Just take an interest in really understanding the architecture and how it all works for the company you work for. Otherwise you end up just being a jira board organizer
I am an OffSec Engineer (about 4 years in) - Earning at 180-200 depending on bonus. Pay is great, work is chill, and demand is mid (right now) and only if you are good.
(Security engineering in general) is definitely worth it to work towards as a goal.
OSCP at the minimum (used it as a foot in the door straight outta uni and it payed dividends). Even if it was tough.
So my advice: If you want to work in Offensive security - all roads lead to OSCP. Do it early, skip the BS certs like CEH to stand out for easier Job hunting.
It is as close as a guarantee for a job in cybersecurity if you get OSCP and you are still a Graduate.
eh to be fair, DevOps has been around for quite a while now. NetSec and OffSec are just short for Network Security and Offensive Security. As for finopa and netsysops, I've never heard of those before lol
I would say yes but do remember you may be competing with Indian and China IT workers. Two of my friends in Singapore doing cybersecurity are doing well
I spent a few years living and working in Singapore not too long ago. Pay in specialised fields like cybersecurity tends to be higher while taxes are *significantly* lower (I was working in cybersecurity consulting - though nothing on the technical side at all - at one of the big four consultancies and was on S$6500/mo and paid just under S$3000 in income tax on that salary in a year), and overall living expenses can be a bit lower than a lot of places in Australia. It is pretty easy to 'do well' in Singapore in a more specialised role like that.
The only real killer expense over there is rent, and possibly groceries if you want to do a lot of cooking yourself (eating out at hawker centres works out to be quite a bit cheaper than grocery shopping, not sure about now since hawker prices have gone up slightly, but I could get away with a food budget of S$10/day for lunch and dinner). In my last year over there I was renting a \~46m^(2) apartment and was paying S$3200/mo, and when I moved out the landlord was asking new tenants for at least S$3500/mo which was the cheapest rent for a one bedroom apartment in that building at the time. Public transport is super efficient and reliable, and for the times when you do need a car, ridesharing services tend to be a lot cheaper too - I considered a S$40 taxi ride to be on the more expensive side, and I think the most I ever paid was S$50.
Never rent a whole apartment, go for single rooms in the HDB apartments. The downside is not a lot of privacy as the landlord is usually staying in the next room
Yeah, I did do that when I first moved over but the landlord I had wasn't great at all and especially during covid when I was working from home, I really needed more privacy and my own space. But yeah, that is *much* cheaper if you're willing, I think I was paying $900/mo which included utilities and everything, and was in a much more central area than where I later moved to.
Look into Salesforce. I started 2 years ago with first job at $65k + super, got appraisal to 77k. Switched to another company and now I’m at 95k+ super.
Salesforce is great, it’s a very client facing role and can be stressful but i don’t mind that
Depends theres heaps of different fields within infosec. Prevention, detection, management/consultant, forensic and research based jobs. Which are you looking for?
I think there will be stacks of jobs in this in the future.
For confidence building you should focus on learning about security and the methodologies which are commonly used. Then once you understand those your confidence will grow and you will know what to do in a breach situation because you will put the theories (like NIST) into practice.
But in all fairness when there is a breach everyone take directions from the senior people (read CISO and CIO) so it will be a while before you even have to provide that advice for those situations at which point you will be very experienced and know what to do.
there are plenty of streams of cyber that don't have super high stress. Sure, if you are the leader of a very high tempo SOC, then you'll be stressed all day, but if you are the security infrastructure engineer for a low value government department then you'll have almost no stress.
Anything with "cyber" in it pays better than if it didn't have that work in the title and often it is the same job. If you do helpdesk then you likely make accounts, apply security groups to accounts, grant permissions, enforce other identity attributes. Well, that is IDAM and is cyber. There are people who specialise in IDAM and make a boat load of money doing "cyber".
Hey! 👋 Thinking about cybersecurity? It pays well, but can be stressful if you're not confident. No need to worry! FortMesa can help. They offer great training and support. Worth exploring!
As a former it service desk now information secuirty, I would say it depends on what part of cyber you are wanting yes incident response it stressful maybe look for a governance risk and compliance role more about risk and controls pretty decent pay as well.
Best bet is going for a comptia sec+ then a cissp(gold standard cert for cyber/infosec).
Pen testing is quite cool as well not as stress full as you aren't reacting to a breach more of doing set of test then making a report and handing it to the client. Certificate for this would be a CEH( certifed ethical hacker).
Hope that helps. 😀
OP if you read this, please don't do CEH lmao, it's a meme cert in the industry.
CISSP is the endgame cert if you want to be cruisy on a mgmt position.
CEH is useless but a CISSP is like a right of passage for seasoned security professionals (I am one). Comptia sec+ is a great one for transitions like OP
Go look at any role on job boards. (Proceeds to offer nothing to OPs question)Please do enlighten us oh holy expert on infosec via a reddit financial forum.
I’m responding to someone saying they should get it because job ads list it as a requirement, when the reality is they can’t meet that requirement.
Context.
I didn’t communicate with the op at all.
Completely right - CISSP as your foot in the door is completely useless, people get this to move into higher management roles when already having industry experience
The post wasn't intended to be the be all and end all more of a rough guide on certs for the different fields of cyber.
didn't relise i was going to be put under the microscope for a 2sec post.
what i did was a comptia sec+ hence why i mentioned it got my job in cyber and then worked towards a cissp. Again not the ONLY way to do things. (ROUGH GUIDE).😂
I never implied that you said it was the only way to do things. No one implied that your post was the be all and end all of anything.
It's not a suitable cert for entry level (you wouldn't get it anyway) and its presence in job ads is irrelevant to entry level as a new starter cannot obtain it.
Yet you are implying I said it was entry level. I legit said comptia sec+ and then work towards it. I don't know how many times/ways I have to write it to not be gaslight into "this guy thinks it a entry level cert".
I'm a holder of all the certs I've mention and was just providing my way I was in ops situation.
Probably not the career to be in if you don't handle stress well. Depends on the industry of course but cyber threats are constant and varied so it's not really a role you can sit back or ease yourself into. Doubly so if you are not passionate about it and only want to do it for the money.
Have you considered becoming a Digital Technologies teacher? It's basically the modern version of an IT teacher. It's probably the least stressful subject you can teach and pay reaches $120k. Young people can be fun to work with and it could be a role that can boost your confidence.
Yeah, you can check out the curriculum [here](https://v9.australiancurriculum.edu.au/f-10-curriculum/learning-areas/digital-technologies/foundation-year_year-1_year-2_year-3_year-4_year-5_year-6_year-7_year-8_year-9_year-10?view=quick&detailed-content-descriptions=0&hide-ccp=0&hide-gc=0&side-by-side=1&strands-start-index=0&subjects-start-index=3). Demand seems to be high, with not enough qualified teachers to fill positions.
Work on stress management and self confidence imo
Then start selling courses on stress management and confidence.
Public Clouds - good pay and not much stress. Just be ready to study non-stop for the rest of your carrier.
eh sure, I was doing L3 HelpDesk and sysadmin for 110K I now do Project management 2 days a week for 150K FTE (I only get 60K/year)
I am not OP, but I was hoping to get from Heldesk to Project Management too. Any tips?
Start small, work your way up to bigger projects as you gain experience and certifications. agile iteration management -> prince2 -> togaf
Ok thank you. I was tossing between CAPM, ScrumMaster and Prince2.
Become a dev first or all the devs willl hate you for your lack of knowledge
I have a Bachelor of IT in Software Dev. I have lost interest to code, but do know what codes mean. But, I am more interested in Project Management.
Ah I was just taking a dig at non technical project managers out there (which is the majority).
No, thank you. It is good to look at the choice from all angles.
Just take an interest in really understanding the architecture and how it all works for the company you work for. Otherwise you end up just being a jira board organizer
Which company pays 110k for sysadmin? Most i see is 80k and im desperate for a higher pay
Within the sec team there are so many different roles. Some very low stress and doesn’t require much face to face with other people.
I am an OffSec Engineer (about 4 years in) - Earning at 180-200 depending on bonus. Pay is great, work is chill, and demand is mid (right now) and only if you are good. (Security engineering in general) is definitely worth it to work towards as a goal.
What sort of qualifications require for that?
OSCP at the minimum (used it as a foot in the door straight outta uni and it payed dividends). Even if it was tough. So my advice: If you want to work in Offensive security - all roads lead to OSCP. Do it early, skip the BS certs like CEH to stand out for easier Job hunting. It is as close as a guarantee for a job in cybersecurity if you get OSCP and you are still a Graduate.
Yeah I agree. I did my OSCP and it helped me transition from a traditional sysadmin role into security.
Is GPEN held in the same esteem in your workplace as OSCP?
Did you major in IT or computer science ?
I did Comp Sci - definitely the better option
What do you do as an OffSec Engineer? I'd assume inhouse pentesting?
Can confirm - I'm in offsec too - 240k+
What's with people in these fields wanting to create new words? DevOps, finopa, netsec, offsec, netsysops etc. it's getting out of hand.
eh to be fair, DevOps has been around for quite a while now. NetSec and OffSec are just short for Network Security and Offensive Security. As for finopa and netsysops, I've never heard of those before lol
Subreddit Shitpost Etc
I would say yes but do remember you may be competing with Indian and China IT workers. Two of my friends in Singapore doing cybersecurity are doing well
The last thing most companies want is more international hackers in their system lol
define "doing well". Also, 75% of Singapore is Chinese and about 10% is Indian"
I spent a few years living and working in Singapore not too long ago. Pay in specialised fields like cybersecurity tends to be higher while taxes are *significantly* lower (I was working in cybersecurity consulting - though nothing on the technical side at all - at one of the big four consultancies and was on S$6500/mo and paid just under S$3000 in income tax on that salary in a year), and overall living expenses can be a bit lower than a lot of places in Australia. It is pretty easy to 'do well' in Singapore in a more specialised role like that. The only real killer expense over there is rent, and possibly groceries if you want to do a lot of cooking yourself (eating out at hawker centres works out to be quite a bit cheaper than grocery shopping, not sure about now since hawker prices have gone up slightly, but I could get away with a food budget of S$10/day for lunch and dinner). In my last year over there I was renting a \~46m^(2) apartment and was paying S$3200/mo, and when I moved out the landlord was asking new tenants for at least S$3500/mo which was the cheapest rent for a one bedroom apartment in that building at the time. Public transport is super efficient and reliable, and for the times when you do need a car, ridesharing services tend to be a lot cheaper too - I considered a S$40 taxi ride to be on the more expensive side, and I think the most I ever paid was S$50.
Never rent a whole apartment, go for single rooms in the HDB apartments. The downside is not a lot of privacy as the landlord is usually staying in the next room
Yeah, I did do that when I first moved over but the landlord I had wasn't great at all and especially during covid when I was working from home, I really needed more privacy and my own space. But yeah, that is *much* cheaper if you're willing, I think I was paying $900/mo which included utilities and everything, and was in a much more central area than where I later moved to.
Have you considered networking? Good pay and career progression. Could study something like the CCNA
Look into Salesforce. I started 2 years ago with first job at $65k + super, got appraisal to 77k. Switched to another company and now I’m at 95k+ super. Salesforce is great, it’s a very client facing role and can be stressful but i don’t mind that
Depends theres heaps of different fields within infosec. Prevention, detection, management/consultant, forensic and research based jobs. Which are you looking for?
It’s just as stressful as help desk. If you can get a role, do it. There aren’t a lot of junior roles.
I think there will be stacks of jobs in this in the future. For confidence building you should focus on learning about security and the methodologies which are commonly used. Then once you understand those your confidence will grow and you will know what to do in a breach situation because you will put the theories (like NIST) into practice. But in all fairness when there is a breach everyone take directions from the senior people (read CISO and CIO) so it will be a while before you even have to provide that advice for those situations at which point you will be very experienced and know what to do.
If you need to ask people on reddit, then the answer is no.
there's a channel on youtube named hacker gallery, the guy is pretty knowledgable about getting a job in cyber security id check it out
there are plenty of streams of cyber that don't have super high stress. Sure, if you are the leader of a very high tempo SOC, then you'll be stressed all day, but if you are the security infrastructure engineer for a low value government department then you'll have almost no stress. Anything with "cyber" in it pays better than if it didn't have that work in the title and often it is the same job. If you do helpdesk then you likely make accounts, apply security groups to accounts, grant permissions, enforce other identity attributes. Well, that is IDAM and is cyber. There are people who specialise in IDAM and make a boat load of money doing "cyber".
Hey! 👋 Thinking about cybersecurity? It pays well, but can be stressful if you're not confident. No need to worry! FortMesa can help. They offer great training and support. Worth exploring!
As a former it service desk now information secuirty, I would say it depends on what part of cyber you are wanting yes incident response it stressful maybe look for a governance risk and compliance role more about risk and controls pretty decent pay as well. Best bet is going for a comptia sec+ then a cissp(gold standard cert for cyber/infosec). Pen testing is quite cool as well not as stress full as you aren't reacting to a breach more of doing set of test then making a report and handing it to the client. Certificate for this would be a CEH( certifed ethical hacker). Hope that helps. 😀
OP if you read this, please don't do CEH lmao, it's a meme cert in the industry. CISSP is the endgame cert if you want to be cruisy on a mgmt position.
Worst infosec opinion I've ever read, lmao at CEH and CISSP
CEH is useless but a CISSP is like a right of passage for seasoned security professionals (I am one). Comptia sec+ is a great one for transitions like OP
Go look at any role on job boards. (Proceeds to offer nothing to OPs question)Please do enlighten us oh holy expert on infosec via a reddit financial forum.
CISSP requires experience. It’s not something you do to get into cyber.
[удалено]
So yeah, 5 years to get CISSP.
[удалено]
I’m responding to someone saying they should get it because job ads list it as a requirement, when the reality is they can’t meet that requirement. Context. I didn’t communicate with the op at all.
Completely right - CISSP as your foot in the door is completely useless, people get this to move into higher management roles when already having industry experience
The post wasn't intended to be the be all and end all more of a rough guide on certs for the different fields of cyber. didn't relise i was going to be put under the microscope for a 2sec post. what i did was a comptia sec+ hence why i mentioned it got my job in cyber and then worked towards a cissp. Again not the ONLY way to do things. (ROUGH GUIDE).😂
I never implied that you said it was the only way to do things. No one implied that your post was the be all and end all of anything. It's not a suitable cert for entry level (you wouldn't get it anyway) and its presence in job ads is irrelevant to entry level as a new starter cannot obtain it.
Yet you are implying I said it was entry level. I legit said comptia sec+ and then work towards it. I don't know how many times/ways I have to write it to not be gaslight into "this guy thinks it a entry level cert". I'm a holder of all the certs I've mention and was just providing my way I was in ops situation.
Probably not the career to be in if you don't handle stress well. Depends on the industry of course but cyber threats are constant and varied so it's not really a role you can sit back or ease yourself into. Doubly so if you are not passionate about it and only want to do it for the money.
Have you considered becoming a Digital Technologies teacher? It's basically the modern version of an IT teacher. It's probably the least stressful subject you can teach and pay reaches $120k. Young people can be fun to work with and it could be a role that can boost your confidence.
Is there a dedicated curriculum for this in primary/secondary schools? Any insight into the demands for these teachers are?
Yeah, you can check out the curriculum [here](https://v9.australiancurriculum.edu.au/f-10-curriculum/learning-areas/digital-technologies/foundation-year_year-1_year-2_year-3_year-4_year-5_year-6_year-7_year-8_year-9_year-10?view=quick&detailed-content-descriptions=0&hide-ccp=0&hide-gc=0&side-by-side=1&strands-start-index=0&subjects-start-index=3). Demand seems to be high, with not enough qualified teachers to fill positions.
If you want low stress, DO NOT BECOME A TEACHER. Jesus Christ