Contact Form

Name

Email *

Message *

Tips for an Information Security Analyst/Pentester career - Ep. 25: The importance of grit

This time I'm not gonna talk about technical recommendations only, but I want to have a deeper look at what I think is the most important personal feature for you to have a successful cyber security career: grit.

If you want to succeed in this career, you need to love it no matter what, be willing to sacrifice and to seamlessly learn and up your game.
 Things change constantly in information security and you need to keep up, or you'll be out of job soon.

If that doesn't sound appealing to you, you're probably in the wrong career, so switch before it's too late.


After earning my Security+ certification, I'm personally having a hard time finding a job.

I'm having even fewer calls than before. I guess I'm halfway there, by now.

I can't be considered as a Desktop Support anymore and recruiters know I wouldn't accept shitty hourly wages any longer.

However, I don't have a lengthy specific experience, other than a short time as an analyst, and employers surely come up saying: "Not experienced enough", or "Not technical enough", or with whatever their excuse of the day might be.

I feel kinda like I'm knocking on heaven's doors (quoting Bob Dylan). I can see the golden realm, but I can't go in yet.

However, this post isn't about myself, but here I want to offer a contribution of hope and motivation to all the other guys who're approaching this industry and might feel like I do.

DON'T GIVE UP AND KEEP GOING!

Keep learning, making and breaking stuff, trying and trying until your head bursts.

Did you fail? Try it harder.

Didn't it work? Understand why.

When my commands didn't work, my Linux instructor told me: "Look back at your command. What did you do wrong? What should you have here? What did you miss?"

Maybe there was, I don't know, an extra space, or whatever, that I hadn't noticed before.

So I thought: "How could I miss that?" and I felt like an idiot, but that's his way of teaching.

I wouldn't make that mistake next. 

I wanted his esteem and then I went back to him and said: "Thank you, now I get what I was doing wrong".

Well, one thing I know is I need to thank that man for teaching me Linux. 

That's the only way that works for me.

You don't learn anything if you don't fail, you do need to fail miserably and that's what I do all the time.

You guys see my tutorials and I don't know what you think about them, but I give you what I state.

If the title is "Shell from SQL injection", you'll see me popping a shell from a SQL injection.

What you don't see, cause I don't show you, is the number of failed attempts, the times I cussed because a command or an attack didn't work the way I thought or I was described.

The number of times I have to start over because I messed up.

I don't show that, not because I want to look like a genius, or whatnot, but because I want you guys to make the most out of your time.

Why wasting your time with a worthless tutorial when you could really learn something from someone else, much more qualified than I am?

Recommendations

I want to close this contribution by telling you: stop making excuses.

If you want to learn and you're really determined to be a hacker/pentester, there's a bunch of free training available online.

This is a career, not a job.

It's very demanding and changes seamlessly.

So, if you don't love info sec and hacking, you'll burn out soon, because you won't have the determination and grit needed to keep up and stay current.

In the embedded video, I show some available training material, but I think going through the video presentations from the most important hacking conferences you can find on YouTube is very important.

There you can see demos from top guys in the industry, like Dave Kennedy, John Strand, Kevin Mitnick and so on.

As to myself, I'm gonna take a break and then I'll start thinking of my OSCP certification.

After that, I'll see where my career will go. 

If I don't find any jobs, I'll start freelancing by participating in bug bounties and being a hacker/security researcher, whatever..

I'm willing to do whatever it takes to succeed in this industry.

That's the main difference between me and other guys, maybe much better at this than I am.

I'm not gonna give up. Never.

That's why I'm willing to volunteer and help out anyone needing help.

I know it might sound desperate on my end but I don't care, I need to build experience and grow as a security professional.

I love what I do and I'm willing to do it even for free.

If you need help, feel free to contact me and, anything I can do, I'll do it for you.

Thank you for your time.

Episode 26

Episode 24

Comments

Related Posts Plugin for WordPress, Blogger...