CISM vs GSEC

Steelers09

I am interesting in pursuing either the GSEC or CISM. And wanted to get people's general thoughts on both around here. I am learning toward the CISM given my background, but was told that the GSEC provides more hands on experience. My company will sponsor me for both and will also sponsor me to take the SEC401 course.


I have 5 years of experience in my career primarily focused in the IT Audit/Risk Management. I recently changed jobs to a new company in their IT audit group coming from an advisory/consulting firm. My next preferred career move would be in a management position in InfoSec area and long term path would be CISO/IT Security Director route. I already have my CISSP and CISA. Additionally I am looking to pursue my MBA from a top 50 part time program that my company will sponsor(already have been accepted), but I figured I'd pick up an additional certification in the interim as my company is willing to sponsor it.

Even though I already have an ISACA certification I feel like when I am looking for my next position that the CISM will help me more. However, I am very interesting in pursuing a SANS training and want to attend a training that is more hands on the InfoSec world. Thoughts?

JoJoCal19

Based on everything you've said, I would not do the GSEC. Do the CISM and as for SANS course and GIAC certs, instead of the GSEC I would go for AUD507/GSNA, AUD566/GCCC, or MGT512/GSLC. Your desired career path mirrors my own so I'll list what I have and what I am planning on pursuing with regards to security management:

Have:
BS Business Administration - University of Florida
CISSP
ITIL Foundation

In Progress:
MS Information Security & Assurance - WGU
CISM - June 2015

Next up:
CISA
Cobit 5 Foundation
PMP
Some of the SANS/GIAC courses and certs I listed above for you
MBA - University of Florida

Hope that helps.

philz1982

JoJoCal19 wrote: »

Based on everything you've said, I would not do the GSEC. Do the CISM and as for SANS course and GIAC certs, instead of the GSEC I would go for AUD507/GSNA, AUD566/GCCC, or MGT512/GSLC. Your desired career path mirrors my own so I'll list what I have and what I am planning on pursuing with regards to security management:

Have:
BS Business Administration - University of Florida
CISSP
ITIL Foundation

In Progress:
MS Information Security & Assurance - WGU
CISM - June 2015

Next up:
CISA
Cobit 5 Foundation
PMP
Some of the SANS/GIAC courses and certs I listed above for you
MBA - University of Florida

Hope that helps.

Off topic and purely because I am to lazy to research, how hard was ITIL Foundation and what does it take to achieve?

Thanks

PJ_Sneakers

I would like to know this too.

matai

philz1982 wrote: »

Off topic and purely because I am to lazy to research, how hard was ITIL Foundation and what does it take to achieve?

Thanks

Super easy, not sure if you have to take their course though.

I just took a 4 day course with the test at the end.

JoJoCal19

philz1982 wrote: »

Off topic and purely because I am to lazy to research, how hard was ITIL Foundation and what does it take to achieve?

Thanks

ITIL Foundation was super easy. To the OP and anyone else interested, I read this book twice (120 pages maybe?) over the course of a couple of weeks and passed with almost a 90. And no course is required for Foundation level. ITIL Foundation Essentials: The Exam Facts You Need: Claire Agutter: 9781849283991: Amazon.com: Books

colemic

Pretty sure that the author of that book JoJo is a member on here as well, and has been very helpful with questions/understanding concepts in the past.

JoJoCal19

Yes I forgot to mention that. Claire Agutter is a member of the forum and is active in the ITIL forum section. Always willing to answer any questions.