So what next?

fullcrowmoonfullcrowmoon Posts: 172Member
I've passed the CISSP and am waiting on validation (patience is not a domain I'm familiar with, unfortunately).

For my current position I need to get the CISA, but after that, what should I aim for? What are the most useful cybersecurity certs, in y'all's opinions? I began with 15 years of UNIX/Linux experience and have slowly transformed into a cybersecurity auditor, but I want to stay sharp with the technical stuff.
"It's so stimulating being your hat!"
"... but everything changed when the Fire Nation attacked."

Comments

  • kiki162kiki162 Posts: 635Member
    Yeah I feel like I've topped off on the certs too. You could go for the SANS route (GSEC, IH/IA) but I guess it's depending on what your doing job wise and if they will fund it for you.
  • GForce75GForce75 Posts: 222Member
    You can also get the other CISSP certs. You probably should go for PMP. Your in the same boat that I am, we have masters in project management. Is this something you have considered?
    Doctoral Candidate - BA (33/60hrs) ~ MBA/Project Management ~ BA/Business-IT
  • astudentastudent Posts: 26Member ■□□□□□□□□□
    Linux experience, and want to stay sharp with technical stuff? Try RHCA.bowing.gif
  • Spin LockSpin Lock Posts: 142Member
    ... but I want to stay sharp with the technical stuff.

    When it comes to learning the “technical stuff”, I can’t think of a more valuable topic to understand than Software Defined Networking. SDN used to be bleeding edge technology, but that’s not the case any longer. Cisco, Arista, Juniper, Brocade, HP, and Facebook all have SDN projects and products. This technology is coming fast and it will do to networking infrastructure and security what virtual machines did to operating systems and multicore CPUs.

    Today, SDNs primarily affect how routers and switches are implemented, but increasingly, you will see firewalls, IDS/IPS, load balancers and proxies all support network virtualization protocols to one degree or another. That will have a big effect on how network security appliances are configured. Rather than having a single firewall (or HA cluster) or IDS/IPS with a massive ruleset filtering all traffic entering your network, you’ll see many smaller sensors with smaller rule sets that get configured using an SDN protocol like OpenFlow.

    Trust me, as a security professional, you don’t want to be shown a Wireshark packet capture of an OpenFlow control packet and have no idea what it is (or any other southbound interface protocol for that matter).

    I’m not saying you need to know all the nitty gritty details, but everyone is network security should at least conceptually understand SDNs, network function virtualization, Open Virtual Switching, Open Flow, Open Daylight and Open Stack.

    No certifications for this just yet, but if you have cycles and want to stay up on the technical stuff - this is what I’d look at first.
  • GForce75GForce75 Posts: 222Member
    Spin Lock wrote: »
    When it comes to learning the “technical stuff”, I can’t think of a more valuable topic to understand than Software Defined Networking. SDN used to be bleeding edge technology, but that’s not the case any longer. Cisco, Arista, Juniper, Brocade, HP, and Facebook all have SDN projects and products. This technology is coming fast and it will do to networking infrastructure and security what virtual machines did to operating systems and multicore CPUs.

    Today, SDNs primarily affect how routers and switches are implemented, but increasingly, you will see firewalls, IDS/IPS, load balancers and proxies all support network virtualization protocols to one degree or another. That will have a big effect on how network security appliances are configured. Rather than having a single firewall (or HA cluster) or IDS/IPS with a massive ruleset filtering all traffic entering your network, you’ll see many smaller sensors with smaller rule sets that get configured using an SDN protocol like OpenFlow.

    Trust me, as a security professional, you don’t want to be shown a Wireshark packet capture of an OpenFlow control packet and have no idea what it is (or any other southbound interface protocol for that matter).

    I’m not saying you need to know all the nitty gritty details, but everyone is network security should at least conceptually understand SDNs, network function virtualization, Open Virtual Switching, Open Flow, Open Daylight and Open Stack.

    No certifications for this just yet, but if you have cycles and want to stay up on the technical stuff - this is what I’d look at first.


    Lol, the list of certs never end :D
    Doctoral Candidate - BA (33/60hrs) ~ MBA/Project Management ~ BA/Business-IT
  • astudentastudent Posts: 26Member ■□□□□□□□□□
    ....network function virtualization, Open Virtual Switching, Open Flow, Open Daylight and Open Stack.

    No certifications for this just yet, but if you have cycles and want to stay up on the technical stuff - this is what I’d look at first.

    RHCA has a Cloud concentration, which is based on Red Hat Open Stack Platform.
    https://www.redhat.com/en/services/certification/rhca/cloud
Sign In or Register to comment.