Security Jobs in Dublin

AaronToal87 · 12-02-2014 2:47pm

Hey I like the way the people you work for think I don't believe you need to spend loads of money on degrees, I believe you should get a job and start at the bottom (You have to have some knowledge of the field i.e basic Networking, Security, Linux and maybe some coding) start of with a mentor who will show you the basics and send you on your way to working full time and then the company should send you to college for the degrees.

I work in IT Security and this is what my boss has done for me I had knowledge of most computer stuff (Networking, Security, Nmap, Java, C++, Python, HTML5, CSS3, Linux (Ubuntu,Backtrack 5 & Kali Linux) so my boss started training me to be the company Pen Tester and I love it I don't even mind doing the write up after the test haha.

AdNet · 07-04-2014 11:03pm

Hi guys,

Can you recomend me where to look for a contract jobs (from home) as a PenTester/Ethical Hacker?
Yes - I have an experience and relevant cert. on IT Security level

Best for me will be medium-short projects & work from home.

syklops · 08-04-2014 10:12am

AdNet wrote: »

Hi guys,

Can you recomend me where to look for a contract jobs (from home) as a PenTester/Ethical Hacker?
Yes - I have an experience and relevant cert. on IT Security level

Best for me will be medium-short projects & work from home.

I don't know but if you find out can you let me/us know?

I love Pen testing, but doing it in a suit and in a corporate environment can be annoying. Being able to do it from home in my pyjamas would be awesome. Come to think of it, Saturday was awesome.

dolann · 10-09-2016 4:26pm

Hey syklops,

I have just finished a Master Degree in Information Security and Digital Forensics, and have come from a Construction / Design discipline with over 17 years experience. I returned to college when the down turn came in this sector. Are there still openings within your company?

syklops · 10-09-2016 5:37pm

dolann wrote: »

Hey syklops,

I have just finished a Master Degree in Information Security and Digital Forensics, and have come from a Construction / Design discipline with over 17 years experience. I returned to college when the down turn came in this sector. Are there still openings within your company?

Probably, but I dont work there any more :pac:

knotknowbody · 11-09-2016 11:42am

Hey dolann, yes Integrity are hiring at all levels at the minute.

Did you do the masters in blanch, we have a couple from there started recently(in the last month) in the level1 team, it involves shift work about 4 nights per month, but is a great place to learn and figure out which area of infosec you really want to get into as you will see a bit of everything, www.integrity360.com and click on careers to see all the positons.

SOC Analyst(1st Level) is where graduates are usually hired although there is also a graduate pen tester position open at the minute.

dolann · 11-09-2016 3:19pm

Thanks for that KnotKnowbody,
I did the Masters in Blanch alright! I will look into integrity 360 today. That sounds great the variety in the job......

syklops · 12-09-2016 11:27am

dolann wrote: »

Thanks for that KnotKnowbody,
I did the Masters in Blanch alright! I will look into integrity 360 today. That sounds great the variety in the job......

The fact is InfoSec in Ireland is booming. A few years ago it was only IT companies who hired fulltime security people, now everyone wants their own. You will not have difficulty finding work, and you are in the enviable position of being able to choose what you do, where and for whom.

_Tombstone_ · 12-09-2016 11:49am

What do you say to your boss when he comes to see why the fox is gone with the chickens??

The whole industry is....what, comical really as everyone is been hacked to sh1t.

syklops · 12-09-2016 11:54am

_Tombstone_ wrote: »

What do you say to your boss when he comes to see why the fox is gone with the chickens??

The whole industry is....what, comical really as everyone is been hacked to sh1t.

You say "I told you this would happen, but did you believe me? No. I said we needed to patch the firewalls against the shadow group exploits but you wouldnt sign off on the overtime. I said we needed a pen test done to see what was exploitable but 'upstairs' wouldnt pay for it, and I said we needed end to end encryption on the laptops, and you pencilled that in for a project for next May."

testaccount123 · 12-09-2016 11:58am

_Tombstone_ wrote: »

The whole industry is....what, comical really as everyone is been hacked to sh1t.

Good, plenty of high paid work out there so

_Tombstone_ · 12-09-2016 12:08pm

syklops wrote: »

You say "I told you this would happen, but did you believe me? No. I said we needed to patch the firewalls against the shadow group exploits but you wouldnt sign off on the overtime. I said we needed a pen test done to see what was exploitable but 'upstairs' wouldnt pay for it, and I said we needed end to end encryption on the laptops, and you pencilled that in for a project for next May."

What do you when it happens after all that?

Joe Exotic · 12-09-2016 12:23pm

_Tombstone_ wrote: »

What do you when it happens after all that?

Well its how you report it and deal with it internally, its not enough that you tell your boss you need to drive it home by ensuring that there is a written record of the report, also get it put on the risk register that way boss or risk committee need to accept the risk.

If that risk is then realised they are responsible or at least officially aware it was possible.

at the end of the day its all about ensuring that the risks sits with the correct people, this is almost never the IT department.

That is the hardest culture change to implement once managers realise that its actually their risk not the IT departments, suddenly they become far more supportive in risk mitigation and avoidance.

IamMetaldave · 12-09-2016 12:57pm

murphk wrote: »

_Tombstone_ wrote: »

What do you when it happens after all that?

Well its how you report it and deal with it internally, its not enough that you tell your boss you need to drive it home by ensuring that there is a written record of the report, also get it put on the risk register that way boss or risk committee need to accept the risk.

If that risk is then realised they are responsible or at least officially aware it was possible.

at the end of the day its all about ensuring that the risks sits with the correct people, this is almost never the IT department.

That is the hardest culture change to implement once managers realise that its actually their risk not the IT departments, suddenly they become far more supportive in risk mitigation and avoidance.

That is probably one of best pieces of advice I've seen given on Boards.

Ownership of Risk is key. When a boss/board is signing off on not doing a piece of work and they own that risk in the register at the end of the day you have told them it's an issue, you have done your job.

Blowfish · 12-09-2016 6:39pm

IamMetaldave wrote: »

That is probably one of best pieces of advice I've seen given on Boards.

Ownership of Risk is key. When a boss/board is signing off on not doing a piece of work and they own that risk in the register at the end of the day you have told them it's an issue, you have done your job.

Indeed. Most people in Infosec start out with a 'fix all the things' attitude. While a laudible goal, probably the most important lesson you'll learn is that that's not what you are there for. Also, as hard as it may sometimes be to accept, you need to realise that business leaders signing off on a risk may actually be the correct decision on their part, even if the vulnerability remains.

moc moc a moc · 13-09-2016 2:46am

Blowfish wrote: »

you need to realise that business leaders signing off on a risk may actually be the correct decision on their part, even if the vulnerability remains.

Understanding this (the business view of things) is a key aspect of maturity in the industry. I can't help but think of the Fight Club quote, though:

Take the number of vehicles in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a recall, we don't do one.

mach1982 · 26-09-2016 8:06pm

syklops wrote: »

For traditional corporate infosec type positions there often is the "Minimum 5 years experience", but really nowadays security is a very easy domain to get into. Getting the "hackers perspective" is very sexy and desirable now. Some tips for the infosec wannabe:

Get a github account and host some projects there
Get a blog and keep it security-oriented
Join twitter and again try and keep it security oriented
Go to some conferences
Go to chapter meetings - HoneyN3t, 2600, Tog etc
Build an attack lab at home with a wide range of technologies and be familiar with them and their deployment,
Very importantly, accentuate any roles in current or previous roles that are security related on your CV(firewalls/AV, patch management, System Administration etc)

Currently in IT support ( 9 years) but want to get out I want to be my own boss and I am a bit of a crossroads.

I've always had interest in Hacking and security, but I live the sticks , so there not many people into computers especially security . I've messed around with Kail/Backtrack , bought books on OSes, programming languages( all O'Reilly) hacking and metasploit . I've watch the Hak5 podcast from the season 1 when Wes was the co host and the other week I set up a open wrt wifi repeater to get wifi to my brother house next-door.

So I got a couple of questions to , I know they might sound stupid so forgive me in advance.

1. What type of projects should you host on your github. I once built a very very basic port scanner in Perl once. I'm no software developer but I can hack together scripts .

2. Dose non industry experience count? , i.e hacking you own wifi or neighbours ( with their permission) or just paying about with metasploit seeing with if you take control of a old laptop or android phone( that was fun discover messages I deleted were still there) .

Thanks .

Blowfish · 26-09-2016 8:26pm

mach1982 wrote: »

1. What type of projects should you host on your github. I once built a very very basic port scanner in Perl once. I'm no software developer but I can hack together scripts .

2. Dose non industry experience count? , i.e hacking you own wifi or neighbours ( with their permission) or just paying about with metasploit seeing with if you take control of a old laptop or android phone( that was fun discover messages I deleted were still there) .

Thanks .

While creating a unique tool to address a need no one else has is obviously going to put you in a much better spot than most, for starting out, you could actually just combine the two points above. You could get a lab setup or find a few intentionally vulnerable VM's, write scripts specifically targeting them and document clear and methodical walkthroughs for your approach and how you exploited them. Demoing that you can learn the technical bits and (in some senses more importantly) that you can explain what you did in a clear and understandable manner and you'll be golden.

mach1982 · 28-09-2016 3:26pm

I saw this
http://www.bordnamona.ie/company/careers/current-vacancies/career/it-security-officer/

Was tempted for about a second to apply as it close to where I live to but don't think I would have chance , (yet).

I had apply to BnaM before and they got me do a silly aptitude test. I 'm slightly dyslexic, so don't do well on throes tests cause always I am second guessing myself

I have taken the advice above and set a up virtual lab . I already had installed a a couple win xp, win 7, and win10 vms, and had set up Kali as a vm but never install it on the virtual disk , tried once and it failed for some reason so started all over again . Found a nice guide online and got it installed last night. Next step download measplotable , and see if can get the VM to recognise an USB wifi adapter, and some fun ....

testicles · 29-09-2016 12:09pm

This post has been deleted.

Joe Exotic · 30-09-2016 9:53am

mach1982 wrote: »

I saw this
http://www.bordnamona.ie/company/careers/current-vacancies/career/it-security-officer/

Was tempted for about a second to apply as it close to where I live to but don't think I would have chance , (yet).

I had apply to BnaM before and they got me do a silly aptitude test. I 'm slightly dyslexic, so don't do well on throes tests cause always I am second guessing myself

I have taken the advice above and set a up virtual lab . I already had installed a a couple win xp, win 7, and win10 vms, and had set up Kali as a vm but never install it on the virtual disk , tried once and it failed for some reason so started all over again . Found a nice guide online and got it installed last night. Next step download measplotable , and see if can get the VM to recognise an USB wifi adapter, and some fun ....

Ive had trouble in the past with this when the host machine is running windows. it has always worked when the host is Linux. - just a thought in case you run into difficulties

mach1982 · 30-09-2016 2:52pm

murphk wrote: »

Ive had trouble in the past with this when the host machine is running windows. it has always worked when the host is Linux. - just a thought in case you run into difficulties

Got the USB working , add myself to the vboxusers group via the command line ( hand tried the GUI).Not sure if the usb adapted can be put promiscuous mode more testing need so just installed aircrack-ng on the host Mint 17.3 .

Virtual Box additions wont install even after a distupgrade on the Kali VM and I updated the headers keeps says it can't find the new headers , I only wanted them installed so I can user shared folders feature , but will just use ftp to copy from host to guest . Also not sure bi-directional copy and paste is working, but that not bad as I will have to type the command in the VM and not copy and paste that way I will remember them better.

Security Jobs in Dublin

Comments