[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]
2023-11: Warosu is now out of extended maintenance.

/biz/ - Business & Finance

View post   

File: 70 KB, 1024x587, mister_4chan.jpg [View same] [iqdb] [saucenao] [google]
54411990 No.54411990 [Reply] [Original]

>be me, larp as security engineer
>doing the work of 4 people
>paid well all things considered, could be a lot more though
>forget that its not normal until I get some inane request for help on something I had to figure out on my own
>realize how fucking stupid everyone is, basically cargo cult but with engineering buzzwords instead of cardboard airplanes
>stressful sometimes but I have complete freedom on how to structure my day, and minimal interaction with anybody else, plus wfh still even when most of the office got called back

What do? I want to make a real name for myself, but my official title is QA so I really have to move sideways or diagonally. Is it feasible to do this on the side without hating my life (eg. getting OSCP cert or building web3 shit) or should I just switch jobs and lose my autonomy that I have now?

>> No.54412019

Every man and his dog is talking about going into cybersecurity now which tells me that ship has sailed.

>> No.54412020

Idk I’m gay

>> No.54412024

just make it on crypto and retire

>> No.54412033

Do not switch jobs. You are in a rare comfy position that most wish they had. Use the copius amount of free time you can make for yourself, to work on security certifications, trade and invest, and basically use the easy money to train yourself and better yourself on THEIR time. Then when you feel confident that you've racked up enough, start looking for a position that you feel will really propel you with the big bux.

Basically don't just throw away your cushy job without squeezing every last drop out of it.

>> No.54412052
File: 150 KB, 1101x1489, 1679863751442893.jpg [View same] [iqdb] [saucenao] [google]

I am in the same position with the same sort of problems.
>senior software/big data engineer
>build distributed systems that handle >500 billion events/day
>just recently built API that can handle categorical data and respond back in under 100 microseconds
>management is increasingly reliant on me to deliver and has more and more retarded deadlines and requirements
>feel sort of stuck - if I leave, I am definitely burning bridges
>most colleagues with fancy titles can't find their own asshole with a flashlight and a map
>tried to hand over what I have done so they can maintain it while I build other stuff - it is impossible - they don't know the basics
Am I stuck? Retarded? Both?

>> No.54412053

The truth is, the vast majority of it drones have something like zero fundamentals of the field.
I am in a fortune 10 and 90% of the it staff are beyond clueless "i need to ask the vendor" middleman midwits.

>> No.54412081

This shit doesn even do anything

>> No.54412087

In other words I want to escape QA, remain in some sort of engineering or front office role, but without becoming a just a developer.
QAtards at my company actually make slightly more than developers after X years of experience, but that's kind of a very specific example.

Yeah but I've been in it for 8 years, just not at a pure security focused company. That's true though and it's always idiots that think it's an easy shortcut (they're not wrong)


I own my house outright, idk if that counts. That's a consideration here though, I have an easy salary I can throw at moonshots.

I have freedom but not a lot of free time. Although I think I suffer from not knowing how good I have it even if I am getting cucked with a big workload and just managing to multitask well.

Leaving is never burning a bridge. Tbh I just still suffer from imposter syndrome and don't want to deal with interviewing and having to do some stupid iq puzzles or whatever they throw at the autists these days

How can I leverage that to get paid more then? I am not sure how to politely phrase that to my manager, though they have been very good about just giving me pay raises without asking, I know it's still less than if I job hopped.

>> No.54412106

You keep at it and get certs on the side.

In your position you might even be able to study on the clock.

Just acquire all of the security certs you can now and use this time productively. Then when the time comes, you'll have a big leg up for a vertical or diagonal jump.

A friend of mine did it this way and it paid off huge for him.

>> No.54412120

Correct. Someone beat me to this very excellent advice.

>> No.54412152

The best is boomer politicians and military who just call it cyber

>In your position you might even be able to study on the clock.
Yes at least passively. Thanks for the suggestion. I wasn't really sure if certs where a meme and I should just self learn. I guess I really have to decide if I focus on web2 (OSCP cert) or web3 (self learn).

>> No.54412190
File: 3 KB, 200x200, 1664979252525730.jpg [View same] [iqdb] [saucenao] [google]

>Leaving is never burning a bridge
I hope that's not the case for you. That'd be great. For my case, that's a definite... nobody can maintain what I have built. I tried to hand over, but it is impossible. I work for a big corporation, diversity hires and people that tickle the fancy of HR retards (other retards) are everywhere. I just met a "senior big data engineer" today that didn't know how to pivot a table. I cannot emphasise this enough... he is a fucking senior... I think I am losing my mind slowly but surely.

>> No.54412332
File: 78 KB, 552x853, 9781912759200.jpg [View same] [iqdb] [saucenao] [google]

Beta mentality

I just tell management who is going to do my job when I'm sick. They drop some tard name. Then I plan a couple of metings with the tard, where I record every functionality with me explaining. Afterwards I give management an heads-up that tard is able to do that part of my job and that you had some knowledge transfer sessions and some notes. Since tard is in the CC and there are recordings the fucker can be held responsible when shit doesnt work. Next time he or she calls I literally ask them did you watched through the recording. If they say uhh uhhh then I tell them to call me when they did.

If your good at your job you need to be ruthless, if not everyone else is going to take advantage of you.

Been 11 years in the game, ama

>> No.54412338

Certs are most definitely not a meme. Get on it bro.

>> No.54412401

It cuts both ways, information asymmetry could be the only thing keeping you from being laid off. I am successful because I am super autistic about taking notes about everything. I don't publish them anywhere, but if I leave on good terms I can just pass them on.

>>54412190 don't let them take advantage of you, but if you otherwise tolerate it you have a huge amount of leverage.

>> No.54412423
File: 5 KB, 225x225, 1679476356856975.jpg [View same] [iqdb] [saucenao] [google]

>everyone else is going to take advantage of you.
That's exactly what I feel like. Ok, I'll make sure to get the blackest, smoothest brain nigger they hired and just dump my shit on him while recording.
I genuinely need to get the fuck out. I am doing the job of 3 departments and get paid peanuts. I made a simple web API that makes them $8 mil every 21 days it's up. I got fuck all for that... I only got more retarded requests. I am fucking done. I'd rather take my chances as a contractor instead of dealing with "company culture" and "de&i" again.
Thank you, anon.

>> No.54412567

Do it anon. Assuming you give 2 weeks notice that's plenty of time for them to figure it out and for you to brain dump, not your problem if they don't have anybody competent to pass it onto. I still maintain that you won't burn any bridges, at least to anybody that matters, if you leave a job with the standard notice.

>> No.54412659

I’m a faggot that has no skills aside from being a lawyers bitch. What Certs do I aim for if I’m trying to get into IT.

>> No.54413112

I'd suggest to you to make it somehow apparent to your managers, that they're essentially completely reliant on you and passive pressure them to either give you some kind of promotion or have you leave. Also, do NOT just give away you precious knowledge to your retard co-workers. Once management sees that these people are redundant dead weight, and you are not, you'll have far more leverage than if you just artificially prop up your under-performing peers.

>> No.54413136
File: 151 KB, 1140x815, emperorxi.jpg [View same] [iqdb] [saucenao] [google]

No wonder China is hacking so much of our shit. Good god.

>> No.54413165

What the fuck is cybersecurity anyway? What are the actual task? I've seen posters say that financial company pay like 200k+ for cybersec workers....like what the fuck do they even do?

>> No.54413172

>official title is QA
kek, test my bugs you QA wagie

>> No.54413197

Every IT fag thinks he’s a le epic based hacker cyber security ninja. Good luck getting an actual infosec job with less than 5 years exp, military background, or crazy connections. Breaking into that industry is a nightmare but the pay to work ratio is bananas
>t. Security engineer at the biggest tech company (yes, that one)

>> No.54413212

>install bitdefende antivirus
>take in 110k/yr

Prove me wrong

>> No.54413219

It’s a broad field, you sound retarded asking this. “What even is business? What are the tasks?” Lmao

>> No.54413251

Just slack off. You've realized you're doing too much work, so do less. I had the same realization recently and I started working half as much. You'll still outperform your coworkers. If management complains do even less or quit.

>> No.54413258
File: 63 KB, 1280x720, 6BE9DB3E-51BC-4074-A508-26B1F64D4F93.jpg [View same] [iqdb] [saucenao] [google]


>> No.54413287

I got the sec + in a weekend watching the videos. people love those dumb ass certs, downside they start expecting you to know things even if the cert was dumb as hell.

>> No.54413293


>> No.54413342

Cool non answer. If you can't explain it in a sentence it tells me its just some bullshit field.

>> No.54413422

You keep shit safe that boombooms and zoomzooms are to lazy/retarded to keep safe themselves. That could be literally anything from QA bugtesting to network security to setting up login systems or pentesting or even a combination of all of the above. And more.

>> No.54413436
File: 71 KB, 960x640, 1680216849447299.gif [View same] [iqdb] [saucenao] [google]

>I larp
We know you're constantly making threads here daily using different stories.
Wanna know how I know?

>> No.54413500
File: 9 KB, 248x204, classy3.jpg [View same] [iqdb] [saucenao] [google]

if you already do QA just start gradually move into penetration testing then maybe into cyber security. Look up pentesteracademy.

>> No.54413560

So it's a rebranding of tasks that used to be done by different people?

>> No.54413584

Yes, because every business everywhere would rather pay one person to do multiple jobs even if it means they're worse off for it because it saves money.

>> No.54413617

>but my official title is QA
You are not a security engineer, sorry larper. The security industry gate keeps security engineering positions hard, you are -NOT- a security engineer until someone gives you the official title, period. Until then you are a

>> No.54413863
File: 1.90 MB, 1920x1440, 1677544585301412.png [View same] [iqdb] [saucenao] [google]

>do NOT just give away you precious knowledge to your retard co-workers.
That's not possible. Again, I just want them to maintain what I have built, not understand the motivations behind building stuff the way that I build stuff... that's way too much.
I told management countless times that I am drowning in stuff and most people take 4 months to build an ETL pipeline that takes me 1 day. 2 days if it needs to be distributed.
I guess they see me as a "human resource" and a resource is only good when you use it, but I think I am close to reaching "fuck it" and just leaving, with due notice. It's all stupid, people who brown nose get to the top and make plans - retarded plans that unavoidably fail, but that doesn't matter because they have new plans - even more retarded than the shit that failed.
I guess I am just tired and jaded.

>> No.54414225

Should I ask my manager for the title? They would probably be fine with it.

>> No.54414448

Ah, so these are the faggots that gatekeep the file servers I need access to. Fuck you, nerd

>> No.54414554

Thanks anon helped me make a decision re: my current work

>> No.54414572

Also fuck Mr Robot that is not some 4chan shit, it fucking subverted anonymous and made it something it wasn't so that faggots like OP think it is, what is isn't.

Fuck propaganda and you mongoloids who lick it up.

>> No.54414626

Thanks anon will check this out. Yeah even though I'm in QA my role is nothing like my colleagues. Frankly what I do isn't even that advanced, just fuzz testing, but it finds tons of high priority issues. My dream is to actually understand how to exploit what I find and not just tell the developer that it crashed and to fix it.

>> No.54414695

h@xx)rr into your dads internet history and report back

>> No.54414745

my colleague did the following:
He started a blog and wrote about stuff you dont find anywhere else.He got better and better while doing research, writing his stuff. He got famous, like really famous. He got hired for a dream position for redacted cloud company.

>> No.54414875

Can you tell us more about your skills and what I should learn to get on your level?

>t. studying statistics and want to be good at my job when I get one

>> No.54414909

it's quite simple. net worth is the only real measurable indicator of intelligence. if you aren't a millionaire, and you work for someone else, you're just not that smart and should be doing as little as possible coasting for your paycheck like the other 4 people

>> No.54414966

This is honest to god truth, what I'm about to tell you. Now the bubble might be somewhat bursting, but I think development of new software will get hit far, far more than pentesting will.

I am a former esports pro and went from jerking off and playing video games for money to straight up pentesting positions with no inbetween and no relevant education (no college either). How? OSCP + High CTF rankings on hackthebox. If you interview well you can easily land a position with just these things. OSCP itself is absolute garbage in terms of the course work and labs, but the cert holds so much fucking clout - the exam is just a glorified CTF, nothing less, nothing more. But it's a (relatively) very hard exam and entirely hands-on, strictly proctored, so the clout is justified.

I am now in a position where I work on average 5 hours a week in an extremely comfy setup where my living costs are less than 20% of my takehome. There are people in my company getting hired who don't have a shred of methodology down for pentesting positions, because the standards are just that fucking low (not in all companies, but some).

Do not believe retards telling you you need this and that, 5 YoE etc. - if you're actually intelligent and interview well, get OSCP, it will give you SO MANY interview opportunities, and just go from there

Good luck king

>> No.54414977

Just do things in earnest. So many people just try to phone it in and do the bare minimum.

I am a millionaire faggot

>> No.54414986

> want to be good at my job when I get one

Terrible idea as Op demonstrates, knowledge leads to more work and ignorance is bliss

>> No.54414996
File: 146 KB, 906x1208, 1675173327699744.jpg [View same] [iqdb] [saucenao] [google]

and of course i'm wfh, goes without saying.
also during the interviews even when I had zero real world pentesting exp., I was repeatedly praised for answering technical questions better than "seniors" with +4 YoE
The bar is just set that fucking low

>> No.54415019

then why are you trying to climb normie corporate ladders? literally git gud certification job switcher boy. you make more on your own

>> No.54415037

Based thanks anon. I will suck it up and do it. It will open a whole new world for me.
>OSCP itself is absolute garbage in terms of the course work and labs
That's too bad, I was hoping I would at least learn something along the way. Do you mean it just got you hired but you learned all the real skills on the job? I guess that is the way it goes.

Not really sure what I'd do on my own, besides just consulting.

>> No.54415064
File: 53 KB, 611x674, 1678999077166507.jpg [View same] [iqdb] [saucenao] [google]

I know how distributed systems work and have had the opportunity to work on high concurrency, low-latency systems at scale.
Most ran away because it's not easy to get accustomed to these, but I eventually got them. That's how I ended up doing the work of entire departments, I just learned what most spend their careers doing... I found that most people's careers can be done by chimps, if the health department would allow it.

>> No.54415125

Start with TryHackMe, then move onto HackTheBox, then move onto OffSec Proving Grounds (Better machines from OffSec, more exam-like). Do this exactly, what I'm telling you.

Only use the OSCP labs to practice Active Directory exploitation chains as those in labs are really similar conceptually to what will be on the exam. That and embedding payloads into word macros and the like.

Partially I learned stuff in my first job, but in my second job I am SO FAR and above everyone else in terms of technical skills, I basically do fuckall and still get praised like a god. I am in the company for less than 6 months and already in charge of managing projects / pentests end to end. if you are +115 IQ it's a walk in the park, if you can withstand the frustration that comes with getting stuck over and over again on CTFs in order to improve your attack methodology and enumeration

>> No.54415185
File: 163 KB, 1284x1509, Fik-DvfWAAAaUC2.jpg [View same] [iqdb] [saucenao] [google]

how youre a janny lol

>> No.54415206

>I know how distributed systems work and have had the opportunity to work on high concurrency, low-latency systems at scale.
How do I learn this exactly?