Cybersecurity/Info security career

Quote:

Originally Posted by Unregistered

If starting out or finding a new direction in infosec career, can look at cloud security. Had a job interview with Big 4 partner who didn’t think pentest is lucrative anymore and wants to focus more on cloud security since both everyone in public and private sectors is migrating to cloud.

consulting is where money can be c harged. pen testing is comoditised and profit margins are depressed

All, I'm going to interview for a senior sec ops role. Basically defensive security. Vulnerability mgmt, incident response, managing IDS/IPS etc.

I have 5 years exp as a sysadmin doing incident response, troubleshooting, asset mgmt/security, and all the general infra/network IT stuff.

I also now have 1 year exp in sec ops doing incident response, writing SOPs, providing user trainings, and all the typical ops stuff (IDS/DAM/IAM/EDR/SIEM etc). Never did SOC though. Had vSOC for that.

I have Sec+ and Cysa+ but no CISSP yet.

Any idea what kind of salary I should be asking for? According to the recruiter, it apparently goes up to $9k but I doubt I have enough specialised security experience to ask for that.

So which company is a good place to learn and start my info security career

Quote:

Originally Posted by Unregistered

If starting out or finding a new direction in infosec career, can look at cloud security. Had a job interview with Big 4 partner who didn’t think pentest is lucrative anymore and wants to focus more on cloud security since both everyone in public and private sectors is migrating to cloud.

... there is more thing to test and check in cloud env. that partner probably too out of touch with technical.

Quote:

Originally Posted by Unregistered

All, I'm going to interview for a senior sec ops role. Basically defensive security. Vulnerability mgmt, incident response, managing IDS/IPS etc.

I have 5 years exp as a sysadmin doing incident response, troubleshooting, asset mgmt/security, and all the general infra/network IT stuff.

I also now have 1 year exp in sec ops doing incident response, writing SOPs, providing user trainings, and all the typical ops stuff (IDS/DAM/IAM/EDR/SIEM etc). Never did SOC though. Had vSOC for that.

I have Sec+ and Cysa+ but no CISSP yet.

Any idea what kind of salary I should be asking for? According to the recruiter, it apparently goes up to $9k but I doubt I have enough specialised security experience to ask for that.

I would say you can actually ask for at least $7-$8k depending on the industry you are gonna work for, FI definitely can pay at least $8-9k no issue. But before you go for the interview, do know what is your career path and see if it aligns with your goal.
So basically, SOC engineer or SOC analyst?

can someone enlighten what is SI?

means systems integration. ***t job always fight fire and rubbish client demands. if go wrong, you be scapegoat

Is CSIT a good choice for a fresh grad? Will I be able to learn a lot there?

Hi all, may I know what is the salary range and overall expectations for local consulting companies? Saw online some examples are horangi, wizlynx, trustwave and ensign. Is there any comparisons for those listed above or are they very similar?

Quote:

Originally Posted by Unregistered

Hi all, may I know what is the salary range and overall expectations for local consulting companies? Saw online some examples are horangi, wizlynx, trustwave and ensign. Is there any comparisons for those listed above or are they very similar?

no one's gonna reply you lol