What cert should I go for after CISSP
Hello Group,
First, thanks to everyone and especially to those who created the combined notes. I passed the CISSP on 9-25 and I'm waiting for my endorsement to be confirmed.
What would folks recommend as a good next cert? (I have pretty much have all the CompTIA+ certs and Cisco Technician already, and I'm 18 out of 30 credits towards my cyber masters).
I'm looking at a Blue Team hands on management consulting career in Infosec. I'm currently employed in a general IT security IT auditing Operations position. I was thinking of CISA or CEH (even know I want to be a blue man dude, I still practice my red team skills regularly).
Thanks to all!
First, thanks to everyone and especially to those who created the combined notes. I passed the CISSP on 9-25 and I'm waiting for my endorsement to be confirmed.
What would folks recommend as a good next cert? (I have pretty much have all the CompTIA+ certs and Cisco Technician already, and I'm 18 out of 30 credits towards my cyber masters).
I'm looking at a Blue Team hands on management consulting career in Infosec. I'm currently employed in a general IT security IT auditing Operations position. I was thinking of CISA or CEH (even know I want to be a blue man dude, I still practice my red team skills regularly).
Thanks to all!
Comments
-
beads
Member Posts: 1,533 ■■■■■■■■■□
Depending on whom you ask and how long they have actually been doing the work. I have found over time that working the blue team where you are forced to know so much more, defend everything, everywhere all day and night to be much more difficult to on a daily basis than when I did red team based work.
More ironic is that as the increased demand and visibility of high profile breaches have come to light the industry for lack of better wordage, continues to put the entry level junior people in at the front lines of defense and wonder why they fail so easily. It really took me a couple years before I became really comfortable doing the blue team stuff even after a number of successful read team engagements.
Both Red and Blue need to cross train to get the maximum value out of either program. Either that or you'll find most people become fairly bored with either in less than a couple of years as a steady diet of the stuff.
- b/eads