aftereffector wrote: » MrAgent hit the nail on the head. Certs are great, but they aren't going to get you a job. Conversely, though, if you don't have any certs, you will probably have a tough time getting a job. The same goes for a degree (to a lesser extent) - many jobs require a bachelor's, and if you don't have one, you will be placed behind all other candidates who do. However, just having a degree isn't going to land anyone a job automatically. If you have the choice, I definitely recommend getting a computer science degree. That is something I wish I had studied; I'm now having to learn many of the concepts that I could have learned through a structured course environment on my own. I chose to take the quicker route, and while it has not held me back, it also has not taught me much that I didn't already know from just a few years of work experience. I'll close with a case in point. My company has been actively trying to fill a couple of cybersecurity positions for some time now, but our pay bands are limited to the point where most qualified candidates are not interested. We would absolutely hire someone with no experience and at least a baseline certification as long as they had a clearance and met some other nonwaiverable prerequisites. The opportunities are out there, but if you don't have the minimum requirements (CISSP for this job, Security+ for that job, a bachelor's for this other job, etc), you won't even make it past HR. We are not legally able to employ someone on our contract if they don't have a certification.
aftereffector wrote: » I can't send you a PM, so I will summarize generically... for what we do, the only ironclad requirements are 1) DoD Secret clearance, and 2) 8570-compliant certification (usually Security+ although there are a few others). I can't speak for other contracts, but I imagine we aren't the only ones. As far as what we look for in candidates, yes, if we see an indication that a candidate is learning the technologies on their own by reading, labbing, getting additional certifications, and so on, it looks really good. We don't see a lot of those candidates at our price point, unfortunately
MrAgent wrote: » While certifications help, they aren't the only thing that is going to land you a job. Typically experience is necessary, but it is not always the case. I have seen places that will hire someone fresh out of school or with little experience and get them trained up. As far as the degrees, they really don't prove anything other than you can make a commitment and stick to it. Some people actually do learn along the way during a degree program, where others just squeak by to get that check mark done. However, if I were to do it all over again, I would done a BS in CompSci instead of IT sec. The CompSci would have given me a better foundation in programming, where as the IT sec degree taught me how to read and write policy. Luckily for me by the time I started college, I already had years of experience in addition to serving in the military.
Slyth wrote: » I do agree with MrAgent, but on the other hand it really depends on the school you go to and what classes they teach. I have my BS in Cyber Security & Forensics, some of the classes i took near the end of my degree are just above the level of CEH & the policy and management side of sec. BTW MrAgent im on the 3/12/16 start date for OSCP is that IRC channel you setup still open?
Tech333 wrote: » Are security certificates enough to land a job in cyber security? Is experience necessary? What about a computer science degree? I know you need programming experience so do degrees prove that , so are cyber security or computer science degrees better?
