govtech deals with state sponsored threat actors / apt groups also

c2 sector lead for sg govt is govtech

tension btw csg and csa when csa first launched over scope of work

this might be true but you cant deny govtech's branding to other tech firms and to other CS as well. maybe not all teams in GT but surely advanced cybersecurity capabilities in GT is quite renowned arguably more so than CSA or HTX.

yes and top tier talent among whom is the infamous president scholar and top hackerone and top mindef bug bounty boy spaceraccoon

google him

Heard ACC has quite a number of uni valedictorians there... crazy competition

Turnover at GT is also crazy. Obviously not a bed of roses.

Yea but CSG is quite good already based on the stats at the last GTechCon

Depends what an individual wants. No judgement. Pick the agency that you are keen. CSA has its pro too if the scope is what one is looking for. At least people are nice.

Let's not forget that there are specialisation cert given as well after the foundational phase.
Many went on to acquire OSCP, CREST, CRT, CISSP, CRISC n Cloud Certs at the end of the programme.

So are u still there?

How is it that this is your only takeaway from what the above poster said? At this point its less about the actual certs obtained (as above OP mentioned u can take up more relevant ones yourself) and more about the agency and brand equity as a whole.

Dont miss the forest for the trees my friend.

Best summary!

Thanks for sharing. Just accepted the offer this week.
I think there are pros n cons.. I am glad to be given a chance to step into the industry.

Freshie or mid career switcher? Xan share more about the application process and tips?

Other agencies also sponsor certs (even SANS!!!) so I'm not sure what the big deal with CSDP certs

Spoke to my seniors who are from the programme. They said it is a good start to their cyber career. Will be accepting. Thanks for all the comments.

Anyone managed to get into csdp on second try?

u failed interview and want to retry?

maybe didnt meet shortlist?

Did you manage to get the interview? I also more than 2 weeks no reply

Passed the interview but I rejected the offer. Joining FAANG instead.

if can join fasng, why even bother interviewing lol

hmm govtech or CSA better? hehe

go private, it can boost ur resume...unless super like pushing papers

Govtech CSG liaise with govt stakeholders while CSA interacts with broader CII sectors (which includes pte stakeholders). Depends on where your interests lie but CSA is seen more as a regulator for industry.

Hi, can anyone break down the day in the life working in CSA? Like how busy can your day get and how exciting or boring your job scope is?

govtech. they do the advanced tech research and work. pay is higher and the people there are also much more technically competent

csa like others have said is a regulator

CSA got a big pool of Cyber folks. Am sure they are not just doing a regulator job!

press x to doubt...... u sound like u are not even from CSA or GT

right on. different dept have different focus with regulation forming only a sub section of the agency.

seeing a lot of comments regarding the CSDP scheme, my 2c and general feedback

pros:
+basic salary 4.x
+training opportunities (good)
+occasional training with reputable organisations and strategic partners
cons:
-training opportunities (bad)
-free certs with that grant absolutely no recognition in places that are worth their salt (CEH is seen as a negative value for some orgs)
-honestly speaking you might be better off paying your own and getting better intro level certs, it's not that expensive
-no autonomy in training, you are sent for training without your consulation on your interests or based what you already know
-not much hands on as we are a regulator, no getting your hands on data (see below)
-usually no visibility into what other parts of CSA are doing

summary:
-might be ok to start, but don't stay here too long

general csa:

+either plenty of free time and work-life balance or very busy depending on department
+strategic partnerships with many organisations
+training opportunities

-for technical folks, total annual salary packages are below market rate and will never keep up with inflation, especially for technical farmers
-bonus takes up large % of total compensation, depends on your performance grade/rating
-grades are given out on a bell curve, but technical people are not valued here, scholars and eunuchs are and they get most of the good performance grades
-demographics and DNA of this organization's senior and middle management are heavily skewed towards ex-military personnel spending the bulk of their career in non-cyber domains
-people with actual technical cyber experience in private sector are in an minority-most that join do not stay long, you will most likely not be able to learn and experience technical mentorship and guidance
-as the regulator, it is by design that they do not own any assets, and this means you will not be able to do pentests, take concrete and measurable interactions on threat intel, perform threat hunting at will or investigate incidents with any meaningful frequency
-thus for those looking to do actual cyber work, your amount of hands-on experience/year here will be a fraction of what you gain while working in other firms
-your work duties here will include usually include 1 or usually several other miscellaneous tasks not related to cybersecurity, as with any other civil service job-there is no concept of a purely technical role
-knowledge management in most teams/departments is very poor and almost non-existent across teams/divisions
-knowledge exists mostly in email, and old-timers just keep all the information to themselves
-knowledge sharing internally is few and far between, culture does not reward and encourage the rare few that try to do this
-they are in cybersecurity but they have little to no software dev capability internally, large reliance on external vendors and being at their mercy
-significant % of middle management and permstaff are happy to coast and farm the salaries here and show no drive to innovate
-the average tenure here is less than 2 years but they conduct employee surveys less frequently than that, and draw flawed conclusions about sentiment and effectiveness of policies
-new joiners are increasingly forming a large % of the organisation via the CSDP program, some departments have also given up hiring people from private sector
+new joiners are inexperienced but enthusiastic compared to the average permstaff
-WFH % will only decrease as COVID eases up, management tends to like to see staff in office
-internet surfing separation means that you will have to carry 2 laptops everywhere you go to work effectively, you will not be provided a separate internet machine-source your own.

this place is what it is, if you feel like you are stagnating or not growing just leave.
infosec roles are in major shortage right now at all levels


thoughts on this then? ^^ are the cons of CSA true as listed above? if so, certainly not a bed of roses. feel free to chime in on the positives as well.

Quite a number left to join the industry, think the skills they developed on the job is relevant. Pay cannot match the industry though

I thought they are revising the salary?

3 to 5%, letters are sending out

part 1,

later half will hve part 2

Guys, I need some advice. I'm in my mid-30s with kids, currently earning 7k per month, but my interest in my current job is declining. I’m interested in cybersecurity and thinking of a career switch. Should I continue to stay in my current position or venture over and get a pay cut, hoping to get back my current pay in 1.5 years' time?

so whats yours?

Why you so sure you can get back in 1.5 yr.

Normally that pay is manament level.

7k in cyber is a junior-mid role pay

How long to reach this level for someone who is starting afresh?

Min 5 short years...more and more talents in the market now....remember the gate is open