|
Drunk Orc posted:Anyone in this thread currently attending or a grad from WGU?
|
#
?
Sep 25, 2014 15:23
|
|
|
|
| # ? Apr 24, 2024 06:15 |
|
|
I need to start up at WGU, I have enough certs that I could get a lot of credits already by the looks of it. How difficult was the course load for you at first? I'm going to be super busy at work for the next 3-6 months and dont know that I could juggle that and an intensive course load.
|
|
#
?
Sep 25, 2014 16:35
|
|
|
Sickening posted:I am both. Did you have a pretty easy time getting your certifications through them? Do they just give you vouchers and you have to schedule your own stuff with CompTIA, or is it something they've worked out where you get your certification after you pass certain assessments?
|
|
#
?
Sep 25, 2014 17:07
|
|
|
Drunk Orc posted:Did you have a pretty easy time getting your certifications through them? Do they just give you vouchers and you have to schedule your own stuff with CompTIA, or is it something they've worked out where you get your certification after you pass certain assessments? They give you coursework that is going to be more than adequate to get you prepared for the tests for comptia. You will go through the coursework once and apply for a voucher. After a day or two they give you a voucher code that you can use to schedule a test at a testing center like any other tester. You will have a person with WGU that will help you through the entire process. Its pretty painless and hassle free.
|
|
#
?
Sep 25, 2014 17:13
|
|
|
Sickening posted:They give you coursework that is going to be more than adequate to get you prepared for the tests for comptia. You will go through the coursework once and apply for a voucher. After a day or two they give you a voucher code that you can use to schedule a test at a testing center like any other tester. You will have a person with WGU that will help you through the entire process. Its pretty painless and hassle free. Right on man, I feel like getting an A+ and being in progress on others is the key to breaking into IT.
|
|
#
?
Sep 25, 2014 17:23
|
|
|
Drunk Orc posted:Right on man, I feel like getting an A+ and being in progress on others is the key to breaking into IT. Don't enroll into WGU just to get an A+. If you were attempting to get back into college while getting certs then it makes sense. If just getting into IT is your goal (as in any IT job possible) then having a cert MAY help you do that.
|
|
#
?
Sep 25, 2014 20:07
|
|
|
Sickening posted:Don't enroll into WGU just to get an A+. If you were attempting to get back into college while getting certs then it makes sense. If just getting into IT is your goal (as in any IT job possible) then having a cert MAY help you do that. Well specifically I'd like to get into network security so I enrolled in the IT security program. I'm paying next to nothing to go anyways and it should only take me 3 terms.
|
|
#
?
Sep 25, 2014 20:41
|
|
|
I need cover letter advice. I've posted a couple times about my situation - underneath all the mergers and acquisitions, I've been in effectively the same UNIX SA/manager/architect line for 15 years now, so I'm paid very well, but I'm in a non-promotable spot that's going to leave me with unmarketable skills when it all finally comes to an end. I'm applying for a job as an IT security analyst. It's a big step down in terms of pay but I think I could live with it for getting back into a job where I'm learning useful stuff and have some possible hope for advancement. I'm wondering if I should say something my cover letter explaining why someone with 20 years of UNIX experience is applying for a much less senior position, or wait to be asked.
|
|
#
?
Sep 25, 2014 20:47
|
|
|
Do you actually have experience with intrusion analysis? I'm not sure how "I'm a Unix admin" = "I'm going to apply to be an IA".
|
|
#
?
Sep 25, 2014 20:52
|
|
|
Zorak of Michigan posted:I need cover letter advice. I've posted a couple times about my situation - underneath all the mergers and acquisitions, I've been in effectively the same UNIX SA/manager/architect line for 15 years now, so I'm paid very well, but I'm in a non-promotable spot that's going to leave me with unmarketable skills when it all finally comes to an end. I'm applying for a job as an IT security analyst. It's a big step down in terms of pay but I think I could live with it for getting back into a job where I'm learning useful stuff and have some possible hope for advancement. I'm wondering if I should say something my cover letter explaining why someone with 20 years of UNIX experience is applying for a much less senior position, or wait to be asked. I would include something to the effect of "Experienced administrator/architect/whatever seeking to transition into the information security field" and they can ask the why. It might actually help to downplay your seniority, as sad as that may seem. I like the proactive move, I see a lot of people (Cobol devs, anyone?) ride that bus til the very end of the line, and then get stuck without a seat when the music stops.
|
|
#
?
Sep 25, 2014 21:07
|
|
|
internet jerk posted:Do you actually have experience with intrusion analysis? I'm not sure how "I'm a Unix admin" = "I'm going to apply to be an IA". How does operational knowledge NOT transfer over into a position that is based on securing those systems?
|
|
#
?
Sep 25, 2014 21:11
|
|
|
Sickening posted:How does operational knowledge NOT transfer over into a position that is based on securing those systems? How does being a sysadmin qualify you to be a "Security Analyst"? Also what does that mean. Intrusion analyst, security engineering, pentesting?
|
|
#
?
Sep 25, 2014 21:20
|
|
|
internet jerk posted:How does being a sysadmin qualify you to be a "Security Analyst"? Also what does that mean. Intrusion analyst, security engineering, pentesting? How does one qualify to be any of those?
|
|
#
?
Sep 25, 2014 21:21
|
|
|
When you say "unmarketable skills" are you referring to the fact that 20 years is a long time to spend in one place and you probably know more about the quirks of your current position rather than broadly applicable things? Because I read "UNIX SA/manager/architect" and there's nothing that makes me think it's unmarketable. There would be growing pains transitioning into another senior engineer/architect role, but it would totally be doable. And unless you're making some next level money it shouldn't be a problem to find something comparable. Unless of course your goal really is to start over and do something different.
|
|
#
?
Sep 25, 2014 21:23
|
|
|
Well I'm sure that I'll never forget today. I was asked to troubleshoot our Dell UPS and figure out why it wasn't powering the strip. After some poking around, I identified the issue, and confidently turned on the external ports. I hear them click on, I stand up with pride, and then jump back a good foot or two, letting out a scream as two capacitors from the power supply in the PC that I had boneheadedly plugged in to the power strip connected to the backup pop, causing the PC to smoke. Thankfully it was 3 years out of warranty and a fully depreciated asset, but hell if my adrenaline wasn't going for a minute.
|
|
#
?
Sep 25, 2014 22:06
|
|
|
Thanks for all the responses. It's an intermediate job, which (I hope) means they expect the candidates to know some stuff and learn some stuff too. I know how to talk to someone and identify security concerns in the solution they want to deploy. I haven't done intrusion detection but I've done system hardening, least privilege management, etc. In short, there's no way I go from UNIX architect to security architect, but I think I might have a shot at going to security analyst intermediate as written. The job description includes a lot more than just intrusion and sysadmin experience is part of their desired qualifications, so while I do not expect this to be a gimme, I think I might be a plausible candidate. If I can get in the door, I can learn more about intrusion detection, incident response, and that cool stuff, and hopefully make my way up to security geek senior or back into management in the next several years. I'm a pretty quick learner. Dark Helmut, you hit the nail on the head. I'm currently a telecommuter and if they ever stop needing me, they'll RIF me with no hesitation. I don't want to wait until I'm stuck and need to take whatever I can get; I want to pick my next slot. I hadn't thought about downplaying my seniority but I'll ponder ways to spin it right. Hatful, I have deep knowledge of all the UNIX issues in my current shop, but I don't touch SAN storage, nor network, nor DBA stuff, nor Windows, which means I'm not what the employers around me seem to be looking for. If I could punch at least one more of those, I'd probably be fine, but it's not going to happen with the current company. I'm too busy where I am, and if I'm ever not busy, they'd be more likely to get rid of me and hire someone on-site than allow me to pivot to a new field. I've applied for a couple local management jobs but my skillset is just too narrow and sheer management experience isn't cutting it - everyone wants a manager with more specific experience of the hardware or software in their specific shop. I suspect/hope that getting promoted from within is easier. I can certainly keep working until the music stops, and as long as I do, I'm not crying over it. However, if I'm going to have to take a more junior position to stay in local IT and get back on to a real career track, I'd rather do it in security or some other related field than take a midlevel UNIX job and do more of what I've already done.
|
|
#
?
Sep 25, 2014 22:30
|
|
|
HatfulOfHollow posted:Because I read "UNIX SA/manager/architect" and there's nothing that makes me think it's unmarketable. Yea, I don't think being a 20-year unix veteran is anything but highly desirable? I'm a little shocked you wouldn't be able to find a unixy gig supporting HP-UX,AIX or Solaris. DarkHelmut, you're a recruiter right? Are you finding COBOL/RPG devs that can't find jobs?
|
|
#
?
Sep 25, 2014 22:39
|
|
|
Goondolences to my fellow Linux admins. Meet "shellshock", the next hilariously bad exploit. Time to patch errything. I've been seeing hits in our server logs from drive-by scanning attempts but thankfully we're not exposing vulnerable services on public addresses. At least as far as what's publicly known to be vulnerable  Still gonna patch.And if you're super on top of it and have already patched, note: the current patch is incomplete. Certain variants of the attack are still possible, so there will be another forthcoming.
|
|
#
?
Sep 25, 2014 22:47
|
|
|
Zorak of Michigan posted:Thanks for all the responses. Security is (in my opinion) the most fun field to be in. Good luck with the position, let us know how it goes. Your *nix experience will go a long way for sure.
|
|
#
?
Sep 25, 2014 22:56
|
|
|
Docjowles posted:Goondolences to my fellow Linux admins.I've been seeing hits in our server logs from drive-by scanning attempts I'd be shocked if somebody hasn't had their external range scanned yet. VRT (if you're on SourceFire) and ET both have SNORT rules out for plugging into your IPS. 2019231 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in URI (web_server.rules) 2019232 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Headers (web_server.rules) 2019233 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body (web_server.rules) 2019234 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body 2 (web_server.rules) 2019239 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Cookie (web_server.rules) Bloodborne fucked around with this message at 23:13 on Sep 25, 2014 |
|
#
?
Sep 25, 2014 23:02
|
|
|
Fiendish Dr. Wu posted:All my friends play xbone Friends don't let friends enter the 'bone zone.
|
|
#
?
Sep 25, 2014 23:41
|
|
|
I bought an XB1 a few weeks ago. I think I've turned it on twice. I'm good with money.
|
|
#
?
Sep 26, 2014 01:19
|
|
|
Honestly since my job is at a desk staring at a screen all day, the last thing I want to do when I get home is sit at another desk in front of another screen. I've been thinking about getting a clone  Edit: haha xbone autocorrected to clone. I'll take one of those too. Edit 2: case in point - I don't even browse the forums on my home computer.
|
|
#
?
Sep 26, 2014 01:27
|
|
|
Fiendish Dr. Wu posted:Honestly since my job is at a desk staring at a screen all day, the last thing I want to do when I get home is sit at another desk in front of another screen. e: last night I spent 30 minutes on the elliptical while watching conference videos though 
Vulture Culture fucked around with this message at 02:04 on Sep 26, 2014 |
|
#
?
Sep 26, 2014 02:02
|
|
|
Misogynist posted:Try working from home. I switched out video games for books because there is no escaping that radiant glow. While at home, my Nook is my most used electronic device. I don't think I would want to work from home, even if given the opportunity to.
|
|
#
?
Sep 26, 2014 02:06
|
|
|
internet jerk posted:How does being a sysadmin qualify you to be a "Security Analyst"? Also what does that mean. Intrusion analyst, security engineering, pentesting? All of our stuff is pretty *nix heavy. He might not necessarily be outright qualified to be an analyst, but he could definitely be an operations engineer that interfaces with analysts.
|
|
#
?
Sep 26, 2014 02:34
|
|
|
psydude posted:All of our stuff is pretty *nix heavy. He might not necessarily be outright qualified to be an analyst, but he could definitely be an operations engineer that interfaces with analysts. Silly me thinking engineer is higher than analyst
|
|
#
?
Sep 26, 2014 03:48
|
|
|
Didn't we determine that titles are sort of randomized inside each company?
|
|
#
?
Sep 26, 2014 05:14
|
|
|
For those keeping score on Shellshock, a second, better (?) patch was released tonight. You want to be at this patch level... until yet more exploits are found Red Hat / CentOS Debian / Ubuntu
|
|
#
?
Sep 26, 2014 06:22
|
|
|
psydude posted:All of our stuff is pretty *nix heavy. He might not necessarily be outright qualified to be an analyst, but he could definitely be an operations engineer that interfaces with analysts. Oh without a doubt, most everything we have is on a *nix appliance/box. I wasn't trying to say there's no way for him to transition, just that I wasn't sure from what was said how Unix admin = Sec Analyst. If nothing else learning to be an analyst is really a lot of loving fun. Leveraging multiple systems either individually or into your SIEM to correlate data and play network detective? Work is fun and usually you'll find sec dudes love their jobs. Fiendish Dr. Wu posted:Silly me thinking engineer is higher than analyst It is where I work; analyst however is in higher demand across the industry so there's that as far as getting a job or choosing what to focus on in security.
|
|
#
?
Sep 26, 2014 11:30
|
|
|
Fiendish Dr. Wu posted:Silly me thinking engineer is higher than analyst internet jerk posted:It is where I work; analyst however is in higher demand across the industry so there's that as far as getting a job or choosing what to focus on in security. That's kind of like saying that a network engineer is higher than a developer. They're different jobs. Analysts look at the data and draw conclusions from it, while engineers design and implement the hardware and software solutions that the analysts use to gather data.
|
|
#
?
Sep 26, 2014 11:51
|
|
|
Psybro of course they're different roles. Our sec engineers have a higher grade/salary, it's not a linear ranking system of CPL > SGT or whatever and they aren't above us but yes. E: Analyst isn't something you spend your entire security career doing either, in most cases. Unless you want to be some tier 3 super lead threat center analyst guy then most people leave that for penetration testing or the engineering architecture side. Analyst time does nothing but benefit you regardless of the path. What I'm trying to say is you see analyst to engineer moves. Not often you see an engineer move into an analyst role. Bloodborne fucked around with this message at 12:10 on Sep 26, 2014 |
|
#
?
Sep 26, 2014 12:04
|
|
|
psydude posted:All of our stuff is pretty *nix heavy. He might not necessarily be outright qualified to be an analyst, but he could definitely be an operations engineer that interfaces with analysts. Just so we're clear. The last sentence is taking the piss right?
|
|
#
?
Sep 26, 2014 12:58
|
|
|
internet jerk posted:Psybro of course they're different roles. Our sec engineers have a higher grade/salary, it's not a linear ranking system of CPL > SGT or whatever and they aren't above us but yes. I agree. My point was that he could probably bypass the analyst role entirely and go straight for engineering with enough Unix experience and a bit of security knowledge.
|
|
#
?
Sep 26, 2014 12:59
|
|
|
Tab8715 posted:Yea, I don't think being a 20-year unix veteran is anything but highly desirable? I'm a little shocked you wouldn't be able to find a unixy gig supporting HP-UX,AIX or Solaris. As we speak, I actually do have a great enterprise-level Solaris/AIX contract role, and have them a few times a year. Cobol, DB@, etc I don't think I've ever had in 3.5 yrs. This is only my little (medium) market though. Zorak, to be clear by what I meant, I might look at downplaying the management portion. Not only does people management imply that you are more hands-off, but it's definitely more of a perceived "step down". Anyway, just my 2 cents. Hard to tell without knowing more about your situation. As a (very general) rule, I tell almost everyone to consider switching companies/roles every 3-5 years (unless your situation is airtight) so you don't end up getting silo'd.
|
|
#
?
Sep 26, 2014 14:02
|
|
|
Dark Helmut posted:Zorak, to be clear by what I meant, I might look at downplaying the management portion. Not only does people management imply that you are more hands-off, but it's definitely more of a perceived "step down". Anyway, just my 2 cents. Hard to tell without knowing more about your situation. As a (very general) rule, I tell almost everyone to consider switching companies/roles every 3-5 years (unless your situation is airtight) so you don't end up getting silo'd. That's actually good to hear, since they moved me from manager to architect in 2012. They wanted all managers to be on-prem. I've been a lot more hands on lately.
|
|
#
?
Sep 26, 2014 14:37
|
|
|
Who else's leadership is freaking out about ShellShock today right before the weekend?
|
|
#
?
Sep 26, 2014 19:44
|
|
|
Zorak (sweet Space Ghost ref btw), when do you find out if you're moving over? I think SA needs more sec dudes posting about sec things. YOSPOS doesn't count, that thread hurts my eyes and brain.
|
|
#
?
Sep 26, 2014 19:44
|
|
|
psydude posted:Who else's leadership is freaking out about ShellShock today right before the weekend? Not really here, we've identified the inventory of what's what and watching what's tripping alerts in Sourcefire, of which is set to drop anyway.
|
|
#
?
Sep 26, 2014 19:49
|
|
|
|
| # ? Apr 24, 2024 06:15 |
|
|
Can't some kind of network security appliance or deep packet inspection stop shell shock?
|
|
#
?
Sep 26, 2014 19:52
|
|