down side are that it is tedious boring work and you have to be able to drop everything and go when you get a phone call.

Most people I know started out with some NOC or network monkey experience on their resume. Preferably on a large network.

>Me and others now just play some ps4 game while we just shit talk each other
welcome to IT. this is what its like. if you want to do exciting sec shit get OSCP and/or go work at an alphabet agency or a DOD contractor

>clean record and an even cleaner piss test
unfortunate...

fuck I have a record, but all my convictions are spent (eurofag) so don't show up when companies ask for it, in fact is illegal for them to see it, but if I need to get travel visa for other countries (such as US) it will show and I will be denied the visa. Hopefully this doesn't fuck me up so much.

>jobs that make you deal with emergency shit all the time.

You mean jobs that eventually end up sucking your soul because human beings weren't made for feeling stress all the fucking time?

All jobs are bullshit, retard.

Better than having a low paying, shitty job that requires you to be doing menial tasks all day so you can't fuck off at work even if you wanted too, while still being uninteresting.

Quit whining and enjoy your early enrollment in the post scarcity society where nobody has a real job but you get paid anyway.

This is what I'm after. I just starting taking on some cybersec tasks at work and trying to cross-train into it full time. My supervisor is a big name cybersec guy from the fintech world, and all our infrastructure is on AWS anyway.

>get paid to do nothing
>complains
?????????????????????????????????????

>work next to infosec analyst at startup
>spends all day "studying" for their oscp by playing script kiddie
>any opportunity to blow up the budget with off the shelf security tools they will take it.
>massive tool in general

Don't be that person, user

Honestly you want to get to do the interesting stuff you should look at security engineering or blue team stuff and learn to code. You will find that the out of the box tools are shit and you can have a lot of fun writing new ones.

>complains about playing ps4 at work for "security analyst"
overpaid dog
our security analyst is the CEO's niece and she does literally nothing
even when we have security problems other network people handle itbecause it's usually an issue with things not being patched properly and her patching servers in a live environment while people are using tehm is part of the problem.
be happy with what you've got
some of us would like a cushy gig like that again.
i have to bust my ass now but imiss being a """software analyst""" where i'd fuck off on Jow Forums and play dos games and snes games on emulators all day.

I wish I had a job.

Why don't you try working retail or wait tables for a couple weekends you dumb sack of shit. Then see how you feel about having to play PS4 at work.

Attached: fuf.gif (487x560, 898K)

You're essentially IT with a fancy title.

Get a red-team gig so you can actually use your brain and not end up peaking at 30.

>Not switching to gnome

Guess old habits do die hard

Attached: downloadfile-1.jpg (629x720, 153K)

thats the point, it is boring unless you're faced with a challenge

same, i like drugs, weed mostly. Shame i cant be a professional hacker now

ah man weed gets boring the more you smoke it. It's fun as fuck being high as shit on some insane indica shit, but after 5,000 times it's not nearly as fun. I basically smoked weed 24/7 for 3 years, got bored of it and don't see the point in smoking anymore, I've already been as high as a motherfucker thousands of times.

IT industry is bullshit. Flashy job titles like 'Cyberspace Security Specialist', but at the end of the day its just a big standard computer job like every other IT role. Guess they pry on the more the savvy 'gamer' kids to lure them into filling boring roles.

Wtf are you taking about? What shithole area do you live in?

Attached: HE_IS_EGYPTIAN.jpg (640x634, 99K)

You do realize most of us would kill more than one person (literally) to have your job right?

My job doesn't pay as well but pays good but requires me to be gone all the time and exposes me to the most deadly chemical compounds known to man. All the time.

And I'm only still doing it to save enough money for a trip back to school for a degree to get a job like yours.

You need to get more out of your life you are just being a little bitch and not enjoying it.

if you are at the defensive side, then yeah, it's boring as hell, as much as any other IT job is
the fun is at the ofensive side :^)
also, if you really do almost nothing, then learn some shit, and take advantage of your position

This is actually the worst.

Please, please, PLEASE Give me work to do, I don't want to look useless.