Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
So the thing is I can’t really be bothered with blogging rn , not sure if I’d make a good blogger cause I usually have small tips and tricks and not full blown posts. Also I’m currently locked in my contract for atleast another 9 months then I’m free to go. What’s the difference between a security engineer and security researcher?
I understand the obstacle to blogging. But that’s where micro-blogging comes in! Twitter is out of vogue so I’d say use Mastodon (or similar Fediverse-ey microblogging platform, e.g. Calckey, etc…). You can post all your tiny tips and tricks and other thoughts there rather than having to pull together full-fledged blog posts. This will help you build a portfolio of contributions to the community as well as build a network.
As for sec eng, vs sec researcher? These are merely titles. A security engineer could certainly be a researcher as well. I’d say you have a lot of “independent” security researchers who day-light as engineers. In some cases you have folks who are researchers as their day job but to get these sorts of roles I would suspect you would need some history of published research (like CVE’s, talks, papers, blogs, etc…).