Where can I find cybersecurity jobs that let me demonstrate my practical knowledge to them?
My life has been destroyed because I trusted my friend who guaranteed me a job with his company if I just moved out to a big city where he was. I left my comfy small town (though with no real non-wagie jobs) for a new state, then he picked a fight with his boss and never even tried to get me hired. Didn't tell me until I got here.
I have no transportation and public transit is a joke. I've been applying for jobs from call centers to temp agencies for months now, and I have nothing. I've heard about places that will just give you shit to hack in order to submit resumes and get interviews, but where the fuck do I find them? I'm not even getting calls back for fucking wagie jobs flipping burgers, I have no degree, and no certifications. BUT I CAN PHYSICALLY DO IT. I've heard these places exist, but where? How do you find places that let you demonstrate ability by performing tests up to their standard instead of relying on degrees and expensive certifications from multiple choice tests? I'd love to get whatever certs they want me to, I just need to get paid and get my life back.
Do you have a LinkedIn, GitHub, personal blog, previous work experience? Once you're in a technical interview you're 100% guaranteed a job if you actually know your shit (that's one big "if"), but you need something to get your foot on the door.
Brandon Ward
I'm embarrassed by my work history because it's overwhelmingly low-level wagie shit with some job hopping as I've tried to monkey branch my way up. The worst was a job doing tech support for AT&T that I actually liked a few years back, but that job got outsourced to Indonesia.
I have a github with webdev shit and some offsec stuff, but getting in to development seems impossible. I actually applied for a front-end developer job not long ago that was advertised as entry level. Required experience with full MERN stack plus Python, $12.50/hr, part time but required open availability, and over 100 people had applied before me (the posting had been up for 4 days). I have a few articles on HackerNoon that talk about exploitation and assembly and stuff.
If I could find someone to talk to in a company who needed security guys that actually knew the difference between a directory traversal attack and a buffer overflow, I could probably get my foot in easily. But I haven't found anything so far that didn't at least require 5+ years experience, a bachelor's and 40% of the time a Top Secret security clearance (which, with my debt and credit I wouldn't qualify for anyway, it's kinda any I came out here for the job I was promised). I just don't know WHERE to find the entry level jobs that don't already require a degree and experience.
William Hernandez
>But I haven't found anything so far that didn't at least require 5+ years experience
Security is generally not an entry level job. You’re expected to have multi domain experience, sysadmin/netadmin/software engineering.
>a bachelor's and 40% of the time a Top Secret security clearance
If you’re going for a government job then yes.
My recommendation to you, is go for a Security+, or CCNA CyberOps certification. Make sure you build a personal lab to test things out and get experience that way.
Then apply for an entry level SOC position. Target MSSPs that offer SOC services. It won’t be easy, but it’ll give you a way in.
Angel Perez
Just get a CS degree. It'll take a year tops. 6 months if you actually know your shit like you claim.
Charles Butler
thats not how classes work
Ayden Gutierrez
>just get a CS degree
Motherfucker of there was literally any way I could afford it I would. I've been in such a bad spot financially for so long now I'm in default on all my student loans. Even fucking community college out here is $6K/semester
Cooper Sullivan
>be me, 30 y/o boomer >state lets me go to any community college with 0 dollars paid in tuition/fees, just have to buy books
Ayden Adams
What do you mean? Mine was $3500 a semester and I finished my bs in software development (they didn't offer compsci until like a year after) in 2 semesters. Didn't know you already had student loans and the like though.
Breaking into any job in the industry is hard without a degree/other reasonable demonstration of skill. I tried for over a year before giving up and just getting my degree. Security is definitely not an entry-level job. Maybe apply to other entry-level jobs in the field.
Benjamin Cox
I gave up on trying to become a developer because I haven't been able to get a foot in the fucking door anywhere, despite dozens of small projects, a few medium sized and some larger ones. Plus, I've seen a lot of shit talking about how security has even now demand than developers and it's only growing, and I fucking LOVE doing offsec shit anyway. I've worked helpdesk shit before but it all seems like a dead end.
Why the fuck would you move when you have NO GUARANTEE of a job you idoit?
Sorry I can’t fix stupid
Easton Green
This. Just another lesson in life, assume there is no job offer certainty until you receive a signed document offering you the position.
Charles Thompson
Hi, my hubby is in cyber security. Since you have been unemployed for so long i would check with your local unemployment office about them paying for some job training ( security +, CASP or CISSP) bootcamp And certification. Anyone with a CASP or more importantly a CISSP can write their own ticket.
Looks like your "friend" is not really your friend.
Nathaniel Harris
A buffer overflow occurs when you input more data into the program than it's expecting, resulting in infuriating being written into the stack and overwriting other data. This can give the attacker control of the EIP, and consequently, the program. If the stack isn't executable (and it typically isn't anymore) then you can find "gadgets", or small snippets of code followed up by a RET, and chain their addresses together in your payload that overwrites the stack.
Directory traversal is when you are able to exploit a web application into returning information about directories outside and above the directory hosting the web server.
I trusted him, he's been a good friend before, but not I really to go the fuck home and never see him again. He's become such a weeb loser who does nothing but watch anime and collect videogames, I fell like something else he just decided to collect.
CISSP requires you to have 5 years in 2 security domains in order to be endorsed as a CISSP. I'd rather get my OSCP and GPEN
