I’m trying to give someone advice on choosing a career that will suit them better than the one they’re in and hate. I wanted to get together a list of good questions for them to ask themselves so they can use the answers to compare options like “do you prefer to work sitting or moving around,” “do you want to not work weekends” etc.

  • Mikina@programming.dev
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    Ever since I played watchdogs and shadowrun, I wanted to work in cybersecurity, especially as a Red Teamer, which is literally Shadowrun - you run complex ops that have to break in, and steal stuff from largre banks without anyone but the management knowing about the test, with almost nothing being off-limits, as long as it doesn’t cause some kind of damage.

    Five years later, I do work as a Red Team Lead. Hpwever, our company was just scrambling to start doing RT since thats the buzzword now, and while we did have amazing pentesters, unfortunately pentesting and Red Teaming requires vastly different skills. Ypu never need to avoid EDRs, write malware with obscure low-level winapi, or even know what kind of IoC ajd detections will a command you run create, when you are doing a pentest.

    But since no one knew better, and I love learning and researching new stuff, while also having Red Teaming romabticized, my interrest in it eventually led to me getting a Lead position for the barely scrambling team.

    Mind you, I was barely out of being a junipr, with only three years of part time pentesting experience. It was NOT a good idea.

    I quickly found out that RT is waaay harder and requires the best of the best from cybersec and maleare development. We didnt have that. Also, turns out that I love to learn now stuff and take on a challenge, but being a Lead also means you are drowning in paperwork and discussions with client, while also everyone from the team doesn’t know what to do and turns to me about what should we do. Which I didn’t know, and barely managed to keep learning it on my own. Our conpany didnt want to give us much time for learning outside of delivery, I was only working parttime, and I was slowly realizing that we don’t have almost any of the skills we need.

    We were doing kind of a good job, most of our engagement turned out pretty well, but it was atrocious.

    Turns out, I’m not good at managing and planning projects, or leading people. I’m better just as a line member.