I suppose one could say that I’ve been doing this far too long, and I’ve gained some knowledge about how the cybersecurity industry works, and how people succeed or fail at the field. To give back to newcomers, I recently opened up a Calendly to do ad hoc career mentoring, in addition to the career… Read More Lessons Learned from Cybersecurity Mentoring
I now have some limited appointments for career counseling and resume discussion open for sign-ups. These sessions are free for college students and current enlisted military, and tip-what-you can for everyone else, if you feel my help was meaningful. You can sign up here: https://calendly.com/lesleycarhart Keep in mind that I can only review North American… Read More Career Counseling Office Hours!
“Dear Lesley, I’ve been in a MSSP Security Operations Center (SOC) for a few months as my first cybersecurity job. The work is monotonous, I have access to only a few SIEM tools, and most of what I do is handle repetitive tickets for a ton of customers all by myself on awkward shifts. I… Read More Ask Lesley: How Much Should SOC Work Suck?
Lesley, I am having the hardest time getting my foot in the door in an investigative role. I have spent almost 4 years at the same job, in the same role, and cannot find a way to transition out of the operations side of the house. I went into operations with the intent of doing… Read More Ask Lesley: From Ops to DFIR, a Tough Transition
Dear Lesley, Do you have any tips on how an org can encourage a more diverse candidate pool for a senior and specialized infosec position? We are located in a mid-sized city and we want to do a better job at reaching a good cross-section of candidates. Thanks,Hiring Today Dear Hiring Today, It’s quite commendable… Read More Ask Lesley: “I want to hire more diverse senior people”
For the past decade, I have listened to a number of stories from a minority of cybersecurity professionals I talk to about unbelievably hostile and abusive workplaces. More insidious to me, are the workplaces that “pass” as okay on paper, but are continually undermining, failing, and gaslighting their junior employees. Unfortunately, it’s often harder for junior people to judge that they are not being treated fairly than in cases of extreme abuse.… Read More About Cybersecurity Management and Expectations
I was sent some very challenging scenarios this week, from entry level remote work to anonymity. As always, submit your problems here! Hi Lesley, I’ll add a little background before my question I’ve always wanted to break into the infosec industry as I love tinkering and figuring out how things work. I managed to… Read More Ask Lesley InfoSec Advice Column: 2017-04-26
This week, I address some burning questions about education and training. As always, submit your problems here! Dear Lesley, Let’s cut to the chase. I hate coding. I don’t enjoy building things from scratch. I do, however, love taking things apart, and would probably be able to learn to code if I started in… Read More Ask Lesley InfoSec Advice Column: 2017-03-16
This week, we discuss red team and blue team self-study, getting kids interested in security, and security paranoia. As always, submit your problems here! Dear Lesley, I am a threat intelligence analyst who is currently underutilized in my current job, and feel like my skills and tradecraft are slipping because of it. I’m wanting to… Read More Ask Lesley InfoSec Advice Column: 2017-02-26
Thanks for another wonderful week of submissions to my “Ask Lesley” advice form. Today, we’ll discuss digital forensics methodology, security awareness, career paths, and hostile workplaces. Dear Lesley, I’m a recent female college graduate that didn’t study computer science but is working in technical support at a software company. The more I learn about… Read More Ask Lesley InfoSec Advice Column: 2017-01-30