Titles in the security world are kinda a mess. Generally I just look for “-security engineer” titles. So in this case you would probably find “Cloud Security Engineer” or something. Look for security engineer roles that have anything cloud-related in the job req and you are probably on to something.

Hard to say, especially in this market. But, if you have some coding chops (from DevOps experience) or you have some knowledge of native cloud security tooling (from a Cloud role), then you would definitely have a leg up in getting a security engineer or netsec role (consider that a lot of modern “networks” are largely cloud networks).

Some resources here https://shellsharks.com/online-training#ai and here https://www.databricks.com/blog/introducing-databricks-ai-security-framework-dasf

I’d wager most people do. But you certainly hear about all the people who spend their free time doin more cyberz. I am definitely guilty of this a lot of the time. But I’ve been working harder to disconnect more. Being a parent helps with this as it’s pretty mandatory.

I wrote a bit about the pitfall(s) of “Certification Paths” - https://shellsharks.com/notes/2023/11/14/stop-worrying-about-certification-paths.

This is coming from someone who has A LOT of certs, and I’ve learned over this time that it’s just not the right way to think about progressing career-wise. You can read more though about certs and some thoughts on what you could take here too https://shellsharks.com/training-retrospective#what-certification-or-training-should-i-take.

Never heard of 'em. I’d say most of those things, while not necessarily “scams”, are probably not worth the time you would put into them. That said, if you have free time and they pay, then it is what it is. If you go down that path, make sure to report back!

Greed. Capitalism. AI speculation. Other stuff …

Big consulting firms (e.g. Accenture) and the like. Government jobs too if you’re close to where those are. Outside that, it’s very random which companies have such openings. The bigger the company the more likely it would have a higher diversity of roles and seniority openings.

Omg. I too have developed an “affinity” for coffee as of late. Have been thinking of cutting back. There’s always tomorrow right?

I’m a KubeNoob so gotta give you props regardless 😅

Y’all doin’ cool stuff. Rust, K8s, GH automation - 💪 @[email protected] @[email protected] @[email protected]

I always recommend Wild West Hack’n Fest. Cool location and the con is pretty good.

You mean like this? https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-copilot-security 🥶

Maybe this https://www.springboard.com/resources/learning-paths/cybersecurity-foundations/ or this https://clark.center/home ?

Pretty much everyone recommends this https://www.professormesser.com

Don’t know if this counts for what you were looking for but bluetooth headphones are a game changer for me. Cleaning around the house, at the gym, on a run, etc… Very freeing compared to having the wire running into my pocket.

What do you mean?

• Security+ typically puts you on the map
• CISSP is usually Sec+ level-up
• Relevant (to the job you’re applying to) SANS course (expensive)
• OSCP (for pentesting)
• Any AWS cert is good if you’re applying to cloud roles

But really, certs don’t move the needle the way they once did imo. You may be better off documenting your experience on a website rather than just having letters. This has at least been my perspective (and I have a TON of certs so I wish they were worth more)

deleted by creator

Almost certainly (though not impossible). Seriously doubt they went any deeper, i.e. rootkit, UEFI firmware / BIOS compromise, etc… There are likely files (pictures, documents) that your neighbor would not want to lose on their machine though so you should figure out how to get those off first.