Feeling stuck and looking for advice +rant - eviltoast
This is an automated archive.

The original was posted on /r/cybersecurity by /u/knister7 on 2023-09-23 13:10:51+00:00.


Hi guys, 26 yo here, working in East Europe.

Let me first go through my past and experience

I have around 3 years experience in 3 different SOCs. First one was a widely known MSSP where I was tier1 ticket monkey.

From there I was able to jump to a small but very low maturity level SOC in the Energy industry. I got my experience there and I took advantage to work on automation and couple of projects which gave me a bit of experience (I graduated as Software Engineer).

After feeling like it was moving nowhere, I joined an international UK bank (with most management in India) as a Senior Analyst and shift lead on still T1. Pay is good and I was promised to promote to Manager once my boss moves on. Once this happened, they rejected my application since I was jumping two bands (lol) and I lacked the experience in the company. We started to work evenings mostly, which was not told beforehand. It seems most of the management in India gives the interesting stuff to their own while also analysts of my country work during the evening. I spoke with my new manager and he is also feeling kinda frustrated with the decisions made there, as he has barely no decision making power. He raised my concerns up but they are kinda ignoring him.

I still work kinda as a ticket monkey (99% FP rate, escalating the interesting stuff), looooong processes for fine tuning, no time for other stuff than killing alerts.

I applied to couple of positions internally but no luck (no feedback given either). I started then to apply for better conditions outside, but it seems the market is pretty screwed. I have gotten some interviews but no luck either (overqualified/rejected/low salary). I do not believe my CV is a problem but I accept advises on it.

Under my belt these years, I got Net+, Sec+, CySA+, CCNA, AWS CCP.

On my free time I have been hanging around tryhackme, doing writeups, learning about Threat Intelligence and so on.

I have now 1500$ budget for my training.

Which direction should I go from here? I feel like I have barely accomplished anything important in my career. On the interviews I cannot say I worked in Cloud because I haven’t. Same with Vulnerability Management. Same with big incidents. Same with Threat Hunting/Intelligence.

My interests are: Threat Intelligence/Project Management. I am not sure if I would like to be a pentester some day. Would it work to get PMP if I do not have experience on the field to land a PM job?

Thanks in advance. I would also appreciate chats to speak more in depth and get some guidance.

PS: My manager just resigned because he was fed up, is management an option at this point?