Moving away from Information Security Administration.

Jono_jsJono_js Posts: 1Registered Users ■□□□□□□□□□
Hi All.

I have Secuty+ and MCSE and I have been working as an Information Security Administrator for nearly 6 years now mainly doing Access and Identity manangement. I now would like to move on to something else Threat and Vulnerabilty to be exact, but have no hands on experience....How would I make the transition from one to the other as most companies want to hire people with experience and I have none.

Comments

  • JoJoCal19JoJoCal19 California Kid Posts: 2,736Mod Mod
    I was in your exact position. I did straight Identity & Access Management, security admin work for a large bank for almost 6 years. The last 3 years of that was only because I was stuck and couldn't get out to other security roles, as you are facing now. It's tough as hell to get that chance without being 100% on your game with knowledge of other areas of security. You'll first have to obtain some high level or sought after security certs to get the recruiters calling, and get a shot at interviewing for the position. Then you'll have to be very knowledgeable about either the technical security areas (firewalls, IDS/IPS, pentesting, etc) or the governance/risk/compliance areas. After I got the CISSP I was blown up by recruiters and those doors opened, then I was able to use my business degree as well as my knowledge of risk and controls to land my current Information Security Risk Management role with a global financial leader.

    Getting the certs will be your best bet to getting contacted to be submitted for jobs, or landing an initial interview for ones you apply to. Then it's up to you to use knowledge you gain from self study to impress the interviewer and prove you can handle the job.

    Working in IAM you meet the 5 years of experience required for CISSP. That is where I highly suggest you start.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSP, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
  • RemedympRemedymp Posts: 834Member
    You might want to take a look at GIAC Certified Perimeter Protection Analyst.
Sign In or Register to comment.