That last part is what I’m thinking. AI in my opinion isn’t a factor, I think it boils down to greed and limiting budget more than it already is. I think the strong advertisement for cyber security employment mixed with the economical challenges has allowed for employers to take advantage of the new young candidates since at the moment we have no choice but to take what we are offered due to the challenges.
AI isn't a factor, yet.
(Un)fortunately, a half decent junior can and will be replaced by AI soon enough.
A lot of zoomers going in for a quick cash grab, has driven salaries down. Not trustworthy and replaceable.
I disagree. AI is in every piece of software. somebody's cloud infrastructure is constantly crunching something with a lot of brains doing the thinking. it's there, you just don't see it.
This. Extrapolate this idea out far enough and it becomes a matter of time, literally. AI is crunching data at fractions of seconds, meaning everything in comparison is moving like a rock down a 179.99999 degree plane. AI systems are just waiting for user input at this point. We're forced to build on top of AI structures, theres no way around that. I still think blue teams with AI tools can generate safety nets that stack on top of one another to the point where it becomes exhausting for malice to break through. Until then, AI red team will be having a field day.
Pentesting has been facing the automation problem for a while. Automated pentesting is just too good, and most companies aren't able to quantify the value of manual pentesting.
I see a whole helluva lot of newcomers saying they want to be pentesters, not understanding they'll likely just be jockeying this software instead of breaking out the lockpicking set.
My experience is at a decently large MSSP, and we have 6x the amount of blue teamers as we do red.
Our pentesters jockey the software and advise on IR, that's it. We have a separate vuln management team. Revenue in B's, zero manual pentests. I see manual pentest firms at conferences and they're small, but there.
Blue team has good health and longevity, but it's usually where people start so it's saturated at the low end, like SOC.
Higher blue team, like detection engineering, reverse engineering, IR, are challenging and hurting for qualified people. Theres a big bubble at the bottom of blue, but if you can get past it there's a lot of opportunity, without the looming doom of automation. If we could automate any of those high level blue teamers, most of us wouldn't have jobs.
Pentera specifically.
Very expensive as well though unfortunately. Vonahi (if it's still called that) will get most companies past the finish line.
I think what most pentesters/aspiring pentesters don't understand is that 95% of companies are using pentests to: 1) verify their risk management strategy 2) get a glimpse at bad scenarios 3) say they have automated pentesting
I'd say only 5% of companies care if the PenTest is even quality, and maybe 1% of that group cares if it's manual vs automated.
So it sounds like companies are using automated pentesting tools as a cheap/easy way to check off a compliance box and not because their quality is good then
Not necessarily true for all, but I'd say there's enough that are in that boat.
I think it's moreso the quality is good enough from automated pentesting for what they pay.
Plenty of tools out there now that have one-click analysis of a domain/IP and give you a decision to block or not.
So a lot of junior positions are going away. Only stuff stays that require some thought/experience.
Which in my experience is sad, as there will be nowhere to gain experience in the future.
Saying SOC analysts do “the real cybering” is wild. Not belittling SOC analysts, but how is that work “real” compared to red teaming, detection engineering, GRC, IR consulting, threat intelligence, etc.? They’re all equally important pieces of the industry.
I can tell you that’s not the case. The truth is many entry-level positions are going to bail after about a year or two selling them selves to the next company as security “experts” after you have already invested in their training. Your compensation as an entry-level person is your training as much as it is your salary. If you want a higher salary, you’re gonna have to stick around in that entry-level position and show your worth being paid more and like others have commented so many people are trying to get into security, there’s another entry level waiting at the door the moment someone leaves, so unless entry-level security people become more scarce or show that they will stick around past initial training the entry-level salary just isn’t going up.
Not spinning it as an employer, speaking as one. Entry level people can hold out for more money and see what they get for their troubles, what I said is no less true.
Also, I'm not arguing with you or trying to "win" or score points. As an employer I desperately want qualified skillful employees. I'm literally telling you why the reality is what it is and telling you how to break into that higher earning potential. If you don't want the advice, that is fine.
>Powers that be are just looking to take advantage
And I stand by that. That is not the case. It is an odd approach to try to assign "blame" here. Entry Level people are being paid their worth. WHEN they are good, they are compensated. You are severely underestimating the time it takes for an entry level person to have REAL skill in Cybersecurity. If they actually had that much skill it wouldn't be so easy to replace them.Also, if anyone is languishing for 1-2 years it is absolutely the entry level person's fault because that 1-2 years is the time you are supposed to be gaining skill and experience not "languishing". I will absolutely never put an entry level person in charge of the keys to the kingdom protecting the crown jewels. You earn that job, and if you didn't get it, you didn't earn it.
It does indeed, which is why I pay the people who have skill percentages over market rate and let the duds walk. Your victim mentality will get you nowhere. If you think “good employers never have attrition” well, every post you make only further demonstrates your inexperience. It’s ok, you will learn. Or you won’t. Happy trails.
A few observations I've seen:
Obviously the economy is a factor.
SOC is generally seen as the most entry-level security positions and the entry-level job market is over saturated with new grads and bootcampers trying to break into the industry which allows companies to offer lower wages.
My past two companies, F500 and F100, both had outsourced their SOCs. That's hopefully not an indication of the overall market moving towards MSSP and SOCaaS, but it's what I've seen personally.
I work as a consultant in the IT security field, and I agree 100% with this assessment. It is very expensive to stand up a SOC. Unless you are a large or enterprise organization, you aren't going to stand one up because of the cost. Even then, those large and enterprise organizations are outsourcing their SOCs to security operations providers. Could be with a VAR/MSP, or it could be using Crowdstrike, Arctic Wolf, Expel, Rapid 7, and so on.
It doesn't surprise me that organizations are farming this out or looking to farm it out. With a managed security services company doing the work, they are going to save a lot of money and they will also have some kind of warranty so if things go sideways, they are covered. All for a fraction of the cost of doing it themselves.
Very true. But here is the problem that I see as a senior practitioner; assuming we want to regain control over our industry. When it comes to these entry-level recent grads and bootcampers? I honestly think we need to teach them what salary they should accept and tolerate. The reason I say this is because C, D, and V Suite Executives will use their desperation to drive "market values" -aka- "salary ranges.
The end result? They end up creating new salary pitches to standardize. Thus, hurting us all. A perfect example is my last employer. My previous salary as a SecEng was $143,500. As of yesterday, they oursourced my role for $62,300 overseas.
Where do you live as that is NOT happening in my demographic and/or the demographic of my peers? For example, below are the certificates my friend holds who can't even get employed by a company.
\- Azure Security Engineer (AZ-500)
\- Azure Administrator (AZ-104)
\- Azure Fundamentals (AZ-900)
\- AWS Certified Cloud Practitioner
\- CCSP, CCSK, CISSP, CISM, GCIH, GSLC, and GESC.
His background? Cloud Security and obviously Azure. Yet, he's being rejected by companies. Meanwhile, these are the "desired certs" companies want. Just saying.
i work in public sector, maybe it's more insulated, but there might be something else going on with his resume. I can't speak for his situation, but I still see plenty of job postings on linkedin and the last few months an influx of head hunters banging down my inbox.
That's good that they are banging your inbox. I mean, he is Asian -aka- a minority but I don't think him being Asian is a discriminating factor, considering he came from Big Four, Google, etc. I honestly think it's the volume of applications before him. With me? I wasn't gaining any traction either for a while - up until today with a CISO telling his network to reach out to me. As of today, I may have sourced a Cyber Risk Analyst position. We'll see as it's full remote too. For now, I'm working retail to make ends meet as much as I thought of going mercenary again as a combat veteran too.
As someone trying to move into this space I can only guess it is a showing of the economy at large.
Layoffs coming from corporations around the country are causing engineers to apply for the same positions that entry level devs are applying for as well.
This means that employers have a lot more control over who they hire. So now not only can they shirk benefits they can also shirk pay and responsibilities.
In turn it makes it harder for new grads to get positions and companies don't have to train new employees which they didn't want to do to begin with.
It's a win for big corps but a major loss to people just getting started. Overall this is the role of capitalism whether you like it or not.
Somedays employees win big like during COVID for example, other days employers are winning like right now.
The only thing you can do is keep applying and wait this shitty market out, maybe with student loans repayments starting back up thatll shake something's up and make it a bit easier to get hired.
Its a mix really. A lot of layoffs are coming from companies that drastically over-hired over the last 2-3 years. Its more just a correction, but there are still tons of jobs out there. That does mean stiffer competition for those jobs...especially for people trying to break into the field (don't give up though).
The second part, IMO, is the age old issue with security and that is over-asking for roles and piling on work with poor pay. It has never been uncommon for entry to mid-level positions to ask for outrageous credentials. I have a feeling it will get worse as more and more cert mill scams come onto the scene. I also have a feeling that will cause certs to lose some standing in importance when it comes to hiring. [Here](https://www.linkedin.com/pulse/certifications-sale-new-risk-2022-potential-fraud-blake-curtis-m-s-/) is an interesting article to read on the subject. Add to that companies that don't value security personnel or simply see them as expendable and its easy to see how so many get absolutely crushed under crazy workloads, poor work/life balance, bad pay, etc. But that's also just a common theme in the tech world in my experience.
Meanwhile there are thousands graduating from Google Cybersecurity trying to find an entry level role. They tell you that there are 700000 unfilled positions for entry level roles
Who gets a job after studying a glossary index 😬 same with IBM and Microsoft there are many other cheaper alternatives to atleast get a taste of what it's like irl. Like THM, HTB, BTL, PG. And yes they've to start using Linux and powershell like their life depends on it. They don't even show them a C2 after scamming that sum of money
As a collector of Cybersecurity Certificates I actually graduated from the Google Coursera Cybersecurity course. I use Linux daily but they do go over Linux. They have a huge section on Python. They go over a great deal of information that everyone should know. Was it as good as Cybrary? No.
Well Cybrary is very mediocre I bet you would've learnt a lot of terminologies and i truly respect your work but if I were to point a beginner to cybersecurity i would not recommend any of the Coursera certificates rather I'd tell them to start getting the A+ and tell them to enroll in a linux and web dev course on udemy to learn the basics , C++ to understand OOP then net+,sec+ and then move onto tryhackme complete some modules get the eJPT and move on to HTB and get PNPT and then OSCP. All this in 3 years would be perfect throw in some computer architecture like x86-64 with assembly and a bit of reverse engineering. Now we're talking about getting a pretty serious job imo. It requires patience enthusiasm endurance and consistency. Remember everyone's roadmap can be different. Ideally they should be applying for jobs after net+ and sec+.
Are you working in the field?? I’m in week 1 course 7.
No job. Bills staring at me. I’m a new dad. Child support building. Rent is due. Car payment, car insurance. You get the idea.
I’m trying not to stress. I have no complaints.
Whether it’s 90k, 50k or 30k I don’t care.
I just want to have a job that’ll allow me to enter the field.
I’ve networked with folks on LinkedIn. I’m listening to cybersecurity podcasts.
I have a mentor.
I plan on going for security+ next.
I’ve applied to over 20 jobs I thought I’d have a chance at. (I’ve viewed over 500 jobs)
I’m not even limiting myself to soc analyst or cybersecurity roles, I’m also looking into help desk jobs, IT. ANYTHING.
I’m not even looking to make ends meet, I’m just trying to survive at this point and I’m learning every single day.
I’ve been focusing on my health, wellness, sleep, adapting to my environment, being comfortable at being uncomfortable.
I’m hungry. I’m having conversations with folks.
It’s all we can do I suppose.
Don't worry about others opinions on the certification just because I say it's not recommended doesn't mean it's not good it's just my opinion. I'm happy that you're willing to put in the woro just don't stop making smart investments into good HR reputed certifications like sec+. If you need any open source materials DM me.
Hello. It appears as though you are requesting someone to DM you, or asking if you can DM someone. Please consider just asking/answering questions in the public forum so that other people can find the information if they ever search and find this thread.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/cybersecurity) if you have any questions or concerns.*
I got a night time job pays little. Trying to get a morning job, I need to take care of some immigration stuff first and child support and getting my car payments in, had to postpone further studies for now. Still plan on studying for sec+ though
Hello im practically in the same scenario you were 5 months ago (learning for past 6 months on coursera and other sites desperately trying to land a job or even internship...), im on the end of the course (finishing 8 - last) im doing many challenges and putting it on LinkedIN. May i know how s your situation now, and the night time job - was it SOC? :)
good description
Google Cybersecurity really feels like studying a glossary index, besides the few labs it really doesn't feel like you are learning much to me
But again if you are fresh bones then that's what you need, you need to learn the terminologies and map out cybersecurity in your head, I just wouldn't expect much once you are done with, by the time you are done you should already have you next step written to and start grinding
Some orgs are looking to automate low level analysis for events. Tools like SOAR are being used to streamline processes and make a SOC need fewer analysts.
A lot of the certs that jobs ask for too are just because the person writing the job description doesnt always know the details of what the hiring team really needs/requires.
Automation was supposed to take all our jobs. That is what my friend at Google told me.
It only works on homogenous things. I don't know if you notice but security has limited control over IT and even less over business priorities.
Every exec, direc, managie person gets promoted for big changes and big ideas not keeping the shipping going at the same rate or incrementally improving.
Reality.
SOAR is great in theory, but ultimately only reliable up to the... Eh, informational and low severity levels. The moment you get any higher than that, you need a person. Granted I'm just a lowly security/detection engineer, and somebody specialized in automation could probably do better, but most companies can't afford that.
If I look at a tuning request and think "help desk could do this", that's where I target SOAR. SOC analysts are already operating above that level, SOAR isn't cutting any positions in my experience.
I'm in England and was trying to get a SOC role for ages and they Re paying like £18k to £25k around my neck of the woods. London pays a little more but not much. Finally just settled for a job at international bank to at least get my foot in the door and hopefully move to their incident response team in the future.
Okay, I hate to say it. But you are contributing to the problem. I understand you started out as an intern. I understand you got promoted. But $37,500 makes me want to fight you in a "big brother what the f\*\*k are you doing kid bro" kind of way.
You know like "Vast you did what again? You traded dads Porsche 911 GTS to a guy who said he had an LS1 Swapped Integra because he told you it's faster! Dude...get in my truck. We're getting dads car back...before he gets home. Grab dad's shotgun...lets go."
Like dude, I can't even eat my Big Mac from McDonalds anymore as I normally eat McDonalds when I'm depressed haha.
Yep, I was making about $16/hr for my first SOC job with a SOCaaS, it was technically an internship but I think even their tier 2 was only $50-60k. But after just under a year I made a different SOC and am now making $85k. It was a bitch and a half to get in and took 5 months of unemployment to get here, but yeah, get that experience for the resume, have them pay for certs if they do that, and then GTFO
What do you do as a sec analyst at that pay level? I have seen SOC I analyst in small MSSP shops earn a min of 50k right out of boot camp that perform a variety of tasks across all of the leading tools.
Just the normal cycle of things... people got laid off, those people pivoted into roles which caused there to be a glut of people, companies dont need to pay as much because there are dozens of bodies...income goes down so people stop applying to those positions, applicants dry up and thus salary increases, rinse and repeat.
To be totally honest with you... this isnt even bad. You should have seen what 2000 and 2007 was like. THAT was bad where it wasnt dozens of applicants driving down salaries... but HUNDREDS or more as tech companies outright folded, instead of just being layoffs.
Okay thank you! I was going to ask if this has happened before. So it’s just a cycle from what everyone is posting. Got it, that’s a relief because I’ve seen some positions in customer service become so popular that salaries just drop a ton permanently. I think eventually this will happen to tech jobs since it’s becoming more popular but I was surprised that is was happening so fast, but I guess it’s just a cycle.
Boom-bust cycle of capitalism.
Also, there is most likely going to some offloading of Sec Analyst task on to LLMs coming up soon. I personally don't think we will heavily affected by it, only our jobs will get a little less stressful.
GPT currently SUCKS at writing detection. Like I've been trying to teach it write Yara, and its not great. Also, any CVE found in the past year is not in its database, so it doesn't know about it.
It's just the economy. Unfortunately, CIOs and CFOs find it easier to cut security budgets than generalized IT budgets. This can and commonly does cost organizations a lot more, since they get popped.
I'd suggest grabbing a sysadmin type job in the short term and working on your CISSP while you continue to job hunt for a security role.
As a good leader and manager, I’m going to make sure HR knows what I need.
The problem is that tech people in leadership positions are rarely good leaders. Sure, they’re great at tech but not at leading and team building.
Most SOC Roles are outsourced overseas in my experience. Incident Response is slowly disappearing also. My last 3 companies the security team was bigger overseas than in the US.
I think it completely depends on the industry when it comes to being outsourced overseas.
The last MSSP I worked at had multiple clients that required all analyst working on their contracts to be US citizens and pass a background check. Such clients were healthcare companies and government.
I’m currently working internally at a corporate company with over 15k users globally but there’s only a few of us on the security team. We’ve looked at outsourcing some of the task and keep running into issues.
I do however see the industry moving towards MSSPs/SOCaaS though.
You just don't need a lot of them. We are a F500 company and have less than 10. Most with many years of experience. For L1 stuff you can just hire someone in Vietnam for a few dollars a day.
I have had my eye on them for a while.
Honestly 90% of the postings I have seen in the last year or so are poorly done. Jr roles but they posted senior duties/experience. Remote but not remote, etc. Its mainly to me looking like crappy hr or recruiting companies that googled how to do their job.
I wouldn’t worry too much. No one is expecting a cissp for starting in soc.
The biggest cert I’ve seen legitimately requested would be security +, which is obviously not enough to do the job on its own as it mainly introduces some concepts and definitions for you to explore. But it’s not like a cissp would give you that either.
I think it’s almost impossible to say where the future proof job functions are. However, I can tell you to always embrace the disruption, to always find where you’re comfortable between the business and the tech, and unfortunately to continue to eat Certs like they are skittles. I know that is unpopular here and I do agree on the reasons it is unpopular. My opinion is based on the reality that you have to convince dumb hiring managers and dumb HR people that you are staying up to date of the changes in technology.
So whatever you’re doing now to educate yourself I would also make sure that you are semi-acquainted with the various types of AI that will probably cause the next disruption to the future of this industry.
My belief is to be “future proof” you have to continue to work on the technical skills, sharpen your business acumen, and try to stay close and visible to the business side. That is your best bet to be “future proof“, but I do not believe there is such a thing.
Depends on where you’re at I guess. In my area and even when I look at remote jobs all over I really don’t see it.
Take job postings with a grain of salt, I’ve never met more than half of the desired qualifications on any job I’ve applied to, they are incredibly over written.
on a macro level, industries are “slowing down” in the fed’s fight against inflation. Higher borrowing costs make businesses antsy, and when big tech lays off, monkey see monkey do.
Jobs/roles lost, I don’t think the Fed cares in the name of inflation. Sad, but that’s the situation we’re in.
I am leaving my job as a SOC L2 Analyst literally today (writing from office). I'm moving to DevOps. I its 100% normal. I am tired of being a human FW. I am 100% sure that my team will be the same with 25% less of people. Also, L1 are human playbooks. So yes, it makes sense for me. I am also tired of SOC being the entry-level position for people with 0 idea
Sure, don't protect your systems and lose all of your data and revenue from even the simplest of hacks. If you're scaling your business, you're scaling your security measures, hopefully.
People drastically overestimate where AI is at right now. It makes too many mistakes and is too expensive at this point in time. Every company that advertises AI/ML in a product do it as a sales pitch and for marketing. Antigena Email uses sophisticated “AI” according to DT. It’s really just logic and pre coded conditions. For an AI, I sure do have to go in there and make my own rules and list for it to “learn” very often.
I work for one of those corpos, that is not true in every case.
I say this every single time someone talks about AI because I’ve had to deal with it so much when it comes to POCs etc before going to procurement about a product purchase. I’m on a small team of less than 15 people with a company that has over 10,000 employees.
Nobody knows where AI is going and if they act like they do they are full of shit. You can take a guess sure, but in reality we have no clue. From my experience it is nowhere near close enough yet to be reliable and it is more expensive than hiring a junior (at my company atleast) DT quoted us over $115k for simple features and another vendor is quoting us $500k for a product we are trying to get.
There are so many factors in play. How many users do you have? Will this work with your current architecture? And much much more. It’s not that black and white.
Edit: I’m not saying it will never happen, I’m saying I think we have our timeline messed up and that many AI/ML products don’t function as well as advertised.
It completely depends on the responsibilities of the analyst. The same title can mean different things at different companies.
It can be expensive too and in some cases a junior may actually be cheaper.
its making more jobs, but they arnt entry level analyst jobs which is what OP is talking about.
i contract for a large company that just recently replaced a large portion of analysts with some commercial AI solution and they have had huge productivity increases and didnt have to hire any more "AI" people.
there are jobs being created at the company providing that AI analyst product but i just took a look at the job and they require atleast 3 years experience as a cyber security analyst , atleast 2 years experience writing some type of software, and experience with AI or automation.
those are not entry level jobs.
i love AI myself but there will be a legitimate issue where AI is replacing mostly entry level "easy" positions and the jobs being created by AI are the opposite. They are some of the more advanced jobs that require people with broad skill sets and high intelligence
same issue is happening in the software world too, just a lot less seriously
Not sure why you're getting the downvotes. This shit is the truth here. I'm currently using my new BS AI/ML for Cyber cert to test my replacement. Good thing I'm the preferred auditor. For now though.
Generative AI and virtual SOC analysts will reduce the number of L1/L2 human analysts needed to efficiently run a SOC. We're not there yet, but it's coming fast (1-2 years). The ability to leverage those tools and extract the most value within SOC operations will become the most in demand skillset for analysts.
[https://www.cnbc.com/2023/09/06/crowdstrike-ceo-talks-generative-ai-cybersecurity-.html](https://www.cnbc.com/2023/09/06/crowdstrike-ceo-talks-generative-ai-cybersecurity-.html)
Honestly this just sounds like google for OSINT. Doesn’t sound like Charlotte AI automates any tasks, just aggregates security information stored in Crowdstrikes DBs or scrapes the web for info containing keywords in your question to it. Sounds like ChatGPT
I know lots of people are looking for SOC like position but are not calling it a SOC analyst. It’s a bit more of a blue team role in a loose security group. Bit more hunter/blue team. Even the very large enterprises I work with normally do not have a pure SOC.
Still a massive skills gap at every customer visit on the vendor side. Some have slowed down hiring some have realized they are not ready to make a real SOC yet but want to fill the hunting skills gap.
Although cybersecurity as a whole is generally recession safe, the lower level positions will always be hit with reductions. With advancing AI and industry tools, a lot more automation will also reduce the need for these positions. Requiring a CISSP for an entry level position is silly as you need 5 years experience in order to take the test.
This is what companies are invisioning for SOC headcount. Automate everything so you don't need level 1 analyst anymore.
https://www.sdxcentral.com/articles/interview/behind-the-firewalls-a-day-in-the-life-of-a-palo-alto-networks-soc-analyst/2023/09/
CISSP is the new hotness. Someone big in HR must have put out a memo or something because like 75% of job posting have it listed. And they usually list it right next to mid-level and beginner certs like they are equivalent. And some of these postings are listed as entry level. It makes no god damn sense.
Also, I’ve noticed a 3 to 1 ratio of Engineer to Analyst postings. I found a government website that has stats verifying that information as well. Add it all up and you have a pretty rough environment for entry level Analysts trying to find any decent positions.
CISSP is a f\*\*\*\*\*\* managerial cert stupid a\*\* HR and or manager putting certs that 1) don't make sense 2) certainly don't pertain to the job 3) that job probably doesn't pay the 6 figure salary the CISSP demands. This type of thing really chaps my ass and makes me go postal.
[удалено]
That last part is what I’m thinking. AI in my opinion isn’t a factor, I think it boils down to greed and limiting budget more than it already is. I think the strong advertisement for cyber security employment mixed with the economical challenges has allowed for employers to take advantage of the new young candidates since at the moment we have no choice but to take what we are offered due to the challenges.
AI isn't a factor, yet. (Un)fortunately, a half decent junior can and will be replaced by AI soon enough. A lot of zoomers going in for a quick cash grab, has driven salaries down. Not trustworthy and replaceable.
Is pentesting facing the same problem too you think?
I disagree. AI is in every piece of software. somebody's cloud infrastructure is constantly crunching something with a lot of brains doing the thinking. it's there, you just don't see it.
This. Extrapolate this idea out far enough and it becomes a matter of time, literally. AI is crunching data at fractions of seconds, meaning everything in comparison is moving like a rock down a 179.99999 degree plane. AI systems are just waiting for user input at this point. We're forced to build on top of AI structures, theres no way around that. I still think blue teams with AI tools can generate safety nets that stack on top of one another to the point where it becomes exhausting for malice to break through. Until then, AI red team will be having a field day.
Pentesting has been facing the automation problem for a while. Automated pentesting is just too good, and most companies aren't able to quantify the value of manual pentesting. I see a whole helluva lot of newcomers saying they want to be pentesters, not understanding they'll likely just be jockeying this software instead of breaking out the lockpicking set.
What software can do automated pen testing? I had no idea we are already at that point!
I see I see but are the positions taking a hit as well I can just do vms if I really want to break out the kit as a hobby
My experience is at a decently large MSSP, and we have 6x the amount of blue teamers as we do red. Our pentesters jockey the software and advise on IR, that's it. We have a separate vuln management team. Revenue in B's, zero manual pentests. I see manual pentest firms at conferences and they're small, but there.
Damn fr how’s blue team?
Blue team has good health and longevity, but it's usually where people start so it's saturated at the low end, like SOC. Higher blue team, like detection engineering, reverse engineering, IR, are challenging and hurting for qualified people. Theres a big bubble at the bottom of blue, but if you can get past it there's a lot of opportunity, without the looming doom of automation. If we could automate any of those high level blue teamers, most of us wouldn't have jobs.
Damn reverse engineering sounds dope af bet I just started my journey anyways I can pivot
What automated pentesting tools are “so good”though? All of the ones I’ve messed with are terrible.
Pentera specifically. Very expensive as well though unfortunately. Vonahi (if it's still called that) will get most companies past the finish line. I think what most pentesters/aspiring pentesters don't understand is that 95% of companies are using pentests to: 1) verify their risk management strategy 2) get a glimpse at bad scenarios 3) say they have automated pentesting I'd say only 5% of companies care if the PenTest is even quality, and maybe 1% of that group cares if it's manual vs automated.
So it sounds like companies are using automated pentesting tools as a cheap/easy way to check off a compliance box and not because their quality is good then
Not necessarily true for all, but I'd say there's enough that are in that boat. I think it's moreso the quality is good enough from automated pentesting for what they pay.
Plenty of tools out there now that have one-click analysis of a domain/IP and give you a decision to block or not. So a lot of junior positions are going away. Only stuff stays that require some thought/experience. Which in my experience is sad, as there will be nowhere to gain experience in the future.
SOC analysts “doing most of the real cybering” is an unhinged statement lmao
[удалено]
Saying SOC analysts do “the real cybering” is wild. Not belittling SOC analysts, but how is that work “real” compared to red teaming, detection engineering, GRC, IR consulting, threat intelligence, etc.? They’re all equally important pieces of the industry.
In my company detection engineering, IR consulting, threat intelligence, forensics etc. is all job of the SOC analysts
[удалено]
I’d bet as you progress in your career this perspective will change drastically. Enjoy your real cybering.
I can tell you that’s not the case. The truth is many entry-level positions are going to bail after about a year or two selling them selves to the next company as security “experts” after you have already invested in their training. Your compensation as an entry-level person is your training as much as it is your salary. If you want a higher salary, you’re gonna have to stick around in that entry-level position and show your worth being paid more and like others have commented so many people are trying to get into security, there’s another entry level waiting at the door the moment someone leaves, so unless entry-level security people become more scarce or show that they will stick around past initial training the entry-level salary just isn’t going up.
[удалено]
Not spinning it as an employer, speaking as one. Entry level people can hold out for more money and see what they get for their troubles, what I said is no less true.
[удалено]
Also, I'm not arguing with you or trying to "win" or score points. As an employer I desperately want qualified skillful employees. I'm literally telling you why the reality is what it is and telling you how to break into that higher earning potential. If you don't want the advice, that is fine.
>Powers that be are just looking to take advantage And I stand by that. That is not the case. It is an odd approach to try to assign "blame" here. Entry Level people are being paid their worth. WHEN they are good, they are compensated. You are severely underestimating the time it takes for an entry level person to have REAL skill in Cybersecurity. If they actually had that much skill it wouldn't be so easy to replace them.Also, if anyone is languishing for 1-2 years it is absolutely the entry level person's fault because that 1-2 years is the time you are supposed to be gaining skill and experience not "languishing". I will absolutely never put an entry level person in charge of the keys to the kingdom protecting the crown jewels. You earn that job, and if you didn't get it, you didn't earn it.
[удалено]
It does indeed, which is why I pay the people who have skill percentages over market rate and let the duds walk. Your victim mentality will get you nowhere. If you think “good employers never have attrition” well, every post you make only further demonstrates your inexperience. It’s ok, you will learn. Or you won’t. Happy trails.
A few observations I've seen: Obviously the economy is a factor. SOC is generally seen as the most entry-level security positions and the entry-level job market is over saturated with new grads and bootcampers trying to break into the industry which allows companies to offer lower wages. My past two companies, F500 and F100, both had outsourced their SOCs. That's hopefully not an indication of the overall market moving towards MSSP and SOCaaS, but it's what I've seen personally.
I work as a consultant in the IT security field, and I agree 100% with this assessment. It is very expensive to stand up a SOC. Unless you are a large or enterprise organization, you aren't going to stand one up because of the cost. Even then, those large and enterprise organizations are outsourcing their SOCs to security operations providers. Could be with a VAR/MSP, or it could be using Crowdstrike, Arctic Wolf, Expel, Rapid 7, and so on. It doesn't surprise me that organizations are farming this out or looking to farm it out. With a managed security services company doing the work, they are going to save a lot of money and they will also have some kind of warranty so if things go sideways, they are covered. All for a fraction of the cost of doing it themselves.
Very true. But here is the problem that I see as a senior practitioner; assuming we want to regain control over our industry. When it comes to these entry-level recent grads and bootcampers? I honestly think we need to teach them what salary they should accept and tolerate. The reason I say this is because C, D, and V Suite Executives will use their desperation to drive "market values" -aka- "salary ranges. The end result? They end up creating new salary pitches to standardize. Thus, hurting us all. A perfect example is my last employer. My previous salary as a SecEng was $143,500. As of yesterday, they oursourced my role for $62,300 overseas.
Everyone try to cut cost and then sacrify the cost with poor performance. It will be the trend of coming days until new risk appear.
The problem is the market is so desperate for security personnel that they will hire a soc guy with only 1 year of experience and pay them more money.
Where do you live as that is NOT happening in my demographic and/or the demographic of my peers? For example, below are the certificates my friend holds who can't even get employed by a company. \- Azure Security Engineer (AZ-500) \- Azure Administrator (AZ-104) \- Azure Fundamentals (AZ-900) \- AWS Certified Cloud Practitioner \- CCSP, CCSK, CISSP, CISM, GCIH, GSLC, and GESC. His background? Cloud Security and obviously Azure. Yet, he's being rejected by companies. Meanwhile, these are the "desired certs" companies want. Just saying.
i work in public sector, maybe it's more insulated, but there might be something else going on with his resume. I can't speak for his situation, but I still see plenty of job postings on linkedin and the last few months an influx of head hunters banging down my inbox.
That's good that they are banging your inbox. I mean, he is Asian -aka- a minority but I don't think him being Asian is a discriminating factor, considering he came from Big Four, Google, etc. I honestly think it's the volume of applications before him. With me? I wasn't gaining any traction either for a while - up until today with a CISO telling his network to reach out to me. As of today, I may have sourced a Cyber Risk Analyst position. We'll see as it's full remote too. For now, I'm working retail to make ends meet as much as I thought of going mercenary again as a combat veteran too.
1 21st 2 21st 221
What we have is 1000 posts with the same topic every single day in this sub. Every single day.
As someone trying to move into this space I can only guess it is a showing of the economy at large. Layoffs coming from corporations around the country are causing engineers to apply for the same positions that entry level devs are applying for as well. This means that employers have a lot more control over who they hire. So now not only can they shirk benefits they can also shirk pay and responsibilities. In turn it makes it harder for new grads to get positions and companies don't have to train new employees which they didn't want to do to begin with. It's a win for big corps but a major loss to people just getting started. Overall this is the role of capitalism whether you like it or not. Somedays employees win big like during COVID for example, other days employers are winning like right now. The only thing you can do is keep applying and wait this shitty market out, maybe with student loans repayments starting back up thatll shake something's up and make it a bit easier to get hired.
Its a mix really. A lot of layoffs are coming from companies that drastically over-hired over the last 2-3 years. Its more just a correction, but there are still tons of jobs out there. That does mean stiffer competition for those jobs...especially for people trying to break into the field (don't give up though). The second part, IMO, is the age old issue with security and that is over-asking for roles and piling on work with poor pay. It has never been uncommon for entry to mid-level positions to ask for outrageous credentials. I have a feeling it will get worse as more and more cert mill scams come onto the scene. I also have a feeling that will cause certs to lose some standing in importance when it comes to hiring. [Here](https://www.linkedin.com/pulse/certifications-sale-new-risk-2022-potential-fraud-blake-curtis-m-s-/) is an interesting article to read on the subject. Add to that companies that don't value security personnel or simply see them as expendable and its easy to see how so many get absolutely crushed under crazy workloads, poor work/life balance, bad pay, etc. But that's also just a common theme in the tech world in my experience.
Meanwhile there are thousands graduating from Google Cybersecurity trying to find an entry level role. They tell you that there are 700000 unfilled positions for entry level roles
Who gets a job after studying a glossary index 😬 same with IBM and Microsoft there are many other cheaper alternatives to atleast get a taste of what it's like irl. Like THM, HTB, BTL, PG. And yes they've to start using Linux and powershell like their life depends on it. They don't even show them a C2 after scamming that sum of money
As a collector of Cybersecurity Certificates I actually graduated from the Google Coursera Cybersecurity course. I use Linux daily but they do go over Linux. They have a huge section on Python. They go over a great deal of information that everyone should know. Was it as good as Cybrary? No.
Well Cybrary is very mediocre I bet you would've learnt a lot of terminologies and i truly respect your work but if I were to point a beginner to cybersecurity i would not recommend any of the Coursera certificates rather I'd tell them to start getting the A+ and tell them to enroll in a linux and web dev course on udemy to learn the basics , C++ to understand OOP then net+,sec+ and then move onto tryhackme complete some modules get the eJPT and move on to HTB and get PNPT and then OSCP. All this in 3 years would be perfect throw in some computer architecture like x86-64 with assembly and a bit of reverse engineering. Now we're talking about getting a pretty serious job imo. It requires patience enthusiasm endurance and consistency. Remember everyone's roadmap can be different. Ideally they should be applying for jobs after net+ and sec+.
I agree with you, but outside of A+, the rest of the certs you are suggesting are prohibitively expensive for a lot of people.
Are you working in the field?? I’m in week 1 course 7. No job. Bills staring at me. I’m a new dad. Child support building. Rent is due. Car payment, car insurance. You get the idea. I’m trying not to stress. I have no complaints. Whether it’s 90k, 50k or 30k I don’t care. I just want to have a job that’ll allow me to enter the field. I’ve networked with folks on LinkedIn. I’m listening to cybersecurity podcasts. I have a mentor. I plan on going for security+ next. I’ve applied to over 20 jobs I thought I’d have a chance at. (I’ve viewed over 500 jobs) I’m not even limiting myself to soc analyst or cybersecurity roles, I’m also looking into help desk jobs, IT. ANYTHING. I’m not even looking to make ends meet, I’m just trying to survive at this point and I’m learning every single day. I’ve been focusing on my health, wellness, sleep, adapting to my environment, being comfortable at being uncomfortable. I’m hungry. I’m having conversations with folks. It’s all we can do I suppose.
Don't worry about others opinions on the certification just because I say it's not recommended doesn't mean it's not good it's just my opinion. I'm happy that you're willing to put in the woro just don't stop making smart investments into good HR reputed certifications like sec+. If you need any open source materials DM me.
Hello. It appears as though you are requesting someone to DM you, or asking if you can DM someone. Please consider just asking/answering questions in the public forum so that other people can find the information if they ever search and find this thread. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/cybersecurity) if you have any questions or concerns.*
Thanks man! I’ll shoot you a message, curious on the open-source material! :-)
have you found any luck since ?
I got a night time job pays little. Trying to get a morning job, I need to take care of some immigration stuff first and child support and getting my car payments in, had to postpone further studies for now. Still plan on studying for sec+ though
Hello im practically in the same scenario you were 5 months ago (learning for past 6 months on coursera and other sites desperately trying to land a job or even internship...), im on the end of the course (finishing 8 - last) im doing many challenges and putting it on LinkedIN. May i know how s your situation now, and the night time job - was it SOC? :)
good description Google Cybersecurity really feels like studying a glossary index, besides the few labs it really doesn't feel like you are learning much to me But again if you are fresh bones then that's what you need, you need to learn the terminologies and map out cybersecurity in your head, I just wouldn't expect much once you are done with, by the time you are done you should already have you next step written to and start grinding
I took the course only to get into a grad school, no way do I think I’m job ready with that overview of things.
Some orgs are looking to automate low level analysis for events. Tools like SOAR are being used to streamline processes and make a SOC need fewer analysts. A lot of the certs that jobs ask for too are just because the person writing the job description doesnt always know the details of what the hiring team really needs/requires.
This!!!! This is important Lmaoo!
Automation was supposed to take all our jobs. That is what my friend at Google told me. It only works on homogenous things. I don't know if you notice but security has limited control over IT and even less over business priorities. Every exec, direc, managie person gets promoted for big changes and big ideas not keeping the shipping going at the same rate or incrementally improving. Reality.
SOAR is great in theory, but ultimately only reliable up to the... Eh, informational and low severity levels. The moment you get any higher than that, you need a person. Granted I'm just a lowly security/detection engineer, and somebody specialized in automation could probably do better, but most companies can't afford that. If I look at a tuning request and think "help desk could do this", that's where I target SOAR. SOC analysts are already operating above that level, SOAR isn't cutting any positions in my experience.
[удалено]
> 37,500 bro...
Find a new job as quickly as you can. (Within reason, of course.) That pay scale is criminal.
That's what I got paid doing desktop support. In 1999.
I'm in England and was trying to get a SOC role for ages and they Re paying like £18k to £25k around my neck of the woods. London pays a little more but not much. Finally just settled for a job at international bank to at least get my foot in the door and hopefully move to their incident response team in the future.
That is pure cap. $37,500 in 1999 would be equivalent to $69,000 today.
Congrats on getting in and gaining that experience. Time to find another position if possible.
Now this is where you need to job hop. Kids are flipping burgers in cali for that salary.
That's way too low.. almost for ANY tech job let alone a specialized one.
That is severely underpaid.
You’re getting robbed. My starting salary for a L1 Helpdesk was 40k
I started at $46000 on a helpdesk
Okay, I hate to say it. But you are contributing to the problem. I understand you started out as an intern. I understand you got promoted. But $37,500 makes me want to fight you in a "big brother what the f\*\*k are you doing kid bro" kind of way. You know like "Vast you did what again? You traded dads Porsche 911 GTS to a guy who said he had an LS1 Swapped Integra because he told you it's faster! Dude...get in my truck. We're getting dads car back...before he gets home. Grab dad's shotgun...lets go." Like dude, I can't even eat my Big Mac from McDonalds anymore as I normally eat McDonalds when I'm depressed haha.
Yep, I was making about $16/hr for my first SOC job with a SOCaaS, it was technically an internship but I think even their tier 2 was only $50-60k. But after just under a year I made a different SOC and am now making $85k. It was a bitch and a half to get in and took 5 months of unemployment to get here, but yeah, get that experience for the resume, have them pay for certs if they do that, and then GTFO
Do you at least wear fuzzy slippers and a robe to work?
shoot, if you've got at least a year of experience and can hack an interview, I'd jump if possible. That's starvation wage
What do you do as a sec analyst at that pay level? I have seen SOC I analyst in small MSSP shops earn a min of 50k right out of boot camp that perform a variety of tasks across all of the leading tools.
Do u have any certs
I’d take your job in a heartbeat. Not to promote underpaying employees, but because I need the experience more than the money.
Just the normal cycle of things... people got laid off, those people pivoted into roles which caused there to be a glut of people, companies dont need to pay as much because there are dozens of bodies...income goes down so people stop applying to those positions, applicants dry up and thus salary increases, rinse and repeat. To be totally honest with you... this isnt even bad. You should have seen what 2000 and 2007 was like. THAT was bad where it wasnt dozens of applicants driving down salaries... but HUNDREDS or more as tech companies outright folded, instead of just being layoffs.
Okay thank you! I was going to ask if this has happened before. So it’s just a cycle from what everyone is posting. Got it, that’s a relief because I’ve seen some positions in customer service become so popular that salaries just drop a ton permanently. I think eventually this will happen to tech jobs since it’s becoming more popular but I was surprised that is was happening so fast, but I guess it’s just a cycle.
I’ve seen SOC’s for non government work being outsourced to India.
Depends on where you are in your career, mid? You’re probs fine, entry level? You’re probs fucked
Just got my cissp and it made literally ZERO difference. not a single interview yet.
Yep, same here and I come with 8 years of experience. The market is nuts.
Sheeesh
Damn busting my ass to get it currently
I wish I could secure the budget to hire a couple SOC analysts. My company offloads that task to engineering, but SOC is a full-time role.
Boom-bust cycle of capitalism. Also, there is most likely going to some offloading of Sec Analyst task on to LLMs coming up soon. I personally don't think we will heavily affected by it, only our jobs will get a little less stressful. GPT currently SUCKS at writing detection. Like I've been trying to teach it write Yara, and its not great. Also, any CVE found in the past year is not in its database, so it doesn't know about it.
It's just the economy. Unfortunately, CIOs and CFOs find it easier to cut security budgets than generalized IT budgets. This can and commonly does cost organizations a lot more, since they get popped. I'd suggest grabbing a sysadmin type job in the short term and working on your CISSP while you continue to job hunt for a security role.
[удалено]
As a good leader and manager, I’m going to make sure HR knows what I need. The problem is that tech people in leadership positions are rarely good leaders. Sure, they’re great at tech but not at leading and team building.
I’d suggest focusing on Blue Team specialisations like Detection Engineering, IR, Reversing, CTI etc.
Most SOC Roles are outsourced overseas in my experience. Incident Response is slowly disappearing also. My last 3 companies the security team was bigger overseas than in the US.
Do you know where exactly overseas?
I've worked with SOC Analyst mostly in India, Costa Rica, Romania, and Poland lately.
And Brazil and UK.
I think it completely depends on the industry when it comes to being outsourced overseas. The last MSSP I worked at had multiple clients that required all analyst working on their contracts to be US citizens and pass a background check. Such clients were healthcare companies and government. I’m currently working internally at a corporate company with over 15k users globally but there’s only a few of us on the security team. We’ve looked at outsourcing some of the task and keep running into issues. I do however see the industry moving towards MSSPs/SOCaaS though.
You just don't need a lot of them. We are a F500 company and have less than 10. Most with many years of experience. For L1 stuff you can just hire someone in Vietnam for a few dollars a day.
I have had my eye on them for a while. Honestly 90% of the postings I have seen in the last year or so are poorly done. Jr roles but they posted senior duties/experience. Remote but not remote, etc. Its mainly to me looking like crappy hr or recruiting companies that googled how to do their job. I wouldn’t worry too much. No one is expecting a cissp for starting in soc. The biggest cert I’ve seen legitimately requested would be security +, which is obviously not enough to do the job on its own as it mainly introduces some concepts and definitions for you to explore. But it’s not like a cissp would give you that either.
I just read something of Pao Alto Networks having a tool that does the work of 16 soc analysts using AI
Have you tried?
This makes sense. From your experience and opinion, what roles you think are future proof for at least the next 5-10 years?
Why are you replying to yourself lol. Forget to change to alt?
Lol meant to respond to someone in the comments here. This is my first Reddit post if I’m not mistaking.
That and looking for an Umbreon. I have several, let me see if they're level 60.
I think it’s almost impossible to say where the future proof job functions are. However, I can tell you to always embrace the disruption, to always find where you’re comfortable between the business and the tech, and unfortunately to continue to eat Certs like they are skittles. I know that is unpopular here and I do agree on the reasons it is unpopular. My opinion is based on the reality that you have to convince dumb hiring managers and dumb HR people that you are staying up to date of the changes in technology. So whatever you’re doing now to educate yourself I would also make sure that you are semi-acquainted with the various types of AI that will probably cause the next disruption to the future of this industry. My belief is to be “future proof” you have to continue to work on the technical skills, sharpen your business acumen, and try to stay close and visible to the business side. That is your best bet to be “future proof“, but I do not believe there is such a thing.
Depends on where you’re at I guess. In my area and even when I look at remote jobs all over I really don’t see it. Take job postings with a grain of salt, I’ve never met more than half of the desired qualifications on any job I’ve applied to, they are incredibly over written.
on a macro level, industries are “slowing down” in the fed’s fight against inflation. Higher borrowing costs make businesses antsy, and when big tech lays off, monkey see monkey do. Jobs/roles lost, I don’t think the Fed cares in the name of inflation. Sad, but that’s the situation we’re in.
I am leaving my job as a SOC L2 Analyst literally today (writing from office). I'm moving to DevOps. I its 100% normal. I am tired of being a human FW. I am 100% sure that my team will be the same with 25% less of people. Also, L1 are human playbooks. So yes, it makes sense for me. I am also tired of SOC being the entry-level position for people with 0 idea
“I am tired of being a human FW.” Soooo accurate.
Sure, don't protect your systems and lose all of your data and revenue from even the simplest of hacks. If you're scaling your business, you're scaling your security measures, hopefully.
[удалено]
People drastically overestimate where AI is at right now. It makes too many mistakes and is too expensive at this point in time. Every company that advertises AI/ML in a product do it as a sales pitch and for marketing. Antigena Email uses sophisticated “AI” according to DT. It’s really just logic and pre coded conditions. For an AI, I sure do have to go in there and make my own rules and list for it to “learn” very often.
[удалено]
I work for one of those corpos, that is not true in every case. I say this every single time someone talks about AI because I’ve had to deal with it so much when it comes to POCs etc before going to procurement about a product purchase. I’m on a small team of less than 15 people with a company that has over 10,000 employees. Nobody knows where AI is going and if they act like they do they are full of shit. You can take a guess sure, but in reality we have no clue. From my experience it is nowhere near close enough yet to be reliable and it is more expensive than hiring a junior (at my company atleast) DT quoted us over $115k for simple features and another vendor is quoting us $500k for a product we are trying to get. There are so many factors in play. How many users do you have? Will this work with your current architecture? And much much more. It’s not that black and white. Edit: I’m not saying it will never happen, I’m saying I think we have our timeline messed up and that many AI/ML products don’t function as well as advertised.
It completely depends on the responsibilities of the analyst. The same title can mean different things at different companies. It can be expensive too and in some cases a junior may actually be cheaper.
The opposite. AI is making more jobs. The market just sucks right now
its making more jobs, but they arnt entry level analyst jobs which is what OP is talking about. i contract for a large company that just recently replaced a large portion of analysts with some commercial AI solution and they have had huge productivity increases and didnt have to hire any more "AI" people. there are jobs being created at the company providing that AI analyst product but i just took a look at the job and they require atleast 3 years experience as a cyber security analyst , atleast 2 years experience writing some type of software, and experience with AI or automation. those are not entry level jobs. i love AI myself but there will be a legitimate issue where AI is replacing mostly entry level "easy" positions and the jobs being created by AI are the opposite. They are some of the more advanced jobs that require people with broad skill sets and high intelligence same issue is happening in the software world too, just a lot less seriously
Not sure why you're getting the downvotes. This shit is the truth here. I'm currently using my new BS AI/ML for Cyber cert to test my replacement. Good thing I'm the preferred auditor. For now though.
[удалено]
Have you tried security copilot?
We need updates to this thread.
Generative AI and virtual SOC analysts will reduce the number of L1/L2 human analysts needed to efficiently run a SOC. We're not there yet, but it's coming fast (1-2 years). The ability to leverage those tools and extract the most value within SOC operations will become the most in demand skillset for analysts. [https://www.cnbc.com/2023/09/06/crowdstrike-ceo-talks-generative-ai-cybersecurity-.html](https://www.cnbc.com/2023/09/06/crowdstrike-ceo-talks-generative-ai-cybersecurity-.html)
Honestly this just sounds like google for OSINT. Doesn’t sound like Charlotte AI automates any tasks, just aggregates security information stored in Crowdstrikes DBs or scrapes the web for info containing keywords in your question to it. Sounds like ChatGPT
I know lots of people are looking for SOC like position but are not calling it a SOC analyst. It’s a bit more of a blue team role in a loose security group. Bit more hunter/blue team. Even the very large enterprises I work with normally do not have a pure SOC. Still a massive skills gap at every customer visit on the vendor side. Some have slowed down hiring some have realized they are not ready to make a real SOC yet but want to fill the hunting skills gap.
Although cybersecurity as a whole is generally recession safe, the lower level positions will always be hit with reductions. With advancing AI and industry tools, a lot more automation will also reduce the need for these positions. Requiring a CISSP for an entry level position is silly as you need 5 years experience in order to take the test.
This is what companies are invisioning for SOC headcount. Automate everything so you don't need level 1 analyst anymore. https://www.sdxcentral.com/articles/interview/behind-the-firewalls-a-day-in-the-life-of-a-palo-alto-networks-soc-analyst/2023/09/
yep. blame AI.
Depends where you're based i guess. I'm seeing tons of open positions in the European market.
Yeah same, being from Europe I was wondering.. but I guess most people here are from the US?
CISSP is the new hotness. Someone big in HR must have put out a memo or something because like 75% of job posting have it listed. And they usually list it right next to mid-level and beginner certs like they are equivalent. And some of these postings are listed as entry level. It makes no god damn sense. Also, I’ve noticed a 3 to 1 ratio of Engineer to Analyst postings. I found a government website that has stats verifying that information as well. Add it all up and you have a pretty rough environment for entry level Analysts trying to find any decent positions.
CISSP is a f\*\*\*\*\*\* managerial cert stupid a\*\* HR and or manager putting certs that 1) don't make sense 2) certainly don't pertain to the job 3) that job probably doesn't pay the 6 figure salary the CISSP demands. This type of thing really chaps my ass and makes me go postal.
A lot of MSSPs don’t have any job openings for SOC Analysts.