Comment on Mentorship Monday - Discussions for career and learning!

dotdi@lemmy.world ⁨4⁩ ⁨months⁩ ago

Yes, I have been eyeing a soft switch into cybersecurity. Maybe not head-over-heels and maybe not entirely, but I do plan to have a significant part of my work to be in infosec.

For context, I am currently working as Tech Lead/Software Architect for a company that has a security-focused product (with an, as of today, 0 incident track record), but I work on design and scalability most days. When involved in security-related tasks, I mostly coordinate and sometimes implement security critical code under the guidance of our (small) security team.

I do have enough insight to have a positive impact on security related discussions on higher levels (think “lol, this proposed change opens up the endpoint to being exploited by x or y) but not enough to discuss our cryptographic primitives.

In order to get my feet wet, I started doing THM (quite actively, yet I’ve hit a rut with the Windows-focused buffer overflow rooms), and I can say I enjoy it more than I expected.

However, I am unsure what concrete steps I should take after THM.

I’ve been thinking of working towards the OSCP exam, but honestly the certification landscape is quite confusing.

source
Sort:hotnewtop