I was a Bio Major, looking for change

Mudkip16Mudkip16 Member Posts: 16 ■■■□□□□□□□
Hi everyone!

i got my bachelor's in Biology because at first, I wanted to pursue a pharmaceutical path. However, after working as a pharm tech for a few years, I realized I didn't wanna do this anymore, and now I am sincerely wanting to go into the field of info security.

I have been studying for the CISSP for a whole month now, but I'm starting to question whether simply passing is enough to get a job. I really don't have the time or money to go back to school to get another degree.

So my questions are A) is passing the CISSP enough to get me a job, even an entry level security job? B) what else can I do to allow employers in this field to hire me?

please lend me your wisdom!


  • Options
    jdancerjdancer Member Posts: 482 ■■■■□□□□□□
    In any new field, everyone starts at bottom and work their way up.

    Since you already have a bachelor's, your choice of getting a cert is a good way to go. Now you need to get your foot in the door in InfoSec.
  • Options
    ajs1976ajs1976 Member Posts: 1,945 ■■■■□□□□□□

    The CISSP requires documented experience and an endorsement from another CISSP. If you pass the exam without that, you will be an Associate of ISC2 (or an Associate of CISSP i'm not sure which is the correct title) but you will not be a CISSP. There is enough demand in InfoSec right now, that it might get you an Infosec job. Leverage your experience in healthcare to learn more about and gain more experience related to HIPAA and privacy issues.

    If the CISSP overwhelms you look into the CompTIA Security+.

    2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete
  • Options
    pinkydapimppinkydapimp Member Posts: 732 ■■■■■□□□□□
    like AJS said the CISSP requires you have a few years of experience to get the credential.

    what tech experience do you have currently? If you want to get into infosec there really isnt a short cut to get you in. You need to have a strong foundation of knowledge in Networking and OS level stuff.

    Id say start with Net+, then sec+ then CCNA security. Once you get a year or 2 of experience look at the isc2 entry level cert SCCP.

    And in the meantime, setup a home lab and start playing with security software and networking stuff to get your skills up.

    Also, you have Bio experience. Look into field engineering, or pre/post sales jobs for bio field related tech software. Might be a good way to leverage your skills to get in to a better entry level role.
  • Options
    Mudkip16Mudkip16 Member Posts: 16 ■■■□□□□□□□
    Thank you so much for your responses! You have no idea what this means to me! I have decided to start with Network+ first. icon_wink.gif

    I don't have much official tech experience, but I've taken an intro to computers course in college. I can build a pc, reformat it, i know a little ruby (which is pretty useless these days -_-), and I troubleshoot various technology-related issues for my parents like, allllll the time b/c they have limited english. But other than that, I'm pretty much a newby to the IT world.
  • Options
    IIIMasterIIIMaster Member Posts: 238 ■■■□□□□□□□
    You can go back to school and get your masters in computer science. Look for a masters program that has a concentration in information assurance or security that is accredited by the DOD or CIA. Then stack a couple good certs like sec+, cisco security or cissp.
  • Options
    srjsrj Member Posts: 58 ■■■□□□□□□□
    It is pretty tough to get into security with no experience. You might consider a help desk or NOC position to start. I started with a degree in Kinesiology and got lucky. I was promoted to System Administrator after about 9 months. It seems like in most cases it takes 2-3 years if you are really motivated, but for me it was just being in the right place at the right time.

    Be sure to take on new responsibilities that are aligned with where you want to be. For example, becoming the AV expert on the team will not provide any real benefit for moving towards a System Admin, or even security role. Try to get your hands on assisting with the imaging systems, patching, security awareness training, etc. This might take some time until they trust you, but it will give you a lot of great experience.

    I don't think that CISSP would be appropriate in your current situation. I'd probably shoot for A+, Network+, and Security+. If I had to skip one, then it would probably be A+, assuming if you have a decent knowledge of basic laptop repair, types of memory, CPUs, basic networking, etc.

    Finally, make sure you are prepared for your interviews. Know something about every technology listed on the job posting. If you find a help desk job, then expect to know what Active Directory is. Bonus points if you go download an eval version of Windows Server 2012 and get Active Directory running on a VM. If you're not familiar with virtualization, then VirtualBox will probably be a good place to start. Make sure you have a laptop or desktop with at least 8GB of RAM. Install Windows Server 2012, Active Directory, and install Windows 7 in a separate VM. This will allow you to test creating accounts, changing passwords, and other common tasks performed in help desk.

    Hope this helps.
Sign In or Register to comment.