IT Certifications and Careers (Official Discussion Thread)

[Project Pooch]

For someone without experience trying to get in the industry. Would y’all recommend me trying to get A+ certified or just skip to network+??

 

[Rhyme n Tekniq]

What was your experience looking like prior to the interview?

Experience dealing with the company up to the interview?


The initial phone screen by the hiring manager himself was very surface level with the questions he asked me. didnt really seem too interested honestly. Just "hey I'm the hiring manager, Here's some details about the job" (Schedule, remote work policy, what pay i'm, looking for etc.)

before that I had waited 2.5 months for a response after I replied to there initial email to see if I was still interested.

They just seem to be dragging their feet throughout the entire process.

I came ready to answer relevant questions about the position as presented in the JD, but instead got hit with a brrage of curve balls.

 

[Rhyme n Tekniq]

For someone without experience trying to get in the industry. Would y’all recommend me trying to get A+ certified or just skip to network+??

A+ has the most recognition, expires in 3 yrs and the content is like a sampler plate of topics covered more in depth with net +, Sec+, and Security +. Also Since Microsoft got rid of its Server centered certs (MCSA/MCSE) the Server + might end up being the go to cert to for people trying to get into Server Administration.
Server + covers the stuff on the A+ in a bit more detail, and it's good for life, and companies are starting to ask for it too....slowly, But I'm seeing them nonetheless.
I'd still go for the Net + as I've been seeing a ton of openings asking for it lately.

Far as skills

Learn Microsoft 365 (Admin Center), PowerShell Scripting, . It's being requested a shyt ton nowadays as more people are moving to the cloud and working remote.

 

[H@LLOW]

 

[DaRealness]

I just had an interview (5 man- panel) with a hospital, for a desktop engineer position and because I did my research, I knew to prepare for any type of fukkery since it's gotten ehh reviews on glassdoor with one of the main recurring complaints being the toxic work environment and cliquish nature of everything. Nothing but old azz nikkas who seem to have been in the same role for 10-15 yrs, real crotchety and standoffish, but I';ll get to that...

Originally non of these muthafukkas wanted to speak up, so I took control of the interview but when the 1st person asked me 3 of these obscure situational questions right off the back, and I couldnt answer, It was like they smelled blood in the water and followed suit with their own obscure questions. So shyt turned into a guerilla style interview. Even though I answered questions honestly, these MF were still trying to gaslight me like. If you dont know, just say you dont know. answer truthfully" like I hadnt been doing that already (I hate that shyt).

The goals of the interview was to badger me about topics I didnt know but skirt over shyt I did; and just keep the pressure on the entire time instead of having a soldi, productive interview. I had to cut in and ask these MF what they were honestly looking for because based on the shyt you're asking , it seems like a senior role."

They also kept moving the goalpost and contradicting each other in regards to what's "Important to know" so I just gave up mid-interview and start pouring me a glass of Disarono while they carried one with the usual tired ass "we'll be in touch" yada yada "next phase" bulllshyt.

Then to top it off at the end, one of these old fukk nikkas made a slick but corny ass 'Boomer' comment about my resume even though he didnt bother to read shyt beyond my "Skill Summary" section.

Guess he had a problem with the font, but his high and mighty ass should know how to control+scroll at this point in his career...the fukk?


It's companies like these that have made 2021 the WOAT year for finding a new job. The amount of snark and exploitative shyt they try to pull.

The pendulum always swing back the other way though.

I'ts gettin to a point where I'm about to step away from systems and infrastructure altogether and go for Security or some shyt.

The red flag was in the mere fact they had bad reviews on glassdoor. I've had a couple of rude interviewers in the past and honestly now I'd just cut the interview short if they act like that. It's one thing to ask hard questions and another to be disrespectful for no reason at all.

The good thing about the past year is that most interviews are online now so you don't need to waste travel time.

 

[JT-Money]

Years of experience required per function below:

| 8 | Required | Experience working in Cybersecurity space
| 6 | Required | Experience with Data Loss Protection/Cloud Access Security Brokers (i.e. Symantec, Microsoft, Bitglass, Netskope)
| 5 | Required | Experience with Vulnerability Management Systems (i.e. Rapid7, Tenable/Nessus Scanning, Qualys). Establish vulnerability management program using systematic scanning, risk evaluation, and coordination to remediate or mitigate identified vulnerabilities
| 5 | Required | Experience with Endpoint Detection and Response (i.e. EndGame, Crowdstrike, CyberReason). Detect and respond to alerts from end point detection response tools
| 5 | Required | Experience prioritizing top threats and likelihood for data loss vectors
| 5 | Required | Experience developing API use cases, scenarios, requirements in support of integrations with other platforms
| 5 | Required | Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and lead and work as part of a team
| 5 | Required | Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
| 5 | Required | Ensure proper metrics, analysis, and reporting for continuous process improvement. Provide escalation support and document resolutions for improvement.
| 5 | Required | Monitor external data sources (e.g., cyber defense vendor sites, US-CERT, OpDivs, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine issues that would impact the enterprise
| 5 | Required | Experience in creating, documenting, and maintaining policies, procedures, and workflows
| 4 | Required | Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field. Master’s Degree a plus
| 1 | Required | CISSP, CCSP, CEH, or equivalent certifications
| 7 | Preferred | Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis.
| 7 | Preferred | Possess a solid understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST, PCI DSS, HIPAA, CIS Critical Controls)
| 5 | Preferred | Experience with Email Threat Management (i.e. Proofpoint, MimeCast, Microsoft)
| 5 | Preferred | Experience with Cloud Enterprise Network Security (i.e. Cisco Umbrella, Palo Alto, ZScaler)
| 5 | Preferred | Experience with SIEM engineering design/management/analysts (i.e. Splunk, Rapid7, SumoLogic)
| 5 | Preferred | Running and handling the Incident Response Team (IRT) and procedures in the SOC Division
| 5 | Preferred | Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks
| 3 | Preferred | Understanding of cloud based solutions such as AWS, Azure, and/or Google Cloud
| 3 | Preferred | Experience in performing the forensics by using the toolkit FTK / Autopsy etc.
| 1 | Preferred | OSCP, CISM, GSEC, CEH, CISA, CCSP, CNFE desired
| 1 | Preferred | Symantec Certified Specialist (CloudSOC, DLP); Microsoft 365 Certified: Security Administrator Associate

this requirement is insane. You need sever people to take care of this many functions..

Sounds like old employer. They disbanded and laid off the Forensic IT Security team. Then claimed WE would take over all their job duties in addition to our own.

I hit them with WE? While walking out the door to another job.

I had a feeling they would pull some fukk shyt after only being there a few months. So I immediately started job searching after only 3 months and was gone after 6 months. Months later they still post my old job now with two job titles combined.

Good luck with all that. These foreign IT Managers are a bunch of lapdogs. Who live to get abused by Companies.

 

[Sonny Bonds]

I really hope today’s interview goes well. My current job continues to be trash.

I asked my friend who referred me for the job about my status. They’re waiting for all the candidates to finish the interview round that I just did before updating anyone.

I’m going to apply for more jobs in the meantime.

 

[Mirin4rmfar]

Trying to land me a second remote or third remote job. I know someone working three remote jobs right now . I am not trying to work two cyber security jobs.

 

[Carlton Banks]

Years of experience required per function below:

| 8 | Required | Experience working in Cybersecurity space
| 6 | Required | Experience with Data Loss Protection/Cloud Access Security Brokers (i.e. Symantec, Microsoft, Bitglass, Netskope)
| 5 | Required | Experience with Vulnerability Management Systems (i.e. Rapid7, Tenable/Nessus Scanning, Qualys). Establish vulnerability management program using systematic scanning, risk evaluation, and coordination to remediate or mitigate identified vulnerabilities
| 5 | Required | Experience with Endpoint Detection and Response (i.e. EndGame, Crowdstrike, CyberReason). Detect and respond to alerts from end point detection response tools
| 5 | Required | Experience prioritizing top threats and likelihood for data loss vectors
| 5 | Required | Experience developing API use cases, scenarios, requirements in support of integrations with other platforms
| 5 | Required | Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and lead and work as part of a team
| 5 | Required | Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
| 5 | Required | Ensure proper metrics, analysis, and reporting for continuous process improvement. Provide escalation support and document resolutions for improvement.
| 5 | Required | Monitor external data sources (e.g., cyber defense vendor sites, US-CERT, OpDivs, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine issues that would impact the enterprise
| 5 | Required | Experience in creating, documenting, and maintaining policies, procedures, and workflows
| 4 | Required | Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field. Master’s Degree a plus
| 1 | Required | CISSP, CCSP, CEH, or equivalent certifications
| 7 | Preferred | Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis.
| 7 | Preferred | Possess a solid understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST, PCI DSS, HIPAA, CIS Critical Controls)
| 5 | Preferred | Experience with Email Threat Management (i.e. Proofpoint, MimeCast, Microsoft)
| 5 | Preferred | Experience with Cloud Enterprise Network Security (i.e. Cisco Umbrella, Palo Alto, ZScaler)
| 5 | Preferred | Experience with SIEM engineering design/management/analysts (i.e. Splunk, Rapid7, SumoLogic)
| 5 | Preferred | Running and handling the Incident Response Team (IRT) and procedures in the SOC Division
| 5 | Preferred | Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks
| 3 | Preferred | Understanding of cloud based solutions such as AWS, Azure, and/or Google Cloud
| 3 | Preferred | Experience in performing the forensics by using the toolkit FTK / Autopsy etc.
| 1 | Preferred | OSCP, CISM, GSEC, CEH, CISA, CCSP, CNFE desired
| 1 | Preferred | Symantec Certified Specialist (CloudSOC, DLP); Microsoft 365 Certified: Security Administrator Associate

this requirement is insane. You need sever people to take care of this many functions..

Plus you gotta be 22 years old and have 100 years experience.

That's why I mentioned earlier some of these recruiters are just looking for unicorns. You won't even utilise half that shyt on any job.

Yea this pandemic has made muthafkkas extra brazen with the bullshyt.

No cap

 

[HoldThisL]

Brehs in here, how do you guys find the motivation to learn this IT stuff?

One week I'm excited to learn new concepts and things. Next week I don't care about learning it anymore. I don't have that drive and I feel like something is missing for me.

Then I feel like I am so far behind too in this IT shyt, no degree, no connections, nothing at all but some PC technician experience and general knowledge of AWS

 

[Suicidedoorsonabuick]

For someone without experience trying to get in the industry. Would y’all recommend me trying to get A+ certified or just skip to network+??

The A+ is designed for people who literally have no skills in IT what so ever, so unless you never built a pc, fixed a pc on your own time, or set up routers/ printers then yeah go for it. But beware the A+ is kind of catch 22 since you can get a help desk job with out it. The net+ / Sec+ you should definitely get since most of things you learn you will use on the day to day.

outside of that you should get a good grasp on linux systems, scripting, microsoft 365

 

[Suicidedoorsonabuick]

Brehs in here, how do you guys find the motivation to learn this IT stuff?

One week I'm excited to learn new concepts and things. Next week I don't care about learning it anymore. I don't have that drive and I feel like something is missing for me.

Then I feel like I am so far behind too in this IT shyt, no degree, no connections, nothing at all but some PC technician experience and general knowledge of AWS

IT is one of those fields that you either love it or you don't. If the concepts don't come to you somewhat easy your going to have a rough time with the majority of this stuff.
Do you do any fun IT projects in your spare time? or are you 100% only doing this for the money?

 

[JT-Money]

Brehs in here, how do you guys find the motivation to learn this IT stuff?

One week I'm excited to learn new concepts and things. Next week I don't care about learning it anymore. I don't have that drive and I feel like something is missing for me.

Then I feel like I am so far behind too in this IT shyt, no degree, no connections, nothing at all but some PC technician experience and general knowledge of AWS

I hate IT work with a passion. But will learn anything for the chance to make more money. I'll only put forth effort to learn something new if it means a pay raise or promotion.

 

[Mirin4rmfar]

Brehs in here, how do you guys find the motivation to learn this IT stuff?

One week I'm excited to learn new concepts and things. Next week I don't care about learning it anymore. I don't have that drive and I feel like something is missing for me.

Then I feel like I am so far behind too in this IT shyt, no degree, no connections, nothing at all but some PC technician experience and general knowledge of AWS

Money and lack of trust in companies. . I suffer from extreme lack of trust in companies. I have seen way too much. So I am steadily adding to my repertoire because they are paying for it. I need to feel comfortable that If I get let go, I give myself the best opportunities to bounce back and get a new position. You don't control your own fate, upper management does, so you need to do what you have to do to make sure you good.

I don't really care for I.T work, it is the money I care about. I am also no longer driven by hard work, I am more focused on finessing. I work one job working 40 hours a week while I have friends that work two within 40 hours and double their income. That's my primary goal now.

 

[KingTut]

I am burnt the fukk out fellas. Seriously considering turning in my two weeks and taking a break from working for at least 6 months.