Viewing a single comment thread. View all comments

cathlicjoo t1_iuzpvxy wrote

What are some things that a security firm would be looking for on a resume from somebody not currently in security? I run network operations at the facility I work at, but nothing specifically in security. I'm guessing the certs and all that are fine, but I'm looking for something that has meat on the bone that I can show to a prospective employer. Thanks for the AMA!

1

___Tom___ t1_iv02yu9 wrote

Not OP, but my company is looking, so: The right mindset. Skills can be acquired. But dealing with an intelligent, intentionally acting adversary is fundamentally different from dealing with technical failures, environment events or simple system behaviour. This is also where in the training scenarios I sometimes run most companies fail. They can handle a fire, a DDoS attack, a malware outbreak - but they can't handle a hacker who will pivot and react to whatever you're doing. Having a basic grasp of what it means to be under attack is essential.

1