Starting out

paulbsiegel

hi all

I am a desktop/network support analyst with over 10 years experience and I'm looking to move into Security. It's bit confusing navigating through all the different cert options though. I was thinking of doing the Comptia Security+ and CASP first then moving on to GSEC then finally CISSP. Is this logical or would the GSEC cert be redundant after taking the Comptia courses and tests? Also, where should SSCP fit here if it all?


Thanks

SephStorm

Depends on where you want to go and what you want to do.

Security+ knowledge is relevant to all areas, whether the cert will give you any benefit depends on the industry/company. If you are looking at any type of Jr. Position, it will likely be relevant. Its very relevant on DoD (US).

GSEC may be relevant, but I've never seen a request for this where others weren't relevant.

As for CASP, I highly advise waiting until you can say you have extensive experience, whether in the lab or on the job.

I'd also advise waiting on CISSP until you are working in security I know I can't be the only one who would hate to see a candidate with a CISSP with no security experience.

Get your base, then look for relevant certs to the specific positions you want to get into. We created a roadmap of the different areas of security (non-inclusive), use that to pick an area. http://www.techexams.net/forums/general-certification/101064-cert-career-map.html#post857592

paulbsiegel

Thanks very much, I appreciate it

cyberguypr

As SephStorm said, the key is knowing where you want to go. Having a goal and a general sense of direction towards it helps a lot. Another good resource is the SANS Career Roadmap. Although SANS-specific it gives you an idea of different paths within InfoSec and the knowledge/courses associated with each one.

paulbsiegel

Very helpful. Thank You!!