IT/Software career thread: Invert binary trees for dollars.

chaos

chaos

Buzzfeed Editor
17,324
4,839
Well fam I got an offer for a traveling red team supporting a military organization. Pretty nice gig. It's a bit of a pay cut, but not much with per diem. Some travel but downtime will be fucking amazeballs from the sound of it, basically just pick a project and make it happen. And it's not in the fucking city. And they do some actual red team stuff rather than just calling their pentest teams "red teams".

Still looking around, they have to process clearance etc so until my ass is in the chair and the badge is on my neck I'm pushing forward. Another offer from DHS on the table but it is an immature program in the city, not exactly a dream gig. Have active conversations with two others going, one of which seems pretty jazzed and the other just started. All 3 of these are strictly network pentesting, though. Which I'm fine with if it comes to that.
 
Ao-

Ao-

¯\_(ツ)_/¯
<WoW Guild Officer>
7,879
507
chaos said:
Well fam I got an offer for a traveling red team supporting a military organization. Pretty nice gig. It's a bit of a pay cut, but not much with per diem. Some travel but downtime will be fucking amazeballs from the sound of it, basically just pick a project and make it happen. And it's not in the fucking city. And they do some actual red team stuff rather than just calling their pentest teams "red teams".

Still looking around, they have to process clearance etc so until my ass is in the chair and the badge is on my neck I'm pushing forward. Another offer from DHS on the table but it is an immature program in the city, not exactly a dream gig. Have active conversations with two others going, one of which seems pretty jazzed and the other just started. All 3 of these are strictly network pentesting, though. Which I'm fine with if it comes to that.
Click to expand...
Can I get your advice on how to actually build an EVM program?
 
chaos

chaos

Buzzfeed Editor
17,324
4,839
Sure, no problem. My background is pretty much exclusively in the govt/DoD sector so we take all program guidance from NIST SP 800-40 and 800-53, which is to be expected. But whatever you need help with let me know.

Just kind of blanket advice I would give is to really involve all stakeholders, from jump street, I know that seems obvious but a surprising number of places don't do that. For example, my current role asked me to write up a policy document and then, without my knowledge, staffed and sought approval for that without even engaging Ops and Maint. So of course they push back with manning concerns, resources, tools, etc. The full gamut. Turned what should have been an easy thing that solved everyone's problems and been the bedrock for every process related to VM moving forward into a turf war between sections. The way we do things in govt is to use compliance as the weapon to beat everyone else over the head with. I'm not requiring anything of Group X, I'm telling you what we need in order to be compliant. That's basically the key, map policy to compliance regs and build processes to support those policies. Shore up deficiencies in the org that don't allow processes to function ("we don't have Satellite licenses so we can't patch", "Nessus didn't say anything about that struts vuln", etc) and you've got a good baseline and you can start building on that with more formal assessments that will include your red teaming, etc.

Also, same place I am currently at, very confused on the difference between policies and processes. This leads to sooo many problems.
 
Jalynfane

Jalynfane

Phank 2002
719
563
Anyone have intern spots/entry level stuff in the Portland area? Angular/JS/Java/Android but can learn anything needed. THanks! 8)
 
chaos

chaos

Buzzfeed Editor
17,324
4,839
How do you guys feel about taking a paycut to leverage yourself into another related field that you want experience in? I ask because I had a long discussion with a recruiter today. Not your typical recruiter, this dude was straight up. His take was that it's a huge mistake, that basically you're building your experience and credentials in order to take a step backwards. My counter was that if you're in a shit job, with shit benefits it would be worth it to take a minor cut in order to build skills that ultimately should result in a net gain in the long term. Different takes for sure.
 
A

a_skeleton_03

<Banned>
29,948
29,762
chaos said:
How do you guys feel about taking a paycut to leverage yourself into another related field that you want experience in? I ask because I had a long discussion with a recruiter today. Not your typical recruiter, this dude was straight up. His take was that it's a huge mistake, that basically you're building your experience and credentials in order to take a step backwards. My counter was that if you're in a shit job, with shit benefits it would be worth it to take a minor cut in order to build skills that ultimately should result in a net gain in the long term. Different takes for sure.
Click to expand...
So if you stick to the "only get an increase" you can pretty much rule out startups which is quite a frequent avenue that people in IT pursue.

He is wrong.
 
  • 1Solidarity
Reactions: 1 user
wilkxus

wilkxus

<Bronze Donator>
518
210
chaos said:
How do you guys feel about taking a paycut to leverage yourself into another related field that you want experience in? I ask because I had a long discussion with a recruiter today. Not your typical recruiter, this dude was straight up. His take was that it's a huge mistake, that basically you're building your experience and credentials in order to take a step backwards. My counter was that if you're in a shit job, with shit benefits it would be worth it to take a minor cut in order to build skills that ultimately should result in a net gain in the long term. Different takes for sure.
Click to expand...
If the experience is good (read: interesting to you) take the plunge. Even if you ended up hating it, it will broaden your horizons. Broader experience comes with age and is often much more valued and importrant than narrow specializations. The most important net gain is job satisfaction, and salary is only one component of that. As you get older and get more experience salary goes up naturally anyhow.
 
T

Tenks

Bronze Knight of the Realm
14,163
606
By all logical decisions my last career move was probably a downgrade. But sometimes you have to do what is best for you. If you hate putting in your 8 hours daily it really, really takes a toll on your personal life to the point I'd prefer to have less money but be happier. I was miserable staring at the clock everyday waiting for 5:00 to finally come along and I grimaced every Monday.
 
  • 1Like
Reactions: 1 user
L

Luthair

Lord Nagafen Raider
1,247
85
a_skeleton_03 said:
I found this article to be amazing.

Redirecting
Click to expand...

I had a hard time getting past the first sentence where he used rouge instead of rogue.... That said, as someone whose background is writing enterprise java developer tools its no surprise - the Javascript ecosystem is a dumpster fire of stupidity as have been most 'trendy' ecosystems. Bunch of people with limited experience don't bother to learn from the past make a worse version of it, then go on the conference circuit patting themselves on the back.

We can only hope that WebAssembly eventually kills Javascript ending the popularization of a poorly designed language.
 
  • 1Like
Reactions: 1 user
You must log in or register to reply here.