I will choose big4 .

As for soc analyst from cyber security company , my friend did feedback is like a guard job .
Stare at screen ,escalate , most of the time watch or play game ..

MNC internal soc team > Cybersec company soc team

The SOC role offered is from a cybersec firm and I’ll be outsourced to one of the government ministries to do monitoring/incident response (not ensign haha). Ideally my career plan is to head to an ops/technical role at the start of my career before heading to governance/risk/strategy role at the later stages. Am leaning towards the SOC role cos I’ve heard horror stories about the Big 4 culture. Not sure if it’s the right path. And yup the SOC role pays better but pay isn’t really an issue for me now hahaha more towards progression

I received an offer to join cybersecurity vendor in their R&D department. Is it a good place to kickstart my cybersecurity career?

better don’t take outsource . You will regret !

Like so chim ..

exit option not look at firm or branding lei.

If you are from a rubbish firm but have alot of certification such as CCT, you think no people will hire you?

Rubbish firm have cert is not ideal. Why not have both

bro, he say exit option lei.

anyway, the firm can be good but team rubbish, you also wun stay.

most important i think is self development, as long as you got the skill, i dun think you need to care about exit option

Consulting will always have better exit options. SOC doesn't make you stand out nor give you the breadth of experience that consulting does.

Agree .

I work in SOC before and i can said big 4 have better exit options .

What about R&D? Is it a good place to kickstart a career in cybersecurity?

Data scientist ?

I feel consultant better .

can know more customer and have opportunities .

R&D Engineer! I've tried Security Consulting before at N** though.. Don't really enjoy the nature of the work. xD

N T T is hell place ...

Been reading posts from other threads saying how Big 4 isn't as prestigious as it used to be/not the best place to be at for fresh grads etc.....

How true is this in the cybersecurity space? is it the best place to be at to start a career in cybersecurity?

i think it is eziler to get in to big4 freshgrad as some of the hiring manager hire base on your attitude.

Some of the other consulting firm will be harder to get in as they expect you to already have some basic hand on cert or you can break some of the VM boxes which they prepare for you during the tech test

easier to get in but do note that stuff which require certifications, you would not be able to do.

that why a lot of people in big 4 got no cert. do nothing get high pay

5 years in the industry and currently doing Security Operations as a threat analyst. I’m thinking of jumping into security governance, compliance and risk line. Would that be too big of a jump? Have CISSP and taking CRISC next.

How much can a fresh grad with OSCP (working towards crest) and CTF experience expect to make in a consultancy? Looking at different roles like pen testing & threat hunting.

same same as other fresh grad, at most eziler to get a job.

WHY?

everyone also have OSCP.....

experience still matters. probably just a bit higher than a fresh grad with no experience and cert but definitely not higher than someone with experience and no cert

$3200 . Less than blue team

if got crest, then try orange. you can get 5

Fresh grad can’t get 5 even CREST .

2.5 - 3.5k Max

How much does a pentest/red team lead with 10 years of experience earn?

you sure?

4k basic and 1k crest bonus.

it depend whether you are talking about people like sunny neo or those self proclaim red team lead with only OSCP?

You will be clueless and need guidance for 2 years.

I mean private sector. Not government agencies like CSA

If you have the cert, should be 5 digit.

10yr experience with CEH vs 5yr experience with CCSAS, the pay different will be very big. that why cert is important.

lol who is sunny ? You seem to have a problem with him.

Then what certs do red team leads need to have?

if there is a need to ask this question then the person is probably not a good fit to be a red team lead.

Any splunk engineers/admin here? I have a job offer which will be mostly working on Splunk. Wondering if it's a good opportunity or is it too niche?

crto, crte, paces, crtp, eCPTXv2, osep

what does this have to do with cyber security?

Many companies use splunk as a LMS/SIEM

Splunk is cyber security analysis tool.