Hello all!

I've been trying to start a career in infosec, I have applied to several companies in my region and now I have two choices to start:

The first one is called verification and validation software quality, they want me to look for exploits in applications, do research to see if the app is passing delicate info uncrypted, and check web apps also...
This one is the more secure offer, by this I mean that Im actually doing interviews to work for them... is a new company.

The second one is called softnet, theyre waiting for some guy to quit in a month or less, I've already send my cv to a friend there, he tells me that if I get the job Id be doing design and implementation of information security solutions of cisco and mcfee, and they will need me to do some certifications of products paid by the company.

Im just wondering what would be the best choice and how does this opportunities add to my infosec career... or should I wait for another??

Im months from having my electrical engineer degree, working on my thesis.
After My graduation I want to go after an infosec masters and some certs also.


All suggestions will be really appreciated...

The second one may end as standard administrator job. If you like it, that's fine. The first one is more security-related and new companies bring more possibilities.

Youre right about all... but the first one strikes me as security programmer... still is the one im leaning towards to right now.
Now would that work experience be good for cissp or cism certs wich requires work exp??

I've updated some facts about the second job...

Again, suggestions and advices are appreciated

Do you have a current A+ certificate, or are you planning on acquiring an Network Plus Certificate and a Security Plus Certificate. I acn tell fyu from reading the related pages on the comTia web site that is is recommended hat A IS/IT professional seeking a security related job ito at least have the A= and Security Plus Certification.

Im actually looking forward to get a security+ and ccna or network+ certificates... but never tought of getting an A+ certificate.

I would say to put the A+ certification on the bottom of your list for the time being. Get your Network+ first, and then your Security+, and then do your CCNA. It'll logically make sense if you do it in that order.

Personally if I was in your situation, I would go for the 2nd job. It sounds more interesting doing systems and network admin stuff, plus being able to have them pay for your learning and certifications. Like you said, the 1st job sounds a lot like programming and research. Either way, at least you have options!

Thanks Micro420, and all that have replied.

Theres only now to wait and see... im waiting for the 1st job to call for the psychologist exam.

Im planning to get a masters in infosec in 3 years... Already have some universities im interested, and also looking forward to get giac, and who knows maybe even be gse certified!!

Hello all!! I just tought Ill update this post by saying this:

I got accepted at the FIRST JOB(This was edited, it said second job)... they hired me as a security analyst specializing in web applications pen testing, I´ve been studying a lot and right now Im planning on getting the network+ certificate in a month or two and then the security+ certification, I have already set my goals to get CEH and OSCP before next years february.

My BS. thesis is actually beginning to lift off so to speak... and Im really happy with the job I got, and as Mara said, its really security related and new companies DO bring more opportunities.

Thank you all for the help...

Still Suggestions are always appreciated and taken in consideration!

Congratulations!!! You're "in!"

The first hurdle has been cleared. Always the most-important one, and please be assured that my accolades are quite sincere.

Now ... you have a lot of work to do. A lot of planning to do.

Once your (justifiable...) exuberance at having landed your first job begins to settle down ... and don't be in a hurry for it to settle down, because you do quite-richly deserve it ... I want you to start thinking about it from your (new) employer's business point-of-view.

What does this company need from the person in this position? What does the company's business need for the person in (your) position to "bring to the table?"

Never mind(!) what insecurities you may have, or what sort of "validation" you may have been seeking .. from certifications or diplomas or from what-have-you .. you're "in" now. What does your new employer's business need?

Presumably the person who gave you the thumbs-up knew more-or-less what (s)he was hiring, and will be well-satisfied with that decision. No matter how nervous you may (quite justifiably) feel... no matter how inadequate the gremlins in your "anxiety closet" might be trying to make you feel ...

Put on-hold any plans for "more certifications" and focus on the (new) job at hand. Plant a large boot squarely in the face of any insecurities and try your best to anticipate what your new employer needs the most from a person in your position, and perhaps what your employer hoped in their wildest dreams to find in that person.

Try to be, or in due time to become, that person.

"Welcome aboard."

Thank you so much for the advice sundialsvcs, and thanks for the welcome to the infosec world!!...
This is such a gratifying experience.