SecOps Interview Secrets
You´re applied for scores or hundreds of jobs, you finally get an interview, and then you bomb. Or, you think you did well, but you got turned down. Why? How can you improve your chances of succeeding at interviewing for security jobs? What can interviews and the questions teach us? This podcast is for job seekers, hiring managers, screeners, and recruiters who want to improve their interviewing skills.
Episodes
Tuesday Jun 04, 2024
Tuesday Jun 04, 2024
What are the essential differences between the perspectives of the NOC analyst and the SOC Analyst? Hint: It's not tech. The question gets to the essence of security.
Ptacek & Newsham's paper is a perennial favorite of mine: Insertion, Evasion, And Denial Of Service: Eluding Network Intrusion Detection ≈ Packet Storm (packetstormsecurity.com)
A Philosophical Perspective on Trust, Dan Geer: http://geer.tinho.net/geer.issa.trust.18i05.PDF
For discussion in this any various other topics: https://discord.gg/B3gVRya2gn
For event announcements: https://www.linkedin.com/company/nearshore-cyber/events/
Tuesday May 28, 2024
Tuesday May 28, 2024
I talk about 2 questions here:
What is Threat Hunting?
What approach do you prefer?
Most candidates are going to come up empty-handed. But not all.
Introducing the PEAK Threat Hunting Framework | Splunk
TaHiTI - Dutch Payments Association (betaalvereniging.nl)
Intro to my course on Threat Hunting: https://youtu.be/tiKScGzBm-Y?si=w6O5wuZ7CZkVHAhH
Monday May 27, 2024
Monday May 27, 2024
This one is about disrupting the candidate's thinking slightly. Also, it can tell me if the candidate has been in a SOC.
https://www.isaca.org/resources/isaca-journal/issues/2017/volume-6/assurance-across-the-three-lines-a-collaborative-defense
Building a Cyber Risk Management Program
To join the Nearshore Cyber Discord: https://discord.gg/zxG5uyYwqg
Thursday May 23, 2024
Thursday May 23, 2024
Who am I? Why did I decide to share like this? Then, I get into the first of many questions.
Here are the 3 podcasts that I mentioned:
Cyber Security Podcasts - SANS Internet Storm Center
Podcasts - CISO Series
CyberWire Daily (thecyberwire.com)
I happen to prefer podcasts for my daily news feed. But that´s mainly because I read do much and I often suffer from eye strain by the time I get around to turning my attention to the news. Here are a few excellent visual resources that listeners might find useful:
Cyber Security News | The Record from Recorded Future News
Krebs on Security – In-depth security news and investigation
Cybersecurity - Latest News, Research and Analysis - WSJ.com