On Sat, 20 Aug 2022, at 19:59, Thomas Dullien via Dailydave wrote:
Hey,

1. Old-timers like us are terrible sources of career advice. Aside from survivorship bias, the environment we acted in was drastically different than today's environment.

But then, who is great at giving career advice? Some things change very slowly - your basic advice how to get along in any corporation remains probably the same - fit into the culture, network within and outside, be moderately disagreeable, avoid ethnic humor, etc. About the same as in 1990s.

Some thing change: people I interview for jobs for junior to mid-senior roles in cyber security (consulting) largely do well or poorly based on three criteria:

  1. They know enough about computers - IP stack, something about operating systems and programming
  2. Can reason about cyber security trends - e.g. able to at least explain the essential steps of a ransomware attack.
  3. They can coherently express themselves - will generally fit in a corporate environment

The trouble with today's "cyber is a good career" crowd is that they only do (3) at best and not (1) and (2). Master degree holders in Computer Security & Forensics outside of top N universities are particularly disappointing. Those who do (1) and (2) usually don't need much of career advice as they simply float to the top of the job pool stack. Given the huge demand, there's a job for almost anyone who can spell.