Generally it is okay. As alot of Org use Splunk as a SIEM. Understand the concept and fundamental. As SIEM is almost the same - as in the Correlate or use case mechanism. some org might move away from Splunk in the future, yes and no. As the market of SIEM is pretty competitive. But i would say.. most or.. all SOC require a SIEM. it is just which one? As different SIEM is be selected depending on the threat eco landscape or the security products the company select.

Good luck

Depends whether inhouse or vendor, SIEM is a good way to get into security engineering as you will understand more on devices when you do log source onboarding and logs digestion.

Thanks for your reply. In your opinion, is inhouse or vendor better?

Thanks for your reply. I agree on your point about understanding the concept and fundamental. Even if companies move away from Splunk in the future, the knowledge on logs correlation/use case will still be valuable.

Depends what your goal? Inhouse will be admin, vendor wise will be engineer mostly. I know E***** hiring vigorously for their splunk team, please dont tell me you're going there...

If you are looking at SIEM, now they normally will integrate with SOAR. (Partnership / acquired by the bigger companies (SIEM))
Like Splunk is working with Phantom
Palo Altos works well with Demisto (Cortex)
Qradar with Resilient.
Though most SOAR would be able to work with most SIEM but somehow they do have a preferred one to a certain extend.
If you could - pick up SOAR piece as well. so that you could be more complete.

Anything wrong to join "E N S I G N" ?

hahaha what's wrong with E*****? Heard from people in the industry it's one of the better one among the SI leh...

Externally very glamorous and well but internally not very structured and reorg every other year so far since conception 2019. Staff retention is bad, and recently hiring alot non it staff to train while more experienced ones left.

Pb/vb slightly higher than other SI, pay and increment is worse than the other SI unless you from their "royal" family.

More of vendor management instead of hands on for engineers.

Have been through a few SI, definitely wont be going back to ensign ever again...

This company renamed from eCop to Quann to Ensign. As per the idiom, change soup but never change herbs, the foul odor still remains.

This is very true. The pay and increment is very bad...

hahaha dunno gonna change name again or not..

but under temasek leh lololol got mother temasek.

E confirm better than N la hahahaha

hi everyone, havent come in here in a long while and was surprised to see that this thread has 10 pages lol. Anyway, just to share my short experience working in IT cybersecurity industry as a cybersecurity engineer.

Maybe it is the place i was working at or maybe it is the domain i was in but I realised that the average cybersecurity engineer are not very skilled...basically we are like glorified IT worker la.

Secondly, i found out that cybersecurity doesn't really pay well and there's many weekend/sudden jobs at night. Again, this might be due to the place I was at/the role I was in so YMMV.

I think that those who are very skilled and most probably pays well are working in areas such as pentesters, malware analyst so try to aim for that area if you are really passionate about cybersecurity.

Anyway, I left my previous company in less than a year and transitioned to software engineer at a bank. If count my basic pay, I got a 80% increase in salary. So for those who are reading this, if you dont mind doing programming, just be a software engineer unless you really got passion for cybersecurity lol.

Cyber security is very important! For example, if you download a pirated program. Among its files, there may be one or more infected ones. A click on a suspicious news with a screaming headline, along with a transition to the site, can open a loading tab with a virus for a split second. Sometimes whole free programs or utilities like various "accelerators" of the computer can be created only for the purpose of spreading a virus sewn into them. If you use the same password on many sites, then if one of them is hacked, scammers will be able to gain access to your other pages. Hacked accounts can be used to send spam, fraudulently extort money from your friends and colleagues in social networks, to restore and change passwords to Internet banking, and much more. You can protect yourself by using https://jealouscomputers.com/strong-password-generator/ so how did this help me!

The real money is in the product vendor side. Big boys like Palo Alto, Fortinet, Cisco, F5 etc all pay boatloads of money - easily twice or thrice that in SIs.

The high earners in cybersecurity are those in product vendors - pay is easily 2x to 3x of those in SIs.

Can share some examples of companies/roles? No way the pay is 2x to 3x of SIs la unless you talking about C level positions..

I don't think SIs can pay 15k basic for individual contributor positions...? Yet it's pretty common for MNC product vendors..

wow 15k basic for individual contributor! I don't think department heads in SI can even reach 12k hahaha.

early 30s here, always been in big tech firms doing cyber...current salary at 300k per annum covering multiple regions in asia as a consultant for cyber...weekends usually off and we have a large team managing 24x7 escalation

working hard to get a promo by mid 30s to get around 400k per annum...

local U grad here and has been lucky to fasttrack throughout my career...born and bred here in sg and of course, served ns...

There we go.. and you're doing way better than me (getting only ~240k OTE). I'm aiming to reach your position even though I'm now nearly mid-30s, so am lagging behind quite a bit.
Are you in a sales/presales function? individual contributor?

Please share some companies and roles. Thanks

I don't think any of us will post the company and role here as it's a small world.
But you can get actual/real numbers by going to mycareersfuture, search for "cybersecurity" or "security", and filter by salary "15000" etc. These are actual numbers.

If cannot share companies, maybe can at least share the roles or industry?

I'm the 300k guy...

I'll be frank and upfront about the opportunities above 300k so you can perhaps inspire toward my path. All offers I get are above 300k. These offers are only possible for global tech companies covering regions, usually asean or entire apjc. For local companies, they will quote that I am too young for such a salary, or that I'm too expensive. Usually 300k and above is 15+ years tenure for local companies and is managing a large team of cyber-security folks.

At global tech companies, 50/50 to be individual contributor or to manage a large team of very smart and talented individuals at this salary range.

Usually they dont care about nationality at this level, but care about your ability to solve very tough problems that has not yet been solved or has very little people who can solve it at a regional level.

Each job opening has more than 200+ applications across the region. So you're competing with people who are very good at English, very good at getting certified, very smart, knows matrix organisation, can make very difficult concepts easy to understand, and can solve large scale complex problems.

How to get such a job? Update your LinkedIn, get certification like drinking water, be articulate, stay sharp all the time and always be there when needed. All my offers are via headhunters directly from the companies.

Thank you so much for sharing!
Would you be able to also share what type of roles/responsibilities would the ~300k indiv contributor jobs cover? Solutions architect role? Presales? Or highly specialized, highly technical roles?
Also, is the 300k just base salary? Or annual package?

There's a few categories of cyber-security jobs that pays above 300k per year.

1) top sales in cybersecurity for a region. Usually the top sales guys or management level for a region and above. Else, average is 100k to 200k+. Again, this is for global tech companies.
2) top presales for cybersecurity in a region. Most presales are 100k-200k once again. You're usually the top guy in the region in the company for a global tech organisation.
3) engineering. Usually top person in a regional or global team for a large tech company.

There's varying pay, but usually the bigger region you cover, the more prestigious company you work for, and being the go to person inside the company usually can get 300k+.

Most of these jobs, in fact, I have gotten around 5 offers above 300k, and all are via headhunters who work for these large tech or large cybersecurity companies. Interviews are generally very hard and need to spend a lot of time on it. Feel free to ask any other questions and I'll try to give my perspective.

Thanks for the insights!
Just to ask, is the ~300k just the base salary, or the annual package?
It's mind-boggling how much they are willing to pay, and I thought I was already getting paid quite well (almost 200k base) as a presales.

1. Which certifications do you have and which one open the most door for you (other than CISSP)?

2. How many years of experience do you have?

Can you elaborate the route you took to get there starting from your fresh grad days?

As Presales , do you have sales KPI pegged to you ? Or more of the sales that’s you have supported ?

Also curious about this headhunter thing, there seems to be many Recuriter who proclaim that they are “headhunter”. I really doubt if that is the case.
Seems to be pulling out job advertisement from those tech company and liase with the Recuriter or hiring manager to find them the candidate

1) what certifications do you have and which one opens the most doors for you (other than cissp)

2) how many years of experience do you have?

3) do you jump companies very often? Like maybe 2-3 years? I have seen people who jump every 1.5-2 years and they seem to be doing very well. What do you personally think about this?

What is a typical day like for presales role?

Thanks for sharing!

Presales usually have no sales KPI - although the comms is tied to the sales person, there's no pressure to hit the target. As long as you're competent in giving demos/presentations, understand your product well and technically proficient + able to quickly understand the customer pain points, that's it. Quite low stress to be honest compared to salespersons, though of course the max salary is more "capped" even with accelerators.

I work for Google cybersecurity team.

Short intro,

Grad from NTU CS degree, interned at google data center for 6 months. Converted to security engineer then Google Security Cloud specialist. When I was 15 I created runescape bots, around 16-17 I created dll injectors for popular games... ( maplestory, etc ). So I was quite into it before I even entered uni.

anyway
Current pay: 14.5k ( annual around 200k+ with bonuses ), started at 6k when I first join
YOE: 5+ years

Every morning I'll do some quick devops task, check servers etc. Then I'll pen-test intern projects and teach them. By noon I'll have a few meetings and discuss with teams. for the most part i deal with vulnerabilities related to google services. google maps etc.

( here's a funny story, google maps used to leak people's real time location... so paparazzis would always use them to track celebrities. fixed in mid 2020 alr. )

1) How many years of experience do you have (maybe can elaborate on your role progression)?
2) What certs do you have and which one open the most doors for you (other than CISSP)?
3) You mentioned that interviews are generally very hard, can you elaborate more on the interviews, what kind of questions should one expect?

Nice share. Could you share about Google's interview process for cybersecurity team? Everyone knows about the stringent interview process for software engineers in FAANG and how to prepare for it such as grinding leetcodes. What will I expect for the interviews for cybersecurity team in FAANG?

anyone here know about cybersecurity career in LTA in terms of salary, progression, benefits, etc. ? the CISO there seems popular haha