Questions about getting into Information Security...

itstudent10

Hi everyone, I've been following the forum for a while now and wanted to post a couple of questions that I've had on my mind lately on a career in information security but no one really to ask (I know this one gets asked a lot as I've done the research ahead of time). I'm not sure if this is the right forum to post in either as I noticed the certifications forum also but seeing as this is career related, here I am.

In regards to my background, I'm a recent college graduate with a degree in Comp Sci and worked over a year as a junior level sys admin. I'm interested in system security, which probably sounds broad, but for instance I enjoy patching Linux servers and getting rid of vulnerabilities. I would say this is the most exciting part of my job at the moment and would like to move into infosec and learn more. My comp sci degree wasn't too heavy on security, with only one class on cryptography and auditing, but I want to get more into it now.

Recently, I saw that Coursera was offering a specialization certificate in Cybersecurity from the University of Maryland and I was wondering - would it be a good idea to go for it? (Considering the cost for 4 courses and the capstone project- $250) Or should I just take the courses for free and go for more industry recognized certs (A+, Network+, Security+ ?). I know it seems like a no brainer perhaps but I wanted to make sure ahead of time before deciding on it.

And also, how can a system administrator transition into information security? Is there anything that I can do on my end that will help me get into the field? I've read about setting up a lab and I currently have an old desktop laying in the corner that I can load up a Linux distribution on and harden, but what else can I do? Are the recommendations from sites like stackoverflow enough?

I have also thought about going for a master's but considering the costs at the moment, it's not feasible at the moment...

Lastly - are there any books recommended that I should read?


Thanks for the responses,

- ITS10

Danielm7

I wouldn't pay for the certs from Coursera, but I would take the free classes, no reason why not. The certification doesn't seem like something anyone has heard of, if you're going to spend money you might as well put it in certs that people recognize.

I'm been a systems admin for a long time and just today accepted a position in security. Outside of the degree and the certs I really tried to play up the security tasks that I've had as part of being a sysadmin. When I really started listing things I had done a lot of them, but it really wasn't on my resume so much as it was tailored for sysadmin jobs in the past. I had worked with firewalls, done general security policies for companies, AV/malware stuff, patching, access controls, some basic user training on best practices, etc. So, for me it was a case of finding a recruiter that knew the manager, talking with them and being able to explain my background. Even things I hadn't done professionally I talked about how I've tried them in a home lab with open source software or projects I've done, they wanted to see someone who was really interested in the role. They asked a lot of questions, I did well on that as I hadn't BSed my resume, and personality goes a long way.

Let me just reiterate that... be personable! They told me when I was in my 3rd interview, but the first in person one, that they had dismissed people in 15 minutes where were so awkward they knew they wouldn't fit in. You may really know your stuff but when you come off rude, harsh or a know it all people don't want to work with you.

Also, be up on the current security news. They brought one guy in for a Sr Security Analyst position, he had been in security for years, they asked him about ShellShock 2 weeks after the news broke. It was even on yahoo and CNN at that point, the guy had no idea, they want people with passion who are excited to work in the field.

itstudent10

Hi Daniel, thanks for your answer! You're right about the money being better spent with the recognized certs so I'll go ahead and take those as well as the Coursera courses for free as mentioned.

Congratulations on getting the new position in security! Did you go for your master's degree? ( And do you feel that it helped you if so?) and what certifications did you go for, just out of curiosity? As for listing the security tasks linked to the sys admin roles you've done in the past, I'm glad to know that worked for you since I also listed some of the stuff I've done during my short stint so far. In terms of personality and being personable, I definitely agree with you there so I'll make sure not to change in that department.

Do you recommend any sites/blog for security news? (InfoWorld?)

Thanks again,

ITS10

ajs1976

Krebs on Security is a good blog to follow.

Since you have a Comp Sci degree and over a year as a jr. Sys Admin, I would recommend reviewing the A+ and Net+ material but skipping the exams and then moving onto the Sec+.

Keep an eye out for security related projects and tasks at work and go for those.

Drethyl

itstudent10 wrote: »

Hi everyone, I've been following the forum for a while now and wanted to post a couple of questions that I've had on my mind lately on a career in information security but no one really to ask (I know this one gets asked a lot as I've done the research ahead of time). I'm not sure if this is the right forum to post in either as I noticed the certifications forum also but seeing as this is career related, here I am.

In regards to my background, I'm a recent college graduate with a degree in Comp Sci and worked over a year as a junior level sys admin. I'm interested in system security, which probably sounds broad, but for instance I enjoy patching Linux servers and getting rid of vulnerabilities. I would say this is the most exciting part of my job at the moment and would like to move into infosec and learn more. My comp sci degree wasn't too heavy on security, with only one class on cryptography and auditing, but I want to get more into it now.

Recently, I saw that Coursera was offering a specialization certificate in Cybersecurity from the University of Maryland and I was wondering - would it be a good idea to go for it? (Considering the cost for 4 courses and the capstone project- $250) Or should I just take the courses for free and go for more industry recognized certs (A+, Network+, Security+ ?). I know it seems like a no brainer perhaps but I wanted to make sure ahead of time before deciding on it.

And also, how can a system administrator transition into information security? Is there anything that I can do on my end that will help me get into the field? I've read about setting up a lab and I currently have an old desktop laying in the corner that I can load up a Linux distribution on and harden, but what else can I do? Are the recommendations from sites like stackoverflow enough?

I have also thought about going for a master's but considering the costs at the moment, it's not feasible at the moment...

Lastly - are there any books recommended that I should read?


Thanks for the responses,

- ITS10

What type of position are you looking to get into for security?

itstudent10

@ajs1976 - Yes, I've heard about Krebs! Will do! And about the certs, that sounds like a good idea - but if I don't have my A+ or Network+, it wouldn't look like I was skipping anything would it? Thanks for the suggestion!



@Drethyl - I'm interested in being a security engineer - based on the descriptions from GWU's website I found on Google:

• Security Analyst: analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, and/or management of security solutions.
• Security Engineer: Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements

I've also thought about the security analyst role.

Danielm7

itstudent10 wrote: »

Congratulations on getting the new position in security! Did you go for your master's degree? ( And do you feel that it helped you if so?) and what certifications did you go for, just out of curiosity?
Do you recommend any sites/blog for security news? (InfoWorld?)

Thanks! Starting the background check Monday so I'm hoping to be able to give a solid 2 weeks notice by mid week. I just did my BS, but I'm considering my MS at some point later. I'd like to learn my way around the field a bit more first before I add MS level studies on top of it all. I think the degree helped, one of the main people interviewing me either knew about WGU already or researched it before I came in because he asked me a number of questions specifically about the school, all good ones though. For certs, the ones I got through school, so A/S/L/P+, MCP, CCNA, CCNA Security, I have an old MCSE from way back, I don't list it in my current certs but I do mention it in a description on an old job.

There are a million sites out there, they did ask what ones I read, what podcasts I listen to, etc. Funny actually because I listed a few out right before the call just in case they asked that and I was nervous, 45 minutes later they asked me that exact question.

Drethyl

Danielm7 wrote: »

Thanks! Starting the background check Monday so I'm hoping to be able to give a solid 2 weeks notice by mid week. I just did my BS, but I'm considering my MS at some point later. I'd like to learn my way around the field a bit more first before I add MS level studies on top of it all. I think the degree helped, one of the main people interviewing me either knew about WGU already or researched it before I came in because he asked me a number of questions specifically about the school, all good ones though. For certs, the ones I got through school, so A/S/L/P+, MCP, CCNA, CCNA Security, I have an old MCSE from way back, I don't list it in my current certs but I do mention it in a description on an old job.

There are a million sites out there, they did ask what ones I read, what podcasts I listen to, etc. Funny actually because I listed a few out right before the call just in case they asked that and I was nervous, 45 minutes later they asked me that exact question.

Congrats on entering the security field. What will your job title be?

Danielm7

Information Security Analyst, I believe them mentioned internally its the II level, but that doesn't mean anything elsewhere. Basically it'll be my level and a very Sr person above, so I think I'll be able to learn a ton, very excited.

itstudent10

Danielm7 wrote: »

Thanks! Starting the background check Monday so I'm hoping to be able to give a solid 2 weeks notice by mid week. I just did my BS, but I'm considering my MS at some point later. I'd like to learn my way around the field a bit more first before I add MS level studies on top of it all. I think the degree helped, one of the main people interviewing me either knew about WGU already or researched it before I came in because he asked me a number of questions specifically about the school, all good ones though. For certs, the ones I got through school, so A/S/L/P+, MCP, CCNA, CCNA Security, I have an old MCSE from way back, I don't list it in my current certs but I do mention it in a description on an old job.

There are a million sites out there, they did ask what ones I read, what podcasts I listen to, etc. Funny actually because I listed a few out right before the call just in case they asked that and I was nervous, 45 minutes later they asked me that exact question.

That's great! As for the MS, I've also thought about whether it would be a good idea to go for it or gain experience first, so this also makes sense. I'm only just hearing about WGU now too, I'll check it out and the threads related to it. Thanks for listing your certs also! Now if I'm from a Linux background, would it be a good idea to get a Linux+ cert then?

Good thinking with the site list too, thanks!

Danielm7

The linux+ couldn't hurt, I was totally green to linux so it helped me get a much better grasp. If you've got a much stronger linux background than I did there are higher certs as well, but I'm not familiar with the details of them, like the RHCE that would probably give you a leg up but it likely focuses more on administering linux than you'd need in a day to day security role.

TechGuru80

Ok so you have a degree in Computer Science...do you have any certifications so far? What type of OS environment are you in currently? Within the job descriptions you have provided, you basically need to know systems and networks. Unless you want to get specific in systems or network, I would start off with a certification that applies to your current environment (MCSA or Linux+). The reason is you will get to use these skills every day and potentially could get promoted (or a raise) while working on a transition. Next, you could pick up some network knowledge. I would recommend Network+ -> Security+ -> CCENT -> CCNA -> maybe CCNA:Security. If you have all of those, you will have a good foundation of knowledge on how all of this technology works together, which would then allow you to further specialize or fill in any gaps for example with the opposite operating system of what you learned before. If you were to just jump into a position that needed this knowledge it would be harder to learn on the fly. Those would equate to maybe two years of studying at the most (probably less).