By telling them you have offers already and be prepared to walk away

You are doing risk right? Actually is quite common that risk ppl to have cissp with isaca cism, crisc and cisa plus some vendor cloud cert.

not really specific to risk only, I can do programming, scripting, architect, virtualization, cloud security.

nowadays with 1 skillset will not survive

the company has no reason to change their hr policy for you. if you think they are not compensating you fairly then tell them bye bye

yea guess i wont try to argue with them, I have more compelling offer coming.
bigger tech coy didnt even ask for my last drawn only ask for my credential and proof of employment.
guess the startup mindset still kicks in

What special of CISSP & CISM?

I saw a lot manager have but don’t have technical skill at all.

Difficult EXAM but it common now especially during covid where a lot of ppl wfh and have spare time to study.

Cism and cissp is actually common in a lot of senior or risk department.

Technical skill will not get you far in career.
I am looking for lesser hands-on dirty work to progress.

Everybody wanna be manager but nobody wanna do technical work lmao

Please guys, continue to be your PM don’t turn back!

Technical work for fresh grad, newbie to do lah

anyone tried applying UOB Technology Development Programme 2022?

420k per annum as a FAANG security engineer at age 32. Local uni grad. I interview for candidates across Asia Pacific who are paid 240-420k. Feel free to ask me anything.

how do you know the people whom you interview are being paid less than you?? :)

I am a fresh graduate who recently starting working in a cyber security company. I'm interested in a breadth of domains of cyber security and am slowly trying to gain as much technical knowledge as possible. Thankful my company enables easy switch between its teams and would ensure I can experience multiple roles. what advice do you have for such a person, who strives to reach a position such as yourself? Thank you very much for your help!

u join N sign ah?

heard this coy just throw you under the bus and figure out yourself

wow. how about ant see as or as tee

Every where same , swim yourself.

How u nego for that amount?

Not much negotiation frankly. Just prove you're competent and the companies will pay. The hr and management knows how much the market is paying. I've 10+ cybersecurity certs (all the gold standards) and have always been in big tech. I know both technical level stuff and strategic stuff and a bit of management (team lead). If you ask me to calculate encryption by hand I can do it. If you ask me about evasion techniques, I can demonstrate it. If you ask me about defense and how to tighten policies, I can do it too. I also code in python building automation in the cloud for incident response.

I consider myself above average in big tech. There's a lot more smarter people in faang who knows significantly more and deeper than I do. In terms of interviews if you're keen, yeah, I test candidates across multiple domains for breath and depth. From ha, Dr, coding, memory management, strategic, security compliance, Linux, cluster management, kubernetes etc. Normally we need the candidates to hit at least 75% of the questions, if not, we can't hire. as the work we do impact millions with every change or publication.

1) How to prepare for interview for FAANG security engineer? Leetcode questions?
2) What certs do you have?
3) What kind of security engineer (Pentest, Infra, SRE, devops, SOC/IR) ?

Ty! Self development wise, what advice would you give to somebody doing security ops?

what about sscp?
 

I've read through all the threads and realized no one mentioned SSCP as a cyber security personnel.

Want to go into path of doing day 2 security analyst(i think?) that does pro-active(prevention) checks on threats/attack, which roles are more suitable as I've checked across CareerSG, JS, LinkedIn but found almost none similar to this.

Any legit recommendations is appreciated.
TGIF peeps

Interested in cybersecurity but has no prior experience. Any company take in mid career switcher?

Can try Ensign. They quite friendly to mid career switcher.

Is this still a bad place? Not much good reviews from the first few pages

try PulseSecure if interested in pentesting

Any reviews on this company?

try oem vendors like fortinet, they are recently hiring SOC folks
if security doesnt work out for u, a cert from firewall vendor would be useful too

cookie cutter pen testing

Consider not bad for mid career switcher.

Which is just right for mid-career switcher, since the job will be primarily on bread & butter VA/PT, the learning curve won’t be that steep (for most).

I was from there. Flexible and homely environment.

Good place to learn? Where u move on to?

I just got CISSP but I'm considering working towards OSCP next to get my foot into pentesting. Is there any benefit in that? I'm currently in a security administrative/incident response role. No major shift work since we hire vsoc

Too many pentesters in the market. Nowadays, fresh grads from infosec degree are quite well-trained in school and can be fairly competent pentesters within a year. Can try look for opportunities at defenders side since you already have some experience (less "exciting" but also less competitive and very essential)

Hi guys, can you recommend me a few good companies for SOC analysts to start for entry level career. Thanks very much in advance !

Your side got pentesting

Pentester looks cool but real life doesn't.

Stick with CISSP become management and ask Pentester deliver for u.

Cissp need 5 yr of job exp to aquire and you properly wun be hired as a management directly as a fresh grad.

If you are talking about vendor management, I would advise you to avoid. Basically anything related to security you will throw it to the vendor, while you are doing the pmo job. Plus this role dun really need you to have much security exp, basically any ppl can do it mean that you can be ezily replaceable

Some of my friends stuck in that role cos they learn nothing and is very hard for them to exit.

If starting out or finding a new direction in infosec career, can look at cloud security. Had a job interview with Big 4 partner who didn’t think pentest is lucrative anymore and wants to focus more on cloud security since both everyone in public and private sectors is migrating to cloud.