Found out there are quite a few cybersecurity events local to me so I will be attending those over the next few months, while also taking my CISSP classes, and my CISSP test this summer, as well as DEFCON, B Sides, and more.
This is going to be a very interesting summer for me.
ISTR that CISSP and some other tech-specific certs have a "violate our code of ethics, lose your cert" clause. But I have no memory of that actually happening. Does anyone know of a case where violation of a code resulted in a loss of tech/cyber certification specifically?
Being found to have violated laws is a deliberately public process, in part because visible censure within the group has cultural reinforcement value. For example, in the license plate club I belong to, the list of people who have been ejected from the club for cause is in every issue of our print magazine (to ensure that those ejected for cause cannot continue to predate on unsuspecting members!)
If loss for cause of a CISSP/etc. cert is invisible to other members ... what's the clause even for?
The hardest part of #CISSP test prep is to get re-familiarized with all the lies they tell the kids in cyber school, like the #OSI model.
Upside is, I'm pretty sure with a little day-of memorization and some willful self-reprogramming, I'll be able to pass this test on Saturday. I'll be annoyed if I fail by little, or pass by a lot.
Yay passed the #CISSP exam. I take back everything i said, it’s an accurate and balanced test that proves baseline understanding of useful cybersecurity concepts.
(but really it is kinda nice to be relieved of imposter syndrome for the next couple hours.)
Also, zero questions presented on WiFi 802.11foo standards. Lucked out there.
So I did what I always knew I would do and waited until the last year of my #CISSP renewal to get most of my #CPEs done. What is everyone's go-to for getting CPEs that are useful without spending a ton of money. I know about the included BrightTalk ones but looking for other alternatives.
Intro: I have been working in IT for 20+ years. Last few years in IT Risk & Security.
I am an introvert. So while I do enjoy interacting with others, I need time to wind down & be on own every now and then.
Since Feb '22 work & private life has been greatly impacted by catching COVID. Up till today I have not recovered and am unable to work or have an active social life.
While I'm still looking to get #fediHired I have seen an awful lot (both in quantity and quality) of LinkedIn recruiter spam, that appears to be AI-assist driven, or at least strongly templated. Let me try:
"Hi $NAME. I hope [this message finds you well | you had a great weekend] I was really impressed with your profile and experience with $THING and think you'd be a great fit. Please schedule 15 minutes with me to discuss this great opportunity!" (No details provided)
Oh, and on the topic of #fediHired since I've been getting some boosts and new followers recently for unrelated posts, it's worth repeating, I'm looking for my next career step.
TL;DR ideally I'd like to find a full time, full remote (hybrid in CA bay area ok), Senior Security Architect role, or similar.
Last position was Senior Security Engineer. I've got my #CISSP and a broad development background and ops history.
DM me if you think something would be a good fit. Thanks
So, one thing I miss about infosec Twitter was the viral awareness brought to timely issues.
Like the cissp bylaw change vote last year.
Now it's up again, but I don't see the advocacy.
Anyone got an opinion on the petition vote? #cissp#bylaws#infosec
I've been silently following & observing for a couple weeks, so it appears I'm overdue for an #introduction post.
Professionally, I've been #BlueTeam#infosec for about 16 years. I've evolved into more of a policy & guidance role over the years, but I'm also still the #incidentresponse lead. I'll try to share what I can when I can.
The first #Derbycon was my first infosec conference I attended. The second through final, I was a volunteer. I've also volunteered for #CircleCityCon every year except their 2nd.
I'm a #USNavy#veteran, 4x college #dropout who had no career direction and eventually got an AAS degree in network administration in my 30s. I was working for an employer who had no IT security at the time, so I raised my hand and started my infosec career. I collect IT certs like kids collect pokemon but never submit CPEs - I just move on to another cert. I've had 7 #GIAC certs at this point (8th pending), but only 2 are currently active. Also have expired #PMP, #CISSP, and... lots of lesser stuff.
Apparently, I make a pretty damn good #cheesecake. Also a serviceable #mixology home bartender.
I've completed 7-ish(?) #marathon and a handful of half...but weight gain and age have kept me from adding any in the last 4 years. Also have a decent bike that I ride on a stand more than I do outdoors.
Most Wednesday evenings you can catch me at #Zanzabar for the Louisville #Cartoonist Society weekly "Drink and Draw." I don't draw, but I have a few friends who do and I enjoy practicing the drinking part.
Married, no kids. Both me and my pups (3 of them) are #snipped.
My politics trend very #liberal and I try to back that up with actions and financial support.