As stated in title, how did you get into security? I’m a senior software engineer with ~10 years of full stack web app development experience. I’ve been learning more about security, getting into CTFs and bug bounties. Still exploring all possible potential security related roles, though potentially interested in AppSec, product security, or general blue teaming. Very interested in hearing from former SWEs who transitioned into security, but happy to hear from anyone in a security role. TC: 320k
How is it at snap?
Start with risk modeling frameworks and threat modeling. With SWE background you should be able to relate to the challenges and will give you a good base. After that you can go into pentesting.
Can I dm?
I took 3 months off from work studying for the OSCP, I didn't pass it but the knowledge I gained was enough to get a me a junior security job. A few months into that job I finally passed the OSCP exam. IMO having SWE experience puts you way above pen tester's who don't have that experience.
First SWE job out of college I built a tool for the security team then they asked me to join them. All in all a solid move, but now I've lost most of my coding skill which kinda sucks lol
I got in from data analytics. You will see a lot of people coming in from different backgrounds in security. Data analytics made sense as I was using splunk a lot and doing detection and IR work. Now moving towards automation and remediation of the detections/ alerting
There’s tons of ways to break in, but with your experience you’d probably only find AppSec/Product Security roles palatable. It’s not like you’re going to go be a SOC analyst or go run a HITRUST audit.
I am in an intersection of distributed systems and security. From my experience (definitely less than yours), I think you should first try to get into a security infra team as a SWE, since it's more relevant to your experience. Getting exposure to security as a domain is very easy here. After that, hopefully, pivoting to security must be easier. At least that's my plan ...