Re: breaking in to security, trying to get answers

[Brian Wilhide <brian.wilhide () gmail com>]

I started from a university, and picked things up quick.  I spent a
year as a full-time intern with Sourcefire, plus finishing up my
degree.  I found that the school’s don’t do practical labs though,
students need to have the drive to take everything they teach further,
and spend time at home learning the useful parts of what they teach.

They do have competitions like CCDC that help students learn quickly
and expand realistic skills.  Furthermore, some schools put a lot of
effort into having the teams do well.  In University of Maryland:
College Park, they have one of the guys from their incident response
team help the students to prepare.  The required education for a
degree makes the students get a lot of information from a lot of
disciplines, but fails to make sure students understand the basics of
each.  Some Community College’s have more practical labs that teachers
actually use during classes, but its rare for any school as they spend
5-7 years fighting politically after its built to adopt it into their
curriculum.  Now if only they didn’t limit students entry to CCDC so
much.

When it comes down to it, a degree helps you get into a interview and
a little more money on the backend, but it is technical skills and
additional projects that end up deciding if they are valuable.
Programmers from school also never are taught secure coding, nor do
they typically teach efficient coding.  Again it is up to the person
to take everything further.

Brian
www.unallocatedspace.org
--
Teach
Learn
Party

On Sun, Feb 26, 2012 at 2:47 PM, Robin Wood <robin () digininja org> wrote:
> On 25 February 2012 11:30, Kevin Shaw <kevin.lee.shaw () gmail com> wrote:
> > I went the start from scratch route, after doing help desk then moving to
> > something like post sales and QA, my resume was picked off monster because I
> > was located near the place that needed entry level type intrusion analysts.
> > Back then getting moved or promoted into other areas was easy if you
> > demonstrated aptitude and a willingness to learn more. I think the same
> > holds true today, but finding those doors in can be harder with established
> > SOCs and similar who often are more critical of experience and may be
> > looking for more senior people. You almost need an internship type program.
>
> Seems to be the way most people over 25 or so got into it, under that
> age people are going to uni to study it and coming in directly.
>
> Are there any employers out there who have taken on people directly
> from university? How do they go, without the background do they manage
> to pick things up and if so how long?
>
> Robin
>
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom () mail pauldotcom com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com