Time
55 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:29
Okay, so we're ready to do our Q and A
00:32
thank you guys for hanging on for a minute.
00:35
So we have a quick question. Um,
00:39
can we provide any job links for India? Um,
00:43
do you guys know Shane or Mark? Any specific sites that air in India for job job boards? Job postings?
00:52
I'm not sure, but, I mean, we could certainly look. And based on where I live here in Bahrain, I could probably try to ask around as well.
01:00
Absolutely. Yeah. So you're geographically in that space, so you might be able to take a look, Okay. I mean, some of the just the chime in with some of the bigger companies, uh, global security companies will hire, you know,
01:14
all different areas. They might not necessarily have job postings on some of the more common career sites like Tyson. Indeed, though, advertise everything through,
01:23
um, you know, their own internal resource is, But you think larger companies like,
01:29
uh, semantic checkpoint. You know, some of the big sin providers still be hiring
01:34
positions globally. Well advertised different regions on their site. So just think about some of the bigger companies, and then you check out them to see what might be available again. Talking like
01:46
semantic or even bigger companies like Google, Facebook, etcetera will have locations globally. Will be hiring positions for
01:53
excellent. Yeah, fantastic.
01:56
Uh,
01:59
the next piece of that, we have a kind of a related question. It looks like that. Are sites that arm or international? More than just us sector? Absolutely. We can take a look at that and do some research on that.
02:09
Okay.
02:10
Very good. Yeah. We can look into putting this together,
02:15
So let's take a look here. I'm going to see if I can pan upon my question screen
02:20
and see if I could read some of the questions if you just give me one second. Great.
02:23
Yeah.
02:29
Okay. We're just growing down here. We're getting there.
02:32
So
02:35
here's a question that we had from the group. Want a good resource is for all the latest tools and latest research in security. So, Mark ***, I'll start with you on that one.
02:45
So good resource is for all the latest tools and latest research insecurity.
02:58
Mark, are you still with us?
03:02
I'm not sure it can, so I can kind of China. In the meantime, I don't know if you are you. Yeah, exactly.
03:09
I don't, uh, there's not necessarily one
03:14
catch I'll be all psyched to go to for the specific resource is I mean, there's plenty of them, um,
03:21
working with a company like cyber. You know, we integrate a lot of those. A lot of those resource is a lot of the information until our actual site. So, you know, you know, blogged posting and weapon ours with our technical on security partners again. You know, cyber is usually a good resource to check out, then also with
03:39
the various code words we got going on with all the different career pass. Uh, you know, students and mentors were always sharing information. Resource is back and forth.
03:50
Uh, you know, all day and all night s. We try toe
03:53
collect as much as that data as we can and archive that into a resource documentation. So you be be providing those Resource is moving forward. But again, you know, just collaborating with other students, another
04:05
other mentors throughout the various cohorts is is beneficial to obtain. Resource is from
04:11
Yeah, fantastic, right? Yeah. I mean, of course, we all work with Cy Berry So we're We're a little bit biased about cyber, but it is. It is an outstanding site. I continually go there. Just if I have something that's on my mind that I want to learn about with cyber,
04:26
I go there so
04:28
great. Good.
04:30
I'm here. I'm having some
04:32
Oh, my Internet wasn't the best over here, but you can. You can go to semantics. I can go to Kaspersky Site one. That's three people. It's a good one.
04:44
Disintegrate that I work for. They had There's an eight on site which I'II be em. Look up! Look up! Speedy ease goes through your offensive secretary if you want. The latest troubles are dabba Kali Lennox and most of its schools are gonna be in there and then you just go through Bluntman, your legs demands the man pages.
05:03
And you know, Google is always your friend.
05:05
And as you get more experience in the career, you can start to decipher which size give you accurate information based on what you know, and which ones are kind of just click. They get youto get on their side.
05:18
Yeah, precisely. Yeah somewhere just looking for you. No hits on their side for a CEO, but yeah, great point. Thank you guys both on that
05:27
quick question for Shane. Any preference between E c Council Ethical hacking, cert and O S C P.
05:38
Yeah. Great. Great question. And both awesome certifications.
05:44
I would say the EEC counsel certified ethical hacker is more of the entry level ethical hacking, contesting certification. So a lot of people tend to start with that one and then look to go into O S C p in OSC piece.
05:58
Um,
06:00
gaming attraction the last couple of years is very highly recognized in the industry. A lot of people are calling out for it just because it is,
06:06
uh, very hands on. Very, very technical type exam on difficult to obtain. So a lot of people who hold the O S C. P certification means pretty
06:17
pretty safe. Bet the action, know what they're talking about. But
06:20
again, from offensive security versus E. C council standpoint, I mean both both great governing bodies. From a certification standpoint, they're both don't thoughts, um, certifications. But again, I think typically people will start with the
06:35
certify ethical hacker certification through, see counsel, and then then go for O S. C. p.
06:42
Okay, I agree that this is Mark. So yet when you're looking at OCP versus CH like change said that the great certifications, but they're not necessarily equal. What you would want to look for from a city council is to do the ch route through the E C s A and then L P t. And that kind of fruity Maurin, that
07:00
wide environment with the S e p p. You know, the pen testing webinar that eventually will have some of the stock in a lot of stuff comes to is, you know, OCP is a dead end game. Provide any search. So that is one of the career passes I agree offers. And that's one of the things you were these high and highly desired. Think testing service. That's
07:18
that's what you know. We're gearing it for to get you there.
07:24
Wonderful. Thank you guys will take a company, do a couple more questions as we start to wrap up here. I know we're butting up against time. You're, um,
07:31
one question that I would like to have asked Mark to cover, and then I'll do a question as well. What is your typical day? Look like on the job. So as a stock analyst, can you share a little bit about what a typical day looks like?
07:47
Well, I mean, I think it's a sake. Honesty in your typical day is never gonna be the same twice. Things that you know. One of the things that you see a lot is that
07:58
pay attention to the news because sometimes these things hit like, you know, the heartbleed attack or various other cyber security threats. What a lot of the things that you see the stock analyst you may have already seen before they get announced, you know that they're coming, but 70 0 day attacks. That's usually when you get called in for work.
08:16
Well, you know, now I'm in more of a network operations center, but as a manager of that,
08:22
you know, the day is research and a day is hunting, learning things that is always kind of what's going on. So if one of the biggest girls I think that you have to have is that
08:33
the first answer may not be the one that always works, you know, just enjoying doing the research,
08:39
you'll be working on one vulnerability. You're working through looking through traffic looks looking through the I. D s looking through, you know,
08:46
Sourcefire various other things. And then you get pulling another thing and then another thing. And you know, change is one of the things that you have to love in this field because and change fast pace and not getting stressed out. When when things kind of hit the fan, so to speak.
09:03
Exactly. Yeah, fantastic. Thank you guys. So here's a question. Can I get a great information security job if I have an associate's degree and security certifications? Because some of the jobs ask about about shirt in computer science has been my experience that, yes, you can get a job if you have an associate's degree
09:20
and you have a security certification or more than one security certification.
09:24
You know, credentials, education credentials, as we discussed earlier, and coursework and other activities that you're doing in cyber certainly roll up and give you a lot of good
09:35
experience, you know, and they give you a lot of good again credentials on use that word. So I believe it is possible I've done some training and some teaching at local community colleges here in Maryland, and they all have fantastic cyber programs. And the people that are going through those programs are coming out there getting work. And then there,
09:54
oftentimes they're coming to cyber into getting additional
09:56
training and education as they need it.
10:00
Okay, let's take a look here. Why don't we do, like, one or two more questions and then we'll wrap up.
10:05
I'm gonna pan down
10:09
through my questions just for a moment
10:11
and see if there's other things that we want to take a look at.
10:16
Okay,
10:16
so he actually here's, ah, quick note that I want to make from one of our folks here on Team Cy Berry
10:24
today, only you can sign up for a $10 discount on your monthly insider pro program
10:28
to join the sock analyst career path. So and use the Coke coupon code. Excuse may level up at checkouts again. That was kind of the name of our webinar today, or where the Siri's that we're running all right. Awesome. Thank you, Tommy.
10:43
But
10:46
for sharing that and let's see if there's anything else that we wanna take a look at.
10:52
Okay,
10:54
here's last question that will cover word or some of the SEC tools, security tools. A beginner should learn.
11:01
Okay, so we've covered some of that in the webinar. But let's cover. That is our last question. A good wrap up. So, Shane, I'll start with you.
11:11
Yeah, uh,
11:11
thanks for s and over. So
11:13
I always when going through training and education, I try to stay as under agnostic as possible. So don't always necessarily focus on
11:24
specific vendor base certifications, because that can obviously very company to company. Or you could go thio
11:31
a specific company that has, you know, a certain Symon place that you spend time getting certified for and learning all that information. And then, you know, they change. Vendors are pulled out, replace it the following year, and it's a learning new products, so I try to stay. Is vendor agnostic as possible?
11:48
Um, you know two of the things for, uh, from a stock analyst perspective. Maybe two of the more common tools to spend some time with tough My list? I would probably say wire shark and and map.
12:01
Ah, lot of people I think don't spend enough time learning and understanding log analysis, which I think is extremely important. Not just for a song camera's position. But for
12:11
any position in the security field, just being able to analyze log data both from a you know s side and also a network side is extremely beneficial. And I don't think people spend enough time going through
12:26
learning that. And then on Matt, you know, a port mapping told something like that you're gonna use throughout the life of your career, especially the stock analyst. So knowing all the different commands and what all you could do is sit, Um and, you know, we're learning more about a scripting engine, a lot you can do with automation. That's typical as well. So from a
12:46
told perspective, I would probably say those two are two of the ones at the top of my list.
12:50
Excellent work will wrap up with you.
12:54
Yeah. I mean, I mean, I would say the same thing and one of the things to dig a used to and one of the things that I hope you understand. How in map or that map scripting engine works is try not to use the gooey.
13:05
We're out of duty on the command line, especially when you do stuff like a port scanner. You learn how to write one and bash or learn how to write one in python.
13:15
Understand? Writing one will help you understand exactly what you're looking for and why you're playing with Lennox to get better. Some of this stuff I try to write, try to write your own scripts that do some of the same things, obviously where turkey pie won't. But I mean, wire shark is one of the things that almost every cyber security job is gonna be based off of.
13:33
And cyber. He has really good lab. They have really good course that cover that.
13:37
And then you know some of the other things that air that Aaron Coolie and other various
13:41
you know most of them are pen testing the next things. But that's what you're going to stalk us as well, I would say Pencils installed, snorted home when how to write the signatures for that because the production version of that is Sourcefire. And you know the ideas I PS rules or a similar understanding how that kind of stuff words But you Shane was perfectly on point with all that stuff.
14:03
Wonderful. Yeah. Thank you guys so much for being here. Thank every I want to thank everyone. Thank you for just being with us today. Hopefully gained a lot of information from the webinar again. It will be available on side very so you could watch it.
14:16
And we're wrapping up. We're signing off. Thank you so much. This is Gina Pala Dino signing off from Sai Berry. Thanks.

Launching Your SOC Analyst Career

In this course, you will learn the role of a SOC Analyst and how it has become a mission critical role in today's cyber security workforce. Learn why more and more organizations are scaling their IT infrastructure to meet the expanding threat vectors along with it and how you can take on this role.

Instructed By

Instructor Profile Image
Gina Palladino
Adjunct Instructor at Carroll Community College
Instructor