LEO Experience and A+
I have been a Law Enforcement Officer for 9 years and have been managing a very successful restaurant for about a year now. I have really been wanting to get into the network security aspect of the IT world. Is there any advice or specific route I should be taking? Also, I have no experience in the IT industry, will my past experience help me get my foot in the door with A+ certification? Thank you for any and all advice.
Comments
Also it could be harder to break right into infosec. People usually first try to get into IT and then into infosec.
Also, entry-level salary in IT is pretty low compared to what you probably make as a LEO. I assume it is around 70-80k plus OT. Entry level jobs with A+ in IT are closer to 20-30-40k.
It takes years of experience in IT to learn both the BA and soft skills needed to apply within the security realm and truly be successful. This is why there are so many faux-auditors in the field (the basis of ITSec) in the first place. I will accept all the rotten tomatoes thrown at me here but ITSec is about applying what started out as financial controls to a technology based environment first - tech second.
What specifically of the 31 types of security tasks are you interested in with a law enforcement background and an A+?
- b/eads
You're going to have to start from the bottom and work your way up. I'm sure there are plenty of technology related duties throughout the department, and that they are probably short on staffing. The fact that you are a commissioned officer can work in your favor for the simple fact that you do not have to go through as many of the hoops required for CJIS compliance, which helps when the FBI audits your agency's information systems. Do you guys have anyone who manages your desktops, CAD, MDT's, ICV's, or BWC's? Try to get your name in with those guys.
Honestly, you have a ways to go before you can get into a network security role in the private sector. A long ways.
Also, just my personal advice: I would stay away from ICAC. Forensics experience be damned, you will never be able to forget that disgusting garbage for the rest of your life.
Instead, broaden your security background to include the other cybersecurity components by working towards Security+ and CISSP. I'd skip A+ and Network+... maybe even skip Security+ and go directly to CISSP. Again, if you have physical security experience, leverage that. CISSP is more manager-level, and for that you do not need to know all the technical details (but you do need to know some).
I know several people who have gone this route (physical security to cybersecurity) that have done amazingly well. Attitude/confidence makes a big difference. Don't go in saying "I have no IT experience"... go in saying "my area of expertise includes physical security experience." A lot of cybersecurity folks I've known are strong on IT but really weak on physical security, and consequently (in my opinion) many cybersecurity problems stem from physical security problems and social engineering problems.
Just my 2 cents.