What Next??

g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
I am not sure if I am at a cross roads or have my experience has just expanded. I have over 12 years of Sys Admin experience where defensive security was always a component. Throughout that time I read books and practiced with offensive tools to gain a better understanding of what attackers may use. The last few years I've been fortunate to shift into dedicated security roles. My focus has been mainly on developing policies, procedures, reading standards, understanding different compliance requirements, performing risk assessments, implementing network monitoring programs, and communicating with leadership.

Some people have recommended to pursue the CISA next. Other say go for a GIAC cert (GSEC, GCIH, GMON). Or do the OSCP.

In my current role, the GRC components will be critical, but I will also need to continue to develop my technical chops to ensure our defensive strategy makes sense. I consider myself more of a blue team member.

What would people suggest next on the list of certs? I would love to attend more SANS training but it will be a tough sell to leadership and I cannot afford to pay for it myself.

Thanks for your feedback!


  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    The description of your current role entails, CISM seems logical and doesn't seem like a hard sell to your managers. GSEC, then GCED seems like a good roadmap to follow as well. GCED: GIAC Certified Enterprise Defender | GCED Certification
    I am a Jack of all trades, Master of None
  • g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
    I wasn't too intereste in the CISM after the CISSP. I figured that might focus me on management only. I haven't looked into the GCED but it sounds interesting. I wish the SANS courses weren't so darn expensive, but they are top notch.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Have you ever thought about an OS certification to validate what you know...and possibly learn something new? I have met system administrators who have been doing the same or similar job for many years and frankly are very rusty on some aspects...plus with your experience I don't see it being that difficult to knock out in a short time. Being able to evaluate technologies based on best practice is very important in InfoSec.
  • g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
    TechGuru80, I do have an old MCP for Windows and certificates for Linux. I do have experience in the latest OS's (Ubuntu/Debian, Windows, and OS X). I wouldn't say I am a guru with the latest features, but I have a good foundation on OS's. If I had unlimited time, I'd probably dig deeper on the new OS features, but with family and working FT + that isn't a reality. In my current role, I am walking the delicate line of not over stepping my bounds with our operations team. I am hoping to advocate further training for those who want it.
Sign In or Register to comment.