September 21, 2021

Having a hard time Finding a Cyber Security Position


I’m having a hard time finding a Cyber Security Position after nearly a year of searching. Currently I work as a analyst on a government contract using SQL, Python, and Excel on a daily basis. I also have a secret clearance and I’m being investigated for a Top. To get familiar with the field I’ve been getting certs like Sec +, Network +, CySA +, and Splunk Power user and I’ve also been practicing doing malware analysis, playing around with SIEMs and EDR software, and doing virtual labs.

Within my company and outside I’ve been applying for roles as a SOC analyst but I haven’t gotten any hits. **I lack the actual on the job experience most of these jobs require and I just don’t know how to bridge that gap.** When I apply for online jobs I know for sure I get rejected because they ask for at least 1 – 3 years for experience at I can’t lie and say I do. How am I supposed to get the job without experience, and the needed experience without the job? I can mess around with Splunk and EDRs all day but its nothing compared to working with them at an enterprise level.

Currently I’m working on the GCIH cert to make myself more “marketable” but I’m slowly losing hope. I’m open to any suggestions, jobs/positions I should apply for, certs to get, things to practice, really anything.



Dude that sucks but don’t be despondent. I hear this same story a lot and you’re not the only one. The only advice I could give is regurgitation from Neal Bridges off LinkedIn and his twitch channel and that is network network network. Reach out to loads of cyber security professionals and follow different cyber sec recruitment companies. Reach out to these recruiters and ask them to review your resume and help you find a position, it’s in their interest! Another big piece of advice is find yourself a mentor. I have heard this is really successful as they can give you career tips, resume review and look at what path you are taking. I think it is really awesome that you are breaking down malware and reviewing tools. But if I am guessing you want to work in a SOC as an analyst reviewing what SIEM / SOC alerts are, how they happen and what to do to respond / remediate? Again you can call BS on this, but that’s my take. Good luck!


PM me your resume. I can send you the job description we are hiring for.


As biggb80 said. Network, network, network.

Look into joining your local ISACA chapter and attend some meetings. Infragard is another good one. See if there are local Security conferences in your area and make it a point to attend them.


If you’re on a government contract with a clearance, you can apply for a government position. []( typically has positions listed. The only potential sticking point will be salary (fed pays less, but there are retention bonuses available) and whether or not you have a degree. Worst case, get in, work for 3-5 years, move on.
For salary purposes, in the DC area a GS-7 (BS degree or some amount of experience) is around $50k, a GS-9 (MS or BS +1 year of experience) is around $60k, with annual grade promotions which are roughly $10-15k each. The retention bonuses are 20-25% of base pay added on to the biweekly paycheck.


What’s your current role?


If you feel you are capable of doing the job just lie about the 1yr… In the interview you better sell your skills like you are a god. Most SOCs use pre-built tools from a vendor and use playbooks or they auto parse SIEM logs.


Check yo local mssps. They always looking for soc analysts and maybe more.


Remove excel from your resume. That’s something a sales person would put on.

That won’t make the difference, but it’s a start


tip: never renew certs… Instead get the latest modern cert… Cloud or whatever and once you have enough exp no one cares about certs.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.