Career and Certification Advice

Hello all.

I am looking for some advice in regards to progressing my career. I am currently an Security and Information Risk Advisor in the Public Sector and I have been doing this for around a year now.

I has sat and passed my CISMP. I have my PCIIRM and PCIAA coming up at the end of the year which I have secured through work. I am currently studying Business continuity in my own time and plan to take the BCS exam for it by the end of the year also.

Next year I will be looking at completing the CISM and begin studying for the CISSP.

My current weakness is in network and general IT. I have a good basic knowledge but I require more training and input in the area so that when I am reviewing IT solutions I can better understand them and am able to a curated access any inherent risk within it. This is mostly due to me coming from the Physical Security side on the Job rather than the IT side.

Any advice at all would be fantastic.

Find more posts tagged with

Comments

636-555-3226

Just a heads up that both the CISM & CISSP require a specific number of years of experience. If you don't meet the requirements, you may be able to pass the test, but you technically shouldn't be certified until you meet the experience.

Other than that, I'm not sure what you're asking. Sounds like you already have a cert path picked out. In terms of career, what do you want to go in to?

Marv_Bx_718

RGriffin wrote: »

Hello all.

I am looking for some advice in regards to progressing my career. I am currently an Security and Information Risk Advisor in the Public Sector and I have been doing this for around a year now.

I has sat and passed my CISMP. I have my PCIIRM and PCIAA coming up at the end of the year which I have secured through work. I am currently studying Business continuity in my own time and plan to take the BCS exam for it by the end of the year also.

Next year I will be looking at completing the CISM and begin studying for the CISSP.

My current weakness is in network and general IT. I have a good basic knowledge but I require more training and input in the area so that when I am reviewing IT solutions I can better understand them and am able to a curated access any inherent risk within it. This is mostly due to me coming from the Physical Security side on the Job rather than the IT side.

Any advice at all would be fantastic.

If I were in your shoes, and assuming I am a Novice in the world of IT, I would look into entry level certs like the ComTia Net +, and Sever + for the more general certs. If you want to get more concentrated studies I would look in to CCNA on the Cisco side, and for the Microsoft side look into one of their OS exams, and one of their server exams.

Hope this helps a bit.

RGriffin

Brilliant. I will look into these and see what they involve.

RGriffin

I have been involved in Security for 8 years with some on and off IT work. As I said my back ground is mostly physical security with a year's experience in Security and Information Risk. I think I could likely meet the CISM requirements and would have to pass the CISSP test prior to gaining full certification once I have the relevant experience late down the line.

I am aiming for Senior Information Risk Manager / Advisor however I want to ensure that I have a broad knowledge of areas which that touches such as IA architecture/auditing and Business continuity. I was looking for confirmation for more than anything as the Certifications I am taking I have researched myself.