|
|
|
|
|
|
by kdv
3070 days ago
|
|
|
I don't know of any security talent with moderate people skills that has trouble getting a job. However, there does seem to be a huge misunderstanding on how to best break into the "security industry", which is just too generic and really the wrong question to ask. What specifically do you want to do? Then you can identify the most efficient way to get there. Most people I know found their way in through other careers as developers, sysadmins, or network admins..focusing on security where they were first. Things will grow from there. Hypothetically, if you have solid experience as a full stack web developer then I would suggest finding a way to pivot off that expertise (web application security, infrastructure, etc) rather than diving into the Shellcoders Handbook, x86, and K&R, which are going to be more tailored towards reverse engineering and vulnerability research. |
|
|
> if you have solid experience as a full stack web developer then I would suggest finding a way to pivot off that expertise (web application security, infrastructure, etc) rather than diving into the Shellcoders Handbook, x86, and K&R, which are going to be more tailored towards reverse engineering and vulnerability research.
I've been focusing on those areas because they are what legitimately fascinate me. I enjoy web dev, but I'm finding my passion (as indicated by what I like to research and learn about in my free time) is low-level stuff: operating systems, C programming and associated vulnerabilities, assembly language, etc.
The interaction between software and hardware has always fascinated me (1997 when we got our fist computer: How does this hunk of plastic and silicon do that??), and I feel like that's where I want to go long-term.