Overall I am excited and nervous for this assignment. It has the potential to be make or break for my confidence. This world is still fairly new to me coming from network and sysadmin life! I've been feeling major impostor syndrome and at first glance this seems like an insurmountable task. Thankfully I have a lot of resources on my team that were told to be all hands on deck. It would have been nice to have something to build off of, but this is the hand I've been dealt!

*New project assigned*

Write an Encryption Policy and Standard... from scratch


Draft policy in a week and a half

*Glass half full*

Great opportunity to really dig into encryption - data @ rest, data in transit, key management, certs -, how it all fits in to the technologies in place, and writing policies and standards!

*Glass half empty*

A week and a half? From scratch?! Having only been here for 3 months?? For an infrastructure of this size?!?! <enter impostor syndrome> 😰

Decided to go public with my info here. Been MIA for awhile but going to try to be more active!

I hope to positively contribute to the infosec community and help steer others toward their dreams, just like all those I follow here and with my "real" persona on Twitter did for me.

This is my first real infosec gig after being strictly network/sysadmin for 8 years. Based on my experience, my advice for all those trying to break into infosec is to show passion for the field and the ability & desire to learn new skills.

Thrilled to share that I've accepted an offer to become an Infosec Analyst for a large healthcare org in NC!

A company is flying me down for an interview and paying for a night in a hotel. If all goes well, the final piece of my family relocation will be in place. I have a good feeling going in, and unless I come across like a bumbling idiot, I hope to leave with an offer. I'm pretty sure the CISO and several other team members of various levels will be there, so bumbling idiocy is a possibility! 😜

Note to self...never have coffee immediately before a phone interview😬

RT @chrisalbon@twitter.com:

Software engineering pro-tip:

Do not, I repeat, do not deploy this week. That is how you end up debugging a critical issue from your parent's wifi in your old bedroom while your spouse hates you for abandoning them with your racist uncle.

My avatar is certainly quite fitting today. This little guy has been around for almost the entire 30 years! The Final Fantasy series has certainly made me who I am today, and FF7-10 especially impacted me significantly during my formative years. Replaying them as an adult has given me more appreciation for the themes that went over my head when I played them as a 9-13 year old. Call it nostalgia, but I still get lost in the music from the series and listen to it on the daily.

I don't know if I'm putting the cart before the horse by trying these CTFs before progressing completely through the PWK/OSCP course. Learning new things has always come easy to me, so my struggles are a new roadblock that I need to figure out how to break through. I am absolutely not going to quit, and I am optimistic that with practice everything will begin to fall into place. If you made it this far, I appreciate you letting me get this off my chest! 4/4

I'm also in the middle of the PWK/OSCP course, and thus far it has been humbling. With a 1 year old daughter it is hard to find chunks of time to devote to the course, and when I do sit down and give it a go I struggle way more than I expect to. I was looking forward to trying out the SANS Holiday Hack this year and while I was able to progress a little, I hit a wall at the first big challenge, which I feel should be fairly straight forward to exploit. 3/n

On top of this my wife and I are relocating to NC next summer, so I'm job hunting as well. My ideal goal is pentesting, but I'm definitely not experienced enough to land this role yet. There are certainly no shortage of infosec jobs in RTP, but I'm worried that I have a shortage of experience to be seriously considered for any of them. I'm sure having a CISSP looks good, but it doesn't give me 7+ years of infosec specific experience. 2/n

Incoming ...
I am currently the Network Manager of a fairly small K-8 school district in NJ (the 1 and only in the IT dept), which translates to professional toner changer, Chromebook shipper outer, and cable plugger inner. I'd love to spend my time to some infosec related tasks like setting up a SIEM and some vuln scanners, but my day is so full of the mundane that this isn't possible. I'm definitely feeling burnt out and it's affecting my home life too. 1/n

Am I giving away my age by saying that when I hear 'mastodon' this is the first thing that comes to mind??

Really enjoyed Mr. Robot season 3. Looking forward to season 4 and beyond!

Hello everyone! I am currently a network admin in the education industry, looking to move into an focused role. Got my CISSP earlier this year and am going through OSCP at the moment.

Oh and seeing that @jerry followed me is kinda cool! Thanks for all that you do! Defensive Security was the first infosec podcast I found about a year ago, Obviously the bar was set incredibly high for all the other podcasts 😜

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.