Re: Career Advice

[Michael Dickey <lonervamp () gmail com>]

Oh, and I'd also suggest Googling yourself and seeing what's out there for
you. If there's not much, start commenting on other blogs, posting on yours,
contributing to security mailing lists, forums, and so on. I often Google
security guys who touch my enterprise and I truly do make judgements quite
quickly (and I'm sure every hiring manager does the same and more). No
security-related posts at all? Probably not a geek and I admit I'll not
expect much from them. Lots of involvement? Well shit then we can geek out
together and have a smashing good time! The stuff found doesn't have to be
amazingly deep and badass, but just seeing involvement in things like
security-basics mailing list, twitter security groups, and an exotic
liability forum presence says enough to me.

If your name isn't very uncommon enough to be searchable, find a decently
unique screenname to go by!  (Or if you're like me, you have an old one you
can't drop because it *is* too unique to just let go!)


On Wed, Sep 8, 2010 at 6:55 PM, Michael Dickey <lonervamp () gmail com> wrote:

> I'll probably say the obvious that you already know, but...
>
> With your experience, picking up a Security+ cert should be easy. Likewise,
> I doubt you'll have too much trouble with a CISSP, given purchasing a book
> and getting signed up to take the test. People who geek out about security
> and are surrounded by it either at work or at play should not have much
> trouble. OSCP is very cool, but don't fall into the unanticipated trap I
> fell into: clear off a month of time so you can get your cost out of it.
>
> Certs can really only help in the job search, and shouldn't hurt you.
>
> I'll second the items about being involved either in local security groups
> or in the greater online locations, like Twitter, blogging, and so on.
>
> Honestly, we need more people like you (and in a self-serving sort of way
> me, since we're in similar boats!) who have solid backgrounds in enterprise
> operations. Not only does that knowledge help in knowing the common trouble
> spots, but also to give real-world tips on Getting Things Done, instead of
> the often-times unrealistic expectations some may give who've never had to
> live with those recommendations themselves. Besides...being in ops means
> you've probably been in higher-pressure situations than any security-only
> people have ever been in. ;)
>
> The best part, though, and it applies to most any career: The first "real"
> job in that field is by far the hardest one to land.
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com