meg west

Ask Me Anything! I’m a Sr. Cybersecurity Consultant @CrowdStrike*. I have a Masters degree in Cybersecurity, a CISSP & the CCSP. I’m on ISC2’s DEI task force, have spoken at several conferences, and make cyber content online. What can I answer? *not sponsored by my employer

@KyrianMax ur welcome

@cybersecmeg thanks for the vid

hey there!! i wanted to yap with y’all about my first ever cybersecurity job, working as an ✨associate SOC analyst✨. i hope u find it informational!!

@TosinAkins_ not doing any mentoring, but best of luck on the exam!!

@cybersecmeg Hey Meg can you be my mentor, I'm writing my cyberOps exams soon been doing a lot of learning lately

@NahamSec hell yeah dude

Loving the feedback I'm getting for my "Is AI Killing Bug Bounty" video.. I almost didn't publish it and it turned out to be one of my best videos this year!

@cre8or_lotie let’s goooo you’ve got this!

@cybersecmeg Thanks for the video I’m an aspiring SOC analyst

@CyberSec_4 AI definitely helps with detections, automation, response, etc., but i don’t personally foresee the SOC analyst role going anywhere for a veeeery long time!!

@cybersecmeg Hey Meg! Love the content! I’m actually curious on your opinion trying to get into the space with All this AI madness going on 😩🤦‍♂️

@jameslawradams 😂😂😂 i’m such a yapper omg

@cybersecmeg One of the best hour long videos I've ever watched

@OliviaGalluccii @defcon SCREAMINGGG

I'm *so so so* excited to announce that I've been accepted to speak at @DEFCON Singapore about my vulnerability research on Apple's OS-es! 🇸🇬 I am beyond grateful to have this opportunity, and I can't wait to meet everyone there! #InfoSec #ReverseEngineering #AI

a moment of silence for all our security friends who are gonna be working the cisco SD-WAN fiasco this weekend 🫡

@13thSentinel thank you, best of luck to you too!!

@cybersecmeg i’m looking for that exact same role too. liking and sharing for exposure. good luck, hope he finds something

@NullMode_ proud of u fam

I uninstalled all social media apps from my phone yesterday. Caught myself doomscrolling my news app, bbc news, twitter, reddit, even linkedin a bit. Most of what is going on with the world is pretty miserable right now so decided to just remove the constant stream of bad news and sources of negativity entirely. This morning I picked up my phone a few times and once I realised I had no messages I put it down again. Wondered what to do, decided to start reading a book I got for Christmas. Oddly freeing, I wonder what a month without the social media on the phone will be like? The book - because you don't ever know enough

@FiredForEffect Again, the companies are the issue.

@FiredForEffect I don’t know of any SMB or enterprise organizations who are hiring folks with zero experience into specialized roles. I wish what you’re saying above were accurate, but I’ve never seen an organization hire someone into a specialized role without having previous experience.

For the peeps considering, or trying, I've got a hard disagree here. Yes, many certs are a waste - especially if priced for enterprise customers. The biggest issue I see are candidates not able to fulfill the role's requirements. You have to specialize. If you can't determine what interests you, you aren't going to be able to dig in at the depth required for many roles. If I were to apply for a SOC role, I'd smash my face through the monitor, hate life, quit, and learn HVAC, and not necessarily in that order. In the role I'm in, instead, I'll find inspiration in a piece of malware and start building iterative PoCs in my free time because it's cool. Therein is the difference. "Meh whatever, I dunno" and "why do I need a computer, the enterprise will provide one" are obvious when we interview you, and compete directly with people nerding out in a very specific and cool niche. And as they say "if you love what you do, you'll never work a day in your life." If you're just trying to "learn to code" security edition, or just get a chill desk job, you've already failed. If you can't find a direction and go, based on your own research, you've got to figure that out first. You are literally competing with focused passion, keyword filtering, AI filtering, gatekeeping, bots, recruiters spamming submissions, and threat actors. Many of those possibilities are combined. If you aren't making yourself standout, step back. Review the position. Look at the requirements. Learn more of the specifics. Go deeper.

@75dpulley love me a biggie bag tbh

@cybersecmeg wendys is hiring

a video about why you’re likely struggling to get a job in cybersecurity 🥲 if you don't have the time to watch the video, the spoiler alert is: it's likely not you, it’s likely an industry problem! keep going, friends!

@TheGoldenAnvil i am not wearing any makeup and my genetics left me with dark under eyes i get the perfect amount of rest, but you should get a life and work on your need to comment on strangers’ appearances

@cybersecmeg My God Meg please get some much needed rest!

@FiredForEffect cybersecurity professionals” lore.

@FiredForEffect given the opportunity to learn or work in. Your response is absolutely valid for those already working in cyber and trying to land a promotion to another team/role; it’s not relevant for those trying to get their first job in cyber after months/years of the “there aren’t enough

@FergusonVates the video isn’t about providing a solution to the issue, my dude, it’s about encouraging folks to keep doing their thing and to take into account that a lot of the issue is within the industry cheers!

I'm a cyber hiring manager for an F50 and this video is meh and generally not helpful. I watched it all the way to the end hoping it would finally come around, but it never did. It mixes in some points I agree with like boot camps are stupid and cyber is not an entry level field, but then it goes off the rails with blaming employers or the industry without realistic or tactical solutions. There is absolutely a shortage of cyber talent especially at the large enterprise level and, no, I don't mean years and years of advanced experience when I say that. Just finding competent junior analysts for the SOC is a nightmare which leads me to my next point: degrees are near worthless in this field. I've interviewed people with master's degrees and doctorates and they suck - they get run around in circles by dudes with no degree and no certs. I don't require degrees or certs on any of my positions for this reason. Ultimately, what matters is what you can do, your innate drive to want to do it, recognition of what you can't do and the ability to adapt and respond to those weaknesses and how well you can communicate all of the above. Sorry, Meg, I see your posts sometimes and I don't recall having issues with them before, but this one is way off base.