Open in app

Sign in

Write

Sign in

The OSCP & Me

Jordan Rimert
2 min readNov 3, 2020

I’ve been on the path of cybersecurity for a number of years. I’ve always loved working on computers. Growing up I was the IT guy of my family. I remember helping my parents set up their home network for their business and using that same network to have LAN parties with friends. I never developed a true technical skill set but I was always curious how computers interacted with each other. That curiosity is what’s blazed a trail in the cyber security industry for me. Who knew you could make a career out of googling?

I had gotten my CISSP a few years ago. The work experience requirements are more broad than you might think — I’ve not yet technically had a job in IT but my career has always focused on one or more of the security domains, primarily risk management, governance, and compliance. When I got it, however, I felt that it did not bridge the IT gap I was hoping for. On my own time I was gaining a lot of technical skills that left me content. At work I used a tool called Alteryx which allowed me to start thinking more like a developer and work with different IT areas. It also allowed me to start incorporating what I learned at home by adding scripting with .bat files and using python to automate some of the boring stuff.I was picking up new skills left and right and knew I wanted to work in a more technical capacity, so I started my job search.

I started working on certifications with Azure and Cisco and they weren’t scratching the ‘technical itch’ I was looking for. Through my job searches I found countless job postings requesting Certified Ethical Hacker or the OSCP designations. I did some digging and the cyber security community has a ton of respect for people with the OSCP but the CEH could be better for HR filters. Since the previous certs I got weren’t heavy in any technical sense, I really wanted to get the OSCP. An insane 24 hour, live, box hacking exam sounded like the perfect challenge. The $999 price tag however, made me want to seek out other options.

Rather than drop a cool thousand dollars on an exam, which admittedly does also include training, I decided I would gain the necessary competencies and hold off on getting the certification itself. The certification itself won’t get me a job but the experience, knowledge, capabilities, and networking I would need to gain in order to pass it would certainly be a boon to my career.

So I put together a list resources to help me on my journey. Hackthebox, Vulnhub, and Tryhackme all provide excellent training opportunities. For the purposes of this blog, I am going to work primarily with vulnhub since I won’t be banned from the service by sharing my solutions, thoughts, and ideas with you. You can see what I have currently scheduled and completed here. I want this blog to be a documentation of my path to becoming a security expert and provide some alternative paths to breaking into the cyber security industry.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Cybersecurity
Information Security
Security
Hacking
Learning

Jordan Rimert
Jordan Rimert

Written by Jordan Rimert

2 Followers
1 Following

Security nerd always looking to learn more. Talk to me about coffee, cloud, security, and IT.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams