CISM vs GSEC

Steelers09Steelers09 Posts: 3Registered Users ■□□□□□□□□□
I am interesting in pursuing either the GSEC or CISM. And wanted to get people's general thoughts on both around here. I am learning toward the CISM given my background, but was told that the GSEC provides more hands on experience. My company will sponsor me for both and will also sponsor me to take the SEC401 course.


I have 5 years of experience in my career primarily focused in the IT Audit/Risk Management. I recently changed jobs to a new company in their IT audit group coming from an advisory/consulting firm. My next preferred career move would be in a management position in InfoSec area and long term path would be CISO/IT Security Director route. I already have my CISSP and CISA. Additionally I am looking to pursue my MBA from a top 50 part time program that my company will sponsor(already have been accepted), but I figured I'd pick up an additional certification in the interim as my company is willing to sponsor it.

Even though I already have an ISACA certification I feel like when I am looking for my next position that the CISM will help me more. However, I am very interesting in pursuing a SANS training and want to attend a training that is more hands on the InfoSec world. Thoughts?

Comments

  • JoJoCal19JoJoCal19 California Kid Posts: 2,772Mod Mod
    Based on everything you've said, I would not do the GSEC. Do the CISM and as for SANS course and GIAC certs, instead of the GSEC I would go for AUD507/GSNA, AUD566/GCCC, or MGT512/GSLC. Your desired career path mirrors my own so I'll list what I have and what I am planning on pursuing with regards to security management:

    Have:
    BS Business Administration - University of Florida
    CISSP
    ITIL Foundation

    In Progress:
    MS Information Security & Assurance - WGU
    CISM - June 2015

    Next up:
    CISA
    Cobit 5 Foundation
    PMP
    Some of the SANS/GIAC courses and certs I listed above for you
    MBA - University of Florida

    Hope that helps.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • philz1982philz1982 Posts: 978Member
    JoJoCal19 wrote: »
    Based on everything you've said, I would not do the GSEC. Do the CISM and as for SANS course and GIAC certs, instead of the GSEC I would go for AUD507/GSNA, AUD566/GCCC, or MGT512/GSLC. Your desired career path mirrors my own so I'll list what I have and what I am planning on pursuing with regards to security management:

    Have:
    BS Business Administration - University of Florida
    CISSP
    ITIL Foundation

    In Progress:
    MS Information Security & Assurance - WGU
    CISM - June 2015

    Next up:
    CISA
    Cobit 5 Foundation
    PMP
    Some of the SANS/GIAC courses and certs I listed above for you
    MBA - University of Florida

    Hope that helps.


    Off topic and purely because I am to lazy to research, how hard was ITIL Foundation and what does it take to achieve?

    Thanks
  • PJ_SneakersPJ_Sneakers CompTIA, EC-Council, ISACA, (ISC)², Microsoft USAPosts: 879Member ■■■■■■□□□□
    I would like to know this too.
  • mataimatai Posts: 232Member ■■■□□□□□□□
    philz1982 wrote: »
    Off topic and purely because I am to lazy to research, how hard was ITIL Foundation and what does it take to achieve?

    Thanks

    Super easy, not sure if you have to take their course though.

    I just took a 4 day course with the test at the end.
    Current: ​CISM, CISA, CISSP, SSCP, GCIH, GCWN, C|EH, VCP5-DCV, VCP5-DT, CCNA Sec, CCNA R&S, CCENT, NPP, CASP, CSA+, Security+, Linux+, Network+, Project+, A+, ITIL v3 F, MCSA Server 2012 (70-410, 70-411, 74-409), 98-349, 98-361, 1D0-610, 1D0-541, 1D0-520
    In Progress: ​Not sure...
  • JoJoCal19JoJoCal19 California Kid Posts: 2,772Mod Mod
    philz1982 wrote: »
    Off topic and purely because I am to lazy to research, how hard was ITIL Foundation and what does it take to achieve?

    Thanks

    ITIL Foundation was super easy. To the OP and anyone else interested, I read this book twice (120 pages maybe?) over the course of a couple of weeks and passed with almost a 90. And no course is required for Foundation level. ITIL Foundation Essentials: The Exam Facts You Need: Claire Agutter: 9781849283991: Amazon.com: Books
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • colemiccolemic Posts: 1,568Member ■■■■■■■□□□
    Pretty sure that the author of that book JoJo is a member on here as well, and has been very helpful with questions/understanding concepts in the past.
    Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
  • JoJoCal19JoJoCal19 California Kid Posts: 2,772Mod Mod
    Yes I forgot to mention that. Claire Agutter is a member of the forum and is active in the ITIL forum section. Always willing to answer any questions.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
Sign In or Register to comment.