Getting Back into the Game...Advice Needed

Draft2007

Hello all, I happened to stumble upon this forum and wanted to introduce myself and possible seek a little advice on getting back into IT after a few year hiatus.

To start let me give a little background. After graduating High School, instead of going to college I opted to start working in sales and had moderate success for a few years. I eventually got started in IT back in 2006 working as a Database Analyst/Engineer for a company that my father owned. After a year of experience, I was able to land a position as a System/Network Admin for a small mortgage company (30-40 total employees). A little over a year later the company was forced to shut its doors due to start of the declining industry. Because of my lack of education and experience at the time I was limited in my options. Luckily, the community that I lived in was pretty small so I was able to land a similar role with another mortgage company in the area. Like most real estate companies around that time, this company also was forced to close it's doors about 2.5 years into my employment. After working for one more mortgage company that ultimately shut down a year later, I decided it was time to explore other options. To summarize, at this point I had 5 years of Database/System/Network Admin experience, however since the 3 mortgage companies that I worked for went out of business, verifying my experience would prove difficult.

I searched a few months for different Admin roles to no avail and even applied to Help Desk roles with no success. The majority of the feedback that I received indicated that my biggest weakness was my lack of education/certifications and that my one strength (experience) was incredibly difficult to verify since the companies were no longer in business. At that point, with my savings dwindling I decided to take a sales job since I also had experience in that field.

After a year of working in sales, I quickly realized that working in IT was really what I wanted to be doing so I enrolled in WGU's IT Security Bachelor's program. It's about a year later now, and I am on track to graduate by the end of August and am seeking advice on what my next steps should be. I was able to hang on to a couple different sales jobs up until a few weeks ago when I was laid off.

My ultimate goal is to become a Security Engineer/Penetration Tester. I have been strongly considering WGU's Master's in Security and Assurance. I also have roughly $2000 set aside for Certifications that may help me to advance my career.

Current Certifications
CCNA, CCNA Security, A+, Security+, Linux+, Project+, CIW Web Design, CIW Database Design

Main Questions/Concerns
-What would be the best way to approach my proof of experience challenges (companies all are closed) with potential employers?
-Since I was laid off from my last sales job I have decided to take time off to finish school, so there will be a 3 month gap in employment. What is the best way to approach my sales job layoff with IT employers or since it is a different industry will it not matter much?
-I really like WGU's model which allows me to accelerate but would it potentially be more beneficial to get a Master's from a different institution than my bachelors to show diversity?
-Which certifications would be the best to obtain next? I have noticed many job listings looking for Microsoft certs which I don't have but do have quite a bit of experience/competency in.

Any advice or constructive criticism would be much appreciated, thanks for reading!

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

LinuxNerd

With so many people wanting to get into penetration testing/security I have a feeling this sector is a bubble. Thankfully I think it will be good for about 5 years then burst. So you should be good time wise.

If you want to get into security become a master at either: Linux Shell Scripting, Windows PowerShell, or Python or a Programming language and start coding programs.

If you were a hiring manager looking for a penetration tester would you want some guy with a few Microsoft and Cisco certs or a guy who busts out his laptop and goes "Hey take a look at these tools I coded." I know this is the tech exams forum so I don't want to be disrespectful towards certifications but IMHO Experience + Graduate Degree + CODING SKILLS = Job. Certs not needed. Now, once your hired if you have a job with lots of down time then study for certs on the job.

Definitely a Master's is a good thing to get. In the mean time start a tech blog and start coding. Put the blog on your resume and list Blogger for X so you don't have a big gap.

Best Luck!

Vask3n

LinuxNerd wrote: »

If you want to get into security become a master at either: Linux Shell Scripting, Windows PowerShell, or Python or a Programming language and start coding programs.

Best Luck!

I would also encourage you to pursue some scripting/coding knowledge and a great way to get your feet wet in that regard is checking out some open source security projects that are available on Github. For many of these the type of programming necessary to contribute is usually more scripting-oriented, I will try to offer a specific example:

For programs like OSSEC, which is a host-based IDS (HIDS) solution, you can start by actually writing rules for it. Since this program functions like an IDS (and can actually issue active-response so some IPS as well) it needs signatures to be able to properly categorize logs and tokenize their data. These rules are basically regular expressions combined with some special XML which is where the more scripty-type of work comes out. Obviously OSSEC does not ship with decoders/rules for every log type or appliance in existence so usually when this gets implemented you add your own custom rules to OSSEC.

You can always pursue the path of writing your own code too and check out the many languages that are available, combined with the platform you are working on, in order to figure out which ones you want to pursue.