Stuck and Confused about my Next Step in Security Certification

Hey guys, so a lot has happened since I first joined this job. I managed to pass my MSc in Information Security, gained a job in a very very good security company doing intrusion analyst/incident detection and finally in January I managed to pass my GCIA exam

But the next step is what I am confused about. My management are A-OK with funding my GCIH exam, but that won't be until a little later in the year. So I am looking for something else to do, and I am not sure what. My following options are (self study):

-CISSP: Long and I have only got around 2 years of experience, so I am not even sure if it is beneficial for me at the moment
-SSCP: The little brother of the exam above, but is it really that beneficial to my learning/future?
-Security+: I see some of the domains mimick the CISSP domains, but it does indeed seem to be a better study length in comparison to CISSP. Not too big in the UK either.
-ECSA: Sounds good on paper, seems to be a mini-GCIA. But it doesn't appear to be too popular
-Edit* Or possibly quite left field: CCENT. I really should get my raw networking more drilled, and I use a lot of Cisco logs where we work. I don't specifically work on Cisco devices, so that's a slight downside

I am not looking specifically for something to impress recruiters, but it is something always in the back of your mind. I don't think I will be able to afford to maintain 3 (4 when I get 4 years worth of experience for CISSP) certifications, so I need to be picky about which one I choose. I am more in love with the analysis side of security, rather than the pen testing side of things, so that of course is another fundamental part of next certifications to choose

What do you guys think? Cheers

Find more posts tagged with

Comments

LionelTeo

If you are into analysis side of Security over the pentest side. Then forensic analyst would be a more interesting option to you. Pair with Incident Handling, Intrusion Analysis skills, you will made yourself a valuable resource to any SOC that deals with forensic. You can be either part of incident handling, forensic, network analysis team.

Therefore, something along GCFA would be a great deal for consideration, part of which will overlaps into GCIH, thus it would not hurts even if you decided not the pursue the cert, but rather the knowledge can still aid in GCIH exam and related work.

GCFA is obtainable via self study, you may want to visit this blog for more details.
An Eye on Forensics: Studying for the GCFA certification: Part 1

Another form of in depth analysis would be dealing with debugger to analyse stacks, register and pointers. Debugging deals with vulnerability research or malware exploits; usually branch from general forensics or network pentest. If it interest you, you may want to look up on possible career path options that branch into those.

LionelTeo

Sorry for the double post, just wanna mention you should be able to attempt your first CISSP via 3 years and 6 months of experience, as you would have 9 months to submit your credentials before the mainteinance kicks in. So you may also want to opt for a certification that is less hassle to study for. After your GCIH course and exam will probably bring you about 3 years of experience. This leave you 6 months to study for CISSP, so from now till your GCIH you had another 6 months to get to insert another cert.

If you are not very keen onto technical certs at the moment due to timeframe requirement. GISP would be a relatively safe exam certs to take. GISP is GIAC version of CISSP, which is very close to the CISSP exam but slightly difficult but it does not require 4 years of experience to obtain. Another one would be G2700, which is an overall good cert if you would to pair it with CISSP in the future.

CEH -> CHFI is also another path that is viable that is probably easier to self study for and probably give you a better introductory feel to forensics before you dive into it. Also worth noting that there is a good amount of overlap between GCIH and CEH making it easy to study for both.

Overall, you would stand out as an impressive IT Security Professional no matter which path you took. Masters with GCIH, GCIA, GCFA, CISSP; or GCIH, GCIA, G2700, CISSP; or GCIH, GCIA, GISP, CISSP makes your an edge above the standard community.

higherho

Bah go for the gold of security certifications.

http://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

Doyen

LionelTeo wrote: »

Overall, you would stand out as an impressive IT Security Professional no matter which path you took. Masters with:
1. GCIH, GCIA, GCFA, CISSP
2. GCIH, GCIA, G2700, CISSP
3. GCIH, GCIA, GISP, CISSP
makes your an edge above the standard community.

This is a great path of study to compliment a degree. Again, thanks LionelTeo sharing your knowledge with us. Sorry I rearranged your quote. I just wanted it to stand out a little better and I can refer back to it easier from my post history. Here is a link to the GIAC acronyms.

Mechs

Thanks for the responses!

I've pretty much got GCIH signed off this year, so I will be concentrating on that in the mean-time. I think GCFA will be at some point next year before summer, and ultimately I will try and dip my toe into some Malware analysis, so probably GREM or another field.

At the moment, I am reading some GCIH material, and ironically as mentioned in this thread, it kinda matches some parts of the OSCP, so I might take a look at the learning material, but not attempt the test. It will be cool to do, but Pen Testing really isn't what I am interested in at the moment. It will be good to have as a compliment, but I want to get my company to pay for as much SANS/GIAC stuff as possible as it is so pricey!