LEO Experience and A+

BL83

I have been a Law Enforcement Officer for 9 years and have been managing a very successful restaurant for about a year now. I have really been wanting to get into the network security aspect of the IT world. Is there any advice or specific route I should be taking? Also, I have no experience in the IT industry, will my past experience help me get my foot in the door with A+ certification? Thank you for any and all advice.

gespenstern

Depends on what you did as a LEO, but overall LEO skills don't mean much in IT, IMHO. Typical cybercriminal's psychology isn't like street one's.

Also it could be harder to break right into infosec. People usually first try to get into IT and then into infosec.

Also, entry-level salary in IT is pretty low compared to what you probably make as a LEO. I assume it is around 70-80k plus OT. Entry level jobs with A+ in IT are closer to 20-30-40k.

beads

Lots of people suddenly want to jump into the security side of IT, particularly in an unprepared fashion. My personal mantra has developed over the years of observation has basically remained the same: "IT Security is best entered after you have a solid background in one of the three pillars of IT - development, DBA or infrastructure.

It takes years of experience in IT to learn both the BA and soft skills needed to apply within the security realm and truly be successful. This is why there are so many faux-auditors in the field (the basis of ITSec) in the first place. I will accept all the rotten tomatoes thrown at me here but ITSec is about applying what started out as financial controls to a technology based environment first - tech second.

What specifically of the 31 types of security tasks are you interested in with a law enforcement background and an A+?

- b/eads

PJ_Sneakers

You should try to get your foot in the door with whoever is responsible for technology in your current agency.

You're going to have to start from the bottom and work your way up. I'm sure there are plenty of technology related duties throughout the department, and that they are probably short on staffing. The fact that you are a commissioned officer can work in your favor for the simple fact that you do not have to go through as many of the hoops required for CJIS compliance, which helps when the FBI audits your agency's information systems. Do you guys have anyone who manages your desktops, CAD, MDT's, ICV's, or BWC's? Try to get your name in with those guys.

Honestly, you have a ways to go before you can get into a network security role in the private sector. A long ways.

Also, just my personal advice: I would stay away from ICAC. Forensics experience be damned, you will never be able to forget that disgusting garbage for the rest of your life.

BL83

Thank you for your responses. I no longer work with the police department, so getting in with the tech guys is out of question. Is there any other certification that I can pair with the A+ that would help me get my foot in the door making about 40-45k? If so, are the courses offered online (Mike Meyers or Professor Messer) good courses to take?

gespenstern

BL83 wrote: »

Is there any other certification that I can pair with the A+ that would help me get my foot in the door making about 40-45k?

CompTIA Security+, CompTIA Network+, Cisco CCNA, (ISC)2 SSCP, MCP/MCTS on Windows 2012 from MS are entry level certs that are in pretty high demand on the market and asked pretty often in job descriptions.

AverageJoe

I'd offer a slightly different perspective. A component of cybersecurity is physical security, so you can build on that aspect. My suggestion is to NOT look for intro level IT positions.

Instead, broaden your security background to include the other cybersecurity components by working towards Security+ and CISSP. I'd skip A+ and Network+... maybe even skip Security+ and go directly to CISSP. Again, if you have physical security experience, leverage that. CISSP is more manager-level, and for that you do not need to know all the technical details (but you do need to know some).

I know several people who have gone this route (physical security to cybersecurity) that have done amazingly well. Attitude/confidence makes a big difference. Don't go in saying "I have no IT experience"... go in saying "my area of expertise includes physical security experience." A lot of cybersecurity folks I've known are strong on IT but really weak on physical security, and consequently (in my opinion) many cybersecurity problems stem from physical security problems and social engineering problems.

Just my 2 cents.

Russ5813

Hey BL, I come from a similar background-- 12 years of military/LE experience transitioning to an IT career. The long-term goal is InfoSec Management, where I can leverage some of my past experience developing policy/training. I think you should be prepared to start near the bottom of the ladder, so to speak, as most mid-level+ jobs will require/prefer candidates with some working knowledge in the IT field. The A+ is a foot in the door if you don't have any experience through work or self-study. Build that solid foundation, but keep your long-term goal in mind and look for opportunities to develop as a security professional.

dhay13

just saw this thread ironically. i just updated my resume today to add my LE experience. i previously had omitted it as i didn't feel it was relevant. i had 6 years as a constable (serving warrants and transporting prisoners) and also did armed security for 10 years. this included securing people and buildings (including a local water treatment facility after 9/11 as there was a fear of an attack on water treatment facilities. we had to monitor gate access and question anyone that we weren't familiar with and verify their identity and confirm their authorization to be on the property. i only did these jobs part-time and didn't realize the relevance until the other day