Newbie on the rise

What is the best path to choose for someone who is attempting to make it in security, and not just be an IT security guy but really grow and become "THE" Security man? What path provides you with the most possibilities?

I am 23 and I already have A+ Net+. I am attempting to build a network of security professionals who are serious and eager to dominate in their cities. If anyone has any suggestions on how to reach my goal pleas Help...

Find more posts tagged with

Comments

JDMurray

Jfinley wrote:

I am attempting to build a network of security professionals who are serious and eager to dominate in their cities.

To figure out how to do this, I would suggest joining an existing group of security professionals that are already attempting the same thing. The Information Systems Security Association (ISSA) at http://www.issa.org/ is one such organization. You seem to have the same goals as their members; attending their meetings is an excellent way to build contacts in the local InfoSec community. If they don't have a chapter near you then you can start one. If nothing else, you can subscribe to their free security magazine.

Munck

For superior technical knowledge, I'll recommend you look into the SANS GIAC program. Find a track that suit your interests, and go for it.

darkuser

i took one of chris breton's classes.

JDMurray

SANS is terribly expensive. Did you pay for the training/certification yourself?

keatron

I agree with JD. SANS is way up there in $$$. I've got three people attending SANS training this week and next week.

I would suggest adding Security+ (along with the actual Security+ knowledge) to your stash. Then try to land an entry level job in security, preferably a security consulting company (understand the pay might be peanuts to start with). After a year or two of experience, you might start thinking about SANS (by then you should have gotten at least one promotion and maybe making a half way decent salary). Not to mention you very well might be able to get it all paid for by your employer at that point too. This can even be something you negotiate in the interview. For example, it could go something like this. "I was wondering if we can come to an agreement on some advanced technical training after I've been here 24 months etc etc etc." If they're a progressive company, they'll probably go along with it. If they're a really smart company they might even require it. Good luck and keep us all posted.

By the way, here's a look at the SANS certification roadmap.

http://www.giac.org/certifications/roadmap.php

Munck

My current employer pays for my SANS training (GCFW). A former employer of mine refused to pay, hence the term "former"

If a employer refuse to send me to high-quality training/certification 1-2 times a year, I can find someone who will