DEV Community


Discussion on: Jobs in Information Security (InfoSec)

rogerzanoni profile image
Roger Zanoni


Thanks, your post is very informative and since you were from the dev side of the force like me, I'm specially interested on how did you make the move from dev to infosec.

Did you obtain some sort of certification before applying? Most of companies seems to look for people experienced in infosec and it seems hard to make a move as a developer saying "hey, hire me, I can learn things!".

I used to play around with RE and stuff like the "exploit-exercises" challenges, so working in appsec and RE/Malware analysis look very shiny to me.

Sometimes I feel like getting back to studying it seriously and applying for some position and end up not doing it, could you share how was your experience? Did the effort of changing your career path worth it in your opinion?

Did your previous work experience play an important role in your hiring or was interviews/some kind of "portfolio" decisive?

shehackspurple profile image
Tanya Janca Author

Hi Roger,

I actually wrote another blog post about my entire career path, here:

I'm currently writing a book which I can hope would serve as a clear and easy to understand introduction to AppSec (Alice and Bob Learn Application Security) and am planning to create online training on how to become an AppSec or DevSecOps engineer, starting very soon. Currently there is no clear career path into security, and I think that sucks. So I'm going to try to create one, at least for my small speciality within InfoSec.

Wish me luck, I need it! :-D