SWE’s typically grind LC and system design so they can quickly hop to another company if they get laid off. As security engineers, which skills can we grind to also find new work quickly if things go south? I can only think of grinding hacking labs like Hack The Box/TryHackMe and doing a bit of LC as well.
keep your basics strong
Do you mind elaborating?
Appsec is probably reasonably safe from cutbacks and such if you are already established or sufficiently senior. We're seeing some cuts to open headcount, but no reduction in existing personnel. Skill-wise, working towards scaling out your impact and ability to work across teams and focus areas will make you invaluable as a senior+ eng. Strong generalists are still in good demand, so it wouldn't hurt to brush up on your foundations either.
Can you be more specific? I got Security foundations, what do you mean by scaling your impact and ability to work across teams? Be able to code/configure many systems?
It is pretty project specific, but at a high level think about how you can take what you're doing now and adapt it to help some multiplier the number of people. For example, if you're doing a lot of one-off assessments and seeing a lot of the same problem you can scale up by remediating that problem as a class of bugs.
Health & Wellness
Yesterday
720
Lasik cost
India
4h
327
'Hindutva': The Radical Hindu Ideology That Seeks to 'Push Christianity Out of India’
Tech Industry
Yesterday
3242
What happens when most of your team is Indian?
India
11h
599
80L INR Bangalore or 200k CAD Vancouver?
AMA
Yesterday
856
PM Manager, early 40s, married and ENM (Ethical Non Monogamous) AMA
IMHO right now if you are in InfoSec you are recession proof. Though we've seen a generally softening in the rest of the tech sector, there's a snap back effect in InfoSec that people are trying to protect the things they already have. As a result, there's a 700K personnel backlog to fill positions with people who don't yet exist. I think you're golden if you find a marketable niche.
this. we are golden
Absolutely this. A lot of security orgs also run bare minimum to meet compliance on top of the lack of security engineers in general.