Tuesday, January 24, 2017

Parting the Veil

Hats off to Rob Graham @ errata Security for a great blog post that shares some great CLI tools for the infosec crowd: http://blog.erratasec.com/2017/01/the-command-line-for-cybersec.html#.WIhBpFMrKpp

The past week has been quite fruitful,  I was able to add the CompTIA Project+ and the Cisco CCENT Certifications.  The CCENT was a result of taking the ICND1 exam, the first of 2 exams towards a Cisco CCNA.  I am also halfway to attaining the Linux+ certification.  My plan is take the next Linux+ exam (LX0-104) to complete the pair, and then move on to the ICND2.

Last week I also built my first Boot-to-root Virtual Machine, the goal was to create a vehicle for sharing my resume that would cause me to stand out.  I haven't had a response yet, but once I know that the my clues have been found, I will post the link and a walk-through.  It was terribly basic,  but a good beginning.

Yours in Security,
Justin
Posted by at 2 comments:

Friday, January 20, 2017

RFR - Request for Resume

Recently a good friend of mine alerted me to an opening at the organization with whom he is employed.  The prospect of working again with this fine engineer is certainly not something I would easily pass up, so I set about updating and polishing of my technical resume.  Somewhere along the line this document became large and a bit unruly.  It is not colossal by any means, but does fit the baby giant classification of a MTU frame size (a baby giant is slightly larger than a IEEE 802.3 standard 1500 byte frame).  After doing my best to limit the scope to 4 pages, I thought I was ready for the next step, but was pointedly reminded that I needed a good cover letter to go with it.

 Always one to start with a little research first, I looked for the best possible cover letter format.  The Harvard Business Review postulates that a 5 line cover letter is in all instances ideal. (https://hbr.org/2009/06/the-best-cover-letter)
A bit of Hello, I heard you had this position open, This is why I would be great on your team, lets talk soon, regards...
Short, succinct, and to the point.  While it covers all the necessary bases it really doesn't stand out.  So I, with all my extra time, decided that the best approach to gain a Penetration testing position would be to build a boot-to-root hack-able virtual appliance, and embed my resume as the prize for owning the box. To wit, I present my cover letter, that does indeed follow the HBR guidance:

 3st33m3d V13w3r,
I am writing in response to the opening for a Security Pen Testing & Assessment Engineer.
I offer over 20 years of highly technical, detail oriented, troubleshooting and analytical experience. I also have solid certification backed project-management skills, and passion for Information Security, all of which should mark me as a value added candidate for your team.
My resume is buried somewhere within [omitted for privacy], if you can gain access to the resume then I deem you worthy of my skillz, and would be willing to entertain a conversation about employment with your fine organization.

  Best regards,
XXXXXXX XXXXXX

 We will see how it goes.
I hope you enjoyed my musings.

 Yours in Security,
Justin
Posted by at No comments:

MostlyNotSecurity - Steps to the winners circle

Once in a while I stumble upon what equates to golden rules... the following may not represent all that glitters, yet falling prey to these classic blunders may limit your forward mobility.

http://viralnavy.com/11-things-smart-people-do-not-say.html

To sum up, avoid the following phrases, for more information read the article:

1. “It’s not fair.”

2. “This is the way it’s always been done.”

3. “No problem.”

4. “I think/This might be a silly idea/I’m going to ask a stupid question.”

5. “This will only take a minute.”

6. “I’ll try.”

7. “He’s lazy/incompetent/a jerk.”

8. “That’s not in my job description.”

9. “It’s not my fault.”

10. “I can’t.”

11. “I hate this job.”

Remember, stay positive, keep a shiny attitude, and stay awesome.

Yours in Security,
Justin
Posted by at No comments:

Where have I have I been for a Year?

Long has the question burned in the hearts and minds of intrepid IT hopefuls, and of course the recently techy unemployed; Education or Certification?

In my quest for career path validation, I asked the same question, luckily I found an option that fills both roles.  I am currently enrolled in a program with Western Governors University that makes Certification the final for several of the classes.  Yesterday I took and passed Cisco ICND1, the first of a two step process to attain the Cisco Certified Network Associate in Routing and Switching, or CCNA R&S for short.

subnote: As a full time Security Engineer, full time student, part time solider, and single parent, I often neglect certain passions and endeavors that I deem negotiable at the time.  This blog has been often fallen into that category.  As an effort of recompense, I am going to relate more of my study and side projects to this medium.  

Among the certifications a security minded person pursing an education through WGU can anticipate:
CompTia A+
CompTia Network+
CompTia Security+
CompTia Project+
CompTia Linux+
LPI LPIC-1
Cisco CCENT
Cisco CCNA R&S
Cisco CCNA Security

Add that that the other courses, and degree attained, and all told you have a very solid base to begin (or continue) a technical career.


Yours in Security,
Justin
Posted by at No comments:
Subscribe to: Posts (Atom)