PaulDotCom mailing list archives
Re: [GPWN-list] breaking in to security, trying to get answers
From: Tony Turner <tony_l_turner () yahoo com>
Date: Mon, 20 Feb 2012 13:58:54 -0800 (PST)
My contribution to the topic is a bit of a no-brainer and is how I got my start. "You don't need a security job to do security work." I accomplished this at a previous job by identifying failures in our standard build documents for desktops and servers and documenting ways to automate the process and updated hardening recommendations. Machine deployment became faster (tangible business benefit) and configurations were more uniform (more tangible business benefits by decreasing support costs) while greatly improving overall security (WIN!). Did not take me long after that to make the jump to the security team once they saw the reduction in malware related incidents. Find ways you can provide value NOW. Don't wait for someone to hand you your dream job. I filled out the survey and encourage others to do so as well. -Tony ________________________________ From: Brian Erdelyi <brian_erdelyi () yahoo com> To: PaulDotCom Security Weekly Mailing List <pauldotcom () pdc-mail pauldotcom com> Cc: PaulDotCom Mailing List <pauldotcom () pdc-mail pauldotcom com>; GPWN <gpwn-list () lists sans org> Sent: Monday, February 20, 2012 11:26 AM Subject: Re: [GPWN-list] [Pauldotcom] breaking in to security, trying to get answers Good survey. Don't underestimate security incident response and handling. I think a lot of people may come from a help desk background. My biggest advice is for people to build skill and experience in a particular technology first. Your first job may not be security related, however, as people trust yor skills you'll be able to transition to more security centric roles. Know how to work with people!!! To build street cred I also suggest people be active online in discussion groups and other projects. Do research, blog and publish articles. Eventually you'll get a reputation for knowing your stuff even if it's not work experience. Being recognized as an expert or leader is part of the challenge. B _______________________________________________ gpwn-list mailing list gpwn-list () lists sans org https://lists.sans.org/mailman/listinfo/gpwn-list
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- breaking in to security, trying to get answers Robin Wood (Feb 20)
- Re: breaking in to security, trying to get answers CP Constantine (Feb 20)
- Re: breaking in to security, trying to get answers xgermx (Feb 20)
- Message not available
- Re: [GPWN-list] breaking in to security, trying to get answers Robin Wood (Feb 20)
- Re: [GPWN-list] breaking in to security, trying to get answers John Hoyt (Feb 20)
- Re: [GPWN-list] breaking in to security, trying to get answers Josh More (Feb 20)
- Re: [GPWN-list] breaking in to security, trying to get answers CP Constantine (Feb 20)
- Message not available
- Re: [GPWN-list] breaking in to security, trying to get answers Colin Vallance (Feb 20)
- Re: breaking in to security, trying to get answers Robin Wood (Feb 20)
- Re: [GPWN-list] breaking in to security, trying to get answers Tony Turner (Feb 20)
- Re: [GPWN-list] breaking in to security, trying to get answers John Hoyt (Feb 24)
- Re: [GPWN-list] breaking in to security, trying to get answers Brian Wilhide (Feb 25)
- Re: breaking in to security, trying to get answers Kevin Shaw (Feb 26)
- Re: breaking in to security, trying to get answers Russell Eubanks (Feb 26)
- Re: breaking in to security, trying to get answers Robin Wood (Feb 26)
- Re: breaking in to security, trying to get answers Brian Wilhide (Feb 26)
- Re: breaking in to security, trying to get answers Butturini, Russell (Feb 26)
- Re: breaking in to security, trying to get answers Kevin Shaw (Feb 26)