Career Advice

[Josh Little <josh () zombietango com>]

 So, I've been trying to leave my job of 11 years for a dedicated
security position and have had little luck. I've had one set of
interviews, where I was passed on for what may have been team
personality issues - no big deal, these things happen. But I can't keep
but wonder if there is something I'm missing - well, I know there are
things missing, I just don't know how big a deal they are. What advice
would you guys give me, given the following:

- I've got some 13-14 years IT experience, with 11 of that being in the
enterprise sector in the advertising industry. The experience is across
the board - helpdesk, operations, network & infrastructure
administration, security, and web application work. The past 4-5 years I
have tried to specialize as best I could in security, while also being
required to perform the tasks of a network administrator, network
engineer, voice engineer, and "digital/web guy". Our entire network
operations team is only 5 guys for an entire multi-site enterprise
operation, so I cannot just work in one area. This is the main reason
why I am looking to leave - the breadth of work experience has been
helpful in doing the security work, but I want to be a dedicated
security person, not an NA that also kinda does security. Also, our
operation (and our industry in general) is not terribly concerned with
security for cultural reasons. We have very little management buy-in for
security initiatives. Even after incidents occur, management may be
concerned for a month or so before slowly ignoring the controls put in
place to help prevent another incident.

- I've "concentrated" on intrusion detection, network analysis, incident
response, and web app testing. This has mostly been out of necessity, as
these have been the areas most needed at my current job. I've dabbled in
other areas of security, but these are the ones that I get the most
exposure to. My skills are, I believe, decent but not awesome. They are
decent enough that I can reliably find compromises, explain why the
machine is to me considered compromised, find the source of the
compromise, and determine to some level how it came to be that way. I
obviously don't know if I am missing anything - I may just be able to
find the bottom rung of owned machines. There in lies problem number two
- I have no one to compare myself to or learn from. The security program
at my current place of work was developed pretty much by me and no one
else there has a strong security background beyond the basic security
concepts. I listen to PDC and most of the other security podcasts and
have no trouble following along and taking what is said and applying it
back into my own organization, so I know I'm not just a clueless n00b,
but I have no benchmark by which to compare myself. I've signed up to
the Security Mentors program, both as a mentor and a mentee, but have
heard nothing back from them. There are a couple local groups that meet
- one is attached somehow to U of M in Ann Arbor (40 minutes away) and
meets on a college students schedule. I'm looking into the local
Infraguard chapter.

- I have no certifications or special training. Everything I know I've
either learned on the job or taught myself. My job will not pay for
security training for me and I've found the cost of most training to be
outside my budget in the past. Would you consider this to be a big
minus? If so, where would you suggest I start? I'm not looking to spend
a year + taking classes and earning certs, mainly because I don't have
the time or money to do so, but if there was one, possibly two classes
to take what would you suggest?

I think I've got a lot going for me. I've gathered a good sense of
business, something that a lot of younger security guys don't have. My
skills are good, though just how good I'm not sure. I'm at the "strong"
part of my career (I'm 35), but I just want to make sure I take it in
the right direction. It's now time for me to make that next step, but
I'm not really sure if I'm in the position to do so. Let me know what
you guys think.

PS - If anyone is interested in taking a look at my resume, I can
provide that privately.

ZT

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com