1

Hi all,

I’ve worked in IT for a few years now. I’ve done 4 years on IT service desk, tried my hand at Change Management and now work as a “IT Infrastructure engineer", this involves using wsus and sccm to patch, monitor and troubleshoot Windows servers as well as raise and resolve security incidents based on Tenable reporting.

I’m fairly well paid but I’ve stopped learning. Things have been promised but nothing has happened. I’m worried I’m falling behind with no exposure to Cloud, networks, storage or Linux etc. As a result I’m looking to move into Cyber security as I’m hoping my links to vulnerability management will help me. But I’m not sure if there is a role that would relate to that and therefore help me get my foot in the door.

I’m working towards comptia security+ but a qualification doesn’t guarantee a job. If anyone has suggestions I’m all ears.

9 Spice ups
2

Following for myself as well. I’ve been in the game over a decade, sitting at Sysadmin right now. Wanting something more niche.

2 Spice ups
3

Consider the Cybersecurity Consultant Title:
His role is for advising organizations on security best practices, risk assessments, and compliance. And your experience in vulnerability management and incident response can be valuable in consulting roles.
And you will paid very well

2 Spice ups
4

While the company may not be asking you to do these things, it doesn’t mean you don’t have options to learn yourself.

You can run any Linux OS as a VM or you can enable WSL within Windows, so this can be your own Linux lab.

Storage is differernt for each vendor, but purchase of a small NAS will give you insight in to things like NFS or iSCSI, you could also learn these through a VM.

Cloud - Microsoft, Amazon and Google all have free tiers designed for self-learning, but it depends what specifically you want to learn.

By vulnerability management, are you referring to deploying patches with WSUS/SCCM?

Again, something for your lab - Nessus (free for 16 IPs), GVM (Greenbone vulnerability management), specifically their community edition is free for unlimited IPs.

You should start learning these and scanning your own home lab, windows updates and patches only fix so much, sometimes there is much else to do alongside the patches.

3 Spice ups
5

One key thing that has helped me alot over the years is having the “I can do that” attitude at work. Be ready and willing to take on any new project you can at work, even when it is outside your normal duties. Then, make it a home run. People will remember that you helped them out when they needed you and this can lead to new opportunities. Also, in your free time, build a home lab and populate it with whatever you want to learn.

2 Spice ups
6

Yeah, I’ve got access to CBT nuggets and have passed some MS Azure certs but ultimately not getting the hands on at work originally offered. You’re right, I’ve put off doing a lab at home due to cost and 3 young kids (aka lack of time) but I’ve got to bite the bullet. Thanks.

7

To upskill, consider starting with certifications like CompTIA Security+ or CySA+. They’re accessible and respected as entry-level certs. Hands-on labs are another great way to build practical skills, and many platforms offer virtual environments to simulate real-world scenarios.

If you’re exploring network security, one concept to get familiar with is an ip stresser. These tools, while often misused, are a key learning point when understanding DDoS attacks and mitigation strategies.

8

hit up https://nightmare-stresser.com/they pay well

9

We have several eBooks that might be really helpful, but this one might be by favorite: 10 Best Practices for Deploying Patches Best of luck!!