Late last year and into this year I made some training and professional goals for myself. I thought I had posted about them, but turns I didn’t really post those tidbits (I have a whole host of things in my own notes), but I figured I would provide an update on what I did in 2017 in regards to those goals.
I spent about 2 months preparing for the PWK/OSCP lab and exam pairing, and over 3 more months in the course lab, and passed that exam. Probably one of the most satisfying things I’ve accomplished in my career. Really, anything I say about it and what it means to me is an understatement.
Through the summer months, I was bogged down a bit with a job that I have just since decided to move on from (I have a week off this week!), and I had really set aside more time for a possible OSCP re-take. Failing a first attempt on that exam is not an uncommon, but this did leave me with some extra time for the year.
I also had told myself I should check off another Offensive Security course and cert pair: WiFu/OSWP. I can happily say that I signed up for this course just over a week ago, and this week passed the exam. It’s definitely something I wanted to get done in 2017, and having a week or two off has given me the time to focus on it.
I spent significant time taking some courses on Linux Academy, namely reviewing the Linux Essentials course and RHCSA prep course. I’ve used Linux at home for many years, but have never really had any true formal study in Linux, so this has been nice to fill in some gaps in my knowledge. The Essentials course is mostly review for me, but I have learned a few things. The RHCSA cert itself is not something I will pursue (since my title does not include Linux in it), but I do find it useful to have that level of aptitude and workability in Linux. I started this course as part of an obligation to my employer, and since I’m changing jobs, I’ve put this one more into casual studying over the past few months. This is one of those nice items where my own personal goal fit with my job duties and training requirements.
Among other less tangible goals, I’ve made progress in building out my home lab this year based around ESX running on an Intel NUC. As with any lab, it still needs plenty work, and that will roll into 2018. I’ve also built the habit of attending local security meet-ups, namely SecDSM, through the year. And I’ve also gotten my hands on a few extra old laptops that I can use for additional exposure to non-Kali pen testing platforms.
Job-wise, this was a really big year. This marks the second full year for me being a true full-time security professional. Through the rest of my career, security has always been a part of my duties, but I was still always a sysadmin first and a security admin second (for those who have had that sort of hybrid role, you know what I mean). Last year and this year have been good in this regard; it really does make a world of difference to be able to devote serious time to improving security rather than constantly getting interrupted with small and large operational tasks.
All told, it’s been a transition year for me, and a very good one on almost every front. And while I have some individual accomplishments in the bag, my biggest takeaway has been just being conscious of my career direction, my learning habits, and my continued training. I slacked off over the past several years, and getting back on track has been a huge deal to me and my happiness and enthusiasm.