How to become a technical IT security
Helenastone
Registered Users Posts: 4 ■□□□□□□□□□
Hi, everyone. During those days, I am quite upset due to my tough job seeking. I received my Master's degree of information security last year. and have 5 years work experience in IT including 3 years in IT security. I have already looked for an IT security job for more than 4 months. Though I had received one personal interview and few telephone interviews, I still do not get a job offer. I am a foreigner in Australia with temporary work visa. I guess it might be one reason of the my failure. But more important is I found that most IT security job require technical skills, but my strength are IT governance, compliance and risk assessment. I do not have much exposure to technical skills. Without demonstrated technical work experience, it would be hard to convince employer to offer me a job.
Therefore, I am wondering how to become a technical IT security. I believe if I could acquire some professional certificates, such as CEH, CCNA, etc, it would be easier for me to find a job.
Therefore, I am wondering how to become a technical IT security. I believe if I could acquire some professional certificates, such as CEH, CCNA, etc, it would be easier for me to find a job.
Comments
-
jamesleecoleman Member Posts: 1,899 ■■■■■□□□□□Have you thought about consulting?
I've been thinking about doing it but I don't have the skill-set to do it. Have you been to Job Search | one search. all jobs. Indeed to check out jobs? If you use Indeed to check out which certifications are popular in your area, maybe that could give you an idea of which certification or skill you could get.Booya!!
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not***** -
LionelTeo Member Posts: 526 ■■■■■■■□□□Step 1) Get a test lab, Virtual Box. Follow the book advanced penetration - the ultimate security guide in setting up a decent test lab (every exact steps give). 1 Firewall, 1 Load Balancer, 2 Knoppix vulnerable machine, 1 Backtrack Kail. Also put up a webgoat. Grab a Centos if you are into hardening and a windows SP 2 license.
Step 2) Get a decent book that cover decent technical knowledge, not a study guide. Counter Hack Reloaded by Ed Skoudis, I highly recommend this book.
Step 3) Finally then you then took a study guide or relevant books to go for respective certs, like CEH, GCIH, GISP, CISSP. -
Heero Member Posts: 486Another thing to be careful of is your English. Your grammar makes it pretty clear that English isn't your first language. You should have someone review any correspondence you put in writing to check grammar/spelling/structure.
For the technical side, do the best with what you have. You can set up some gnarly labs nowadays with the virtualization options available. For example, I had an 18 router Dynamips lab set up for learning BGP/MPLS and I learned a ton from that. Having a really cool lab like that set up can give you something to boast about in interviews. -
Helenastone Registered Users Posts: 4 ■□□□□□□□□□Yes, I thought about it. However, most consulting positions require work experience with sound knowledge of technical principles. I have talked with a job agent about my career plan. His suggestion was that penetration tester would become popular and be in high demand. So he advised me to get CEH or CREST.
-
Helenastone Registered Users Posts: 4 ■□□□□□□□□□@LionelTeo-Thank you very much for your suggestion. I will work on it as your suggested steps. I have a basic understanding of JAVA and SQL query. To be a good penetration tester, should I have a strong ability in scripting skills?
@Heero-Thank you very much for pointing out my fault in English Grammar. I will try to catch up especially in writing. Virtual test lab is a good idea. I will follow LionelTeo's suggestion to start from the Virtual Box. -
paul78 Member Posts: 3,016 ■■■■■■■■■■@Helenastone - welcome to the TE forums. Hang in there - looking for a job can take a really long time. I'm unfamiliar with the Australian job market but perhaps with your risk and governance experience, you may want to consider a less technically related role - unless of course, your passion is to get into more technical areas. Have you considered risk management and perhaps auditing roles instead.
-
Helenastone Registered Users Posts: 4 ■□□□□□□□□□@paul78- Yes, I have applied for a few IT risk analyst positions. Though I got a positive feedback about my performance during the interviews, I still failed finally. One reason was that I am not permanent resident or citizen, therefore I could not work in Australia permanently. I can understand their concern, but this situation let me down. I am really into IT security,I will not give up. At the same time, I notice a large amount of IT security jobs ask for penetration testing skills, so I am seeking to improve my technical ability especially in pen testing.