Best thing to do towards a IT security career based on my current knowledge?

jerseytech · June 2016

Hello,

At my current job I am working very closely with VMWare AirWatch. Since AirWatch is a security and compliance tool, I figured my best bet is to learn more about security since AirWatch will be my main project for a while. I’m sorry if this is a silly question, but I was hoping someone could help me with my security career path based on my current knowledge. I figured if you guys know what I’m currently doing, maybe you could tell me where to go from here.

I have about 2 years of experience with heavy desktop support, Windows Systems Administration, and project management. Some of the bigger things I’ve done in the past 7 months;

1. Implemented AirWatch on-prem.
2. Built the production servers for AirWatch (console server, DSS server, web server, and SQL server.. although I had a DBA help me with the SQL server).
3. Managed and did the Windows 10 rollout to my enterprise.
4. Encryption to all Windows 10 devices.
5. Create VM’s, manage snaps, storage, and ISO’s in ESXi.
6. Created production Windows servers for the app team.
7. Fixed AD replication via sites and services.
8. Demoted 8 domain controllers.
9. Work with VP of Legal and Compliance to ensure security best practices.
10. Build testing environments.

Things on a regular basis/smaller things;
1. Desktop deployments (Mac and Windows).
2. Imaging with MDT.
3. Active Directory: creating users, NTFS permissions, groups, OU’s.
4. Group Policy: Creating all different kinds of policies from software deployment to banner messages.
5. Desktop support to all users in-house and remote.
6. Symantec Endpoint Protection management.
7. Office 365/Google mail for business.
8. IT Onboarding new employees.
9. Setting up VOIP phones in the portal.
10. Work with Rackspace to expand storage and create VM’s.

bettsy584 · June 2016

If would usually say to look at CISSP to give you good grounding in things like cryptography etc, but if you only have 2 years experience you will fall short of the requirement for CISSP just now.

That being said cloud computing is where the industry is heading so maybe look to specialize in cloud security? Check out ISC2 CCSP (not the old Cisco CCSP), and CCSK from the Cloud Security Alliance. Each of these certs will bring you up to speed on security, and specifically around cloud.

These kind of qualifications will place you at a more strategy/architecture level than techie, so if you want to do pure techie maybe stick with Sec+, CCNA Sec etc. CEH is not worth the paper it's printed on IMO, it's all conceptual hacks that have been patched for years.

UnixGuy · June 2016

Not sure for your environment, but you can always look more into your Symantic Anti Virus and learn more about Malware. Also Perhaps do a Microsoft certification related to Active Directory?
Do you have access to the proxy solution?
Do you have a DLP solution?
Since you do a lot of Desktop work, can you learn about windows forensics? (Take the SANS GCFE)
What about certificates management?
you use office 365...have you considered learning about cloud security?

and yes take the CISSP too

E Double U · June 2016

If you can get into a SANS course then I recommend SEC401 and going for the GSEC. For something more cost effective you can start with CompTIA Security+. Keep CISSP in mind for later on.

JoJoCal19 · June 2016

It seems that aside from networking which I don't see you have experience listed, you have a pretty good base to get into security. Based on your current experience, I'd recommend thinking about either governance, risk, and compliance (GRC), or security administration. Security administration is broad and means different things to different companies, but generally a lot of the duties you've listed with Windows, AD, security best practices, and endpoint protection.

You haven't listed any certs you have so I'd start with this.

1. Read the Security+ book (I say skip the test as it's not worth it and the ROI isn't there.
2. Look at pursuing the SSCP (with a goal to pursue the CISSP when you meet the requirements).
3. As E Double U mentioned, I'd try to get into SANS SEC401 and get the GIAC GSEC cert.

To break into a pure security role you need to at a minimum prove in an interview you at least have an understanding of security. That is why as a base I recommend making sure you're comfortable with all of the stuff in the Security+ book. The certs such as SSCP, GSEC, etc will serve to get your resume noticed and past HR filters so you at least have a shot at getting the interview in the first place. Another benefit of the certs is the knowledge you gain while studying for them.

ITSpectre · June 2016

I have noticed a lot of people shy others away from the CISSP due to the exp requirements of the cert. I say start with Sec+ then go for your CISSP. You have 6 years from the time you pass the test to get the experience needed for the cert. Don't let lack of exp deter you.

Quote from website"
Don't have the experience? Become an Associate of (ISC)² by successfully passing the CISSP exam. You'll have 6 years to earn your experience to become a CISSP.

I say get your CISSP after Sec+. you have 6 years to get the exp requirement and that is more then enough time.

A lot of people tell others "look at pursuing the CISSP when you meet requirements" When there are no requirements.... you don't have to have the experience to sit for the exam... pass the exam become an associate... then get the experience and get your CISSP. During those 6 years you have to get the exp you will be glad you didn't put it off for later....

kiki162 · June 2016

Since you only have 2 years experience, and really need 5 for your CISSP, I'd work on other certs in the meantime. Like some of the ppl above have said, look into getting Security+, GIAC GSEC, eventually CISSP. You CAN take the SSCP exam now as a good primer. Not sure if you have any other certs.

Another thing to mention is that once you get to the 4 year mark with work experience, if you have one of these certs (https://www.isc2.org/credential_waiver/default.aspx), you can waive 1 year of experience for the CISSP exam.

You have a lot of good experience so far, and it wouldn't hurt you to get into Linux a bit more if you can.

doctorlexus · June 2016

OSCP. I'm not sure why more people don't recommend OSCP.

E Double U · June 2016

doctorlexus wrote: »

OSCP. I'm not sure why more people don't recommend OSCP.

Because the responses are geared towards the poster's current knowledge as requested

ITSpectre · June 2016

At the end of the day its your money and your exp that will get you the job you really want. There is really no requirement for the CISSP. You can take the test and be an associate of IC2 then get the exp on the job. Im glad someone reccomended OSCP.... you could take the OSCP then CISSP... or CASP then CISSP.... the choice is yours...

ITSpectre · June 2016

kiki162 wrote: »

Since you only have 2 years experience, and really need 5 for your CISSP, I'd work on other certs in the meantime. Like some of the ppl above have said, look into getting Security+, GIAC GSEC, eventually CISSP. You CAN take the SSCP exam now as a good primer. Not sure if you have any other certs.

Another thing to mention is that once you get to the 4 year mark with work experience, if you have one of these certs (https://www.isc2.org/credential_waiver/default.aspx), you can waive 1 year of experience for the CISSP exam.

You have a lot of good experience so far, and it wouldn't hurt you to get into Linux a bit more if you can.

One thing is.... CompTIA Security+ is on the list.... so you could get your Sec+ get a infosec job and then you would qualify for the 4 year exp and have 1 year waived.

billDFW · June 2016

1. What kind of pay is at the jobs which hire you with only Security+

2. Will a candidate get more attention with SSCP and Sec+ ? Why, since both appear to be entry level security certs. How about Sec+ and PMP ?

TheFORCE · June 2016

I've seen a lot of posts from the OP and he always mentions AirWatch like it's the ultimate security solution. Not to be negative here but you need experience with other tools, solution and technologies to broaden your experience and to really start thinking about Infosec jobs. Like others mentioned, start with Sec+, at your 4 year mark then you can go for the CISSP. My team and my self, we probably manage around 10-15 different solutions and even though we have Airwatch we really don't manage it.

cyberguypr · June 2016

TheFORCE brings a good point. Most of the time I see Airwatch it involves System Admin/Engineering or Mobility type of jobs. I never see it associated with Infosec roles. In my somewhat big company (15k users) Airwatch is handled by the Messaging team that takes care of Exchange, Skype, and similar tools. If you want to specialize in the tool, that's fine, but don't expect it to be a major factor when you move on to bigger/better things. I know I wouldn't be too impressed if a candidate brings it up during an interview. If you really want to specialize in security you need to move on to tools/processes that are standard fro the industry. SIEM, DLP, vulnerability management, centralized logging and correlation, data analytics, pen testing tools, etc. My advice: go out there on the job boards, look for what your dream job is, see what the requirements are, and work towards that.

jerseytech · June 2016

TheFORCE wrote: »

I've seen a lot of posts from the OP and he always mentions AirWatch like it's the ultimate security solution. Not to be negative here but you need experience with other tools, solution and technologies to broaden your experience and to really start thinking about Infosec jobs. Like others mentioned, start with Sec+, at your 4 year mark then you can go for the CISSP. My team and my self, we probably manage around 10-15 different solutions and even though we have Airwatch we really don't manage it.

I didn't say it was the "ultimate security solution" LOLOL. I was just stating that's what I'm currently using in our environment.

jerseytech · June 2016

Thanks to everyone that was helpful

jerseytech · June 2016

cyberguypr wrote: »

TheFORCE brings a good point. Most of the time I see Airwatch it involves System Admin/Engineering or Mobility type of jobs. I never see it associated with Infosec roles. In my somewhat big company (15k users) Airwatch is handled by the Messaging team that takes care of Exchange, Skype, and similar tools. If you want to specialize in the tool, that's fine, but don't expect it to be a major factor when you move on to bigger/better things. I know I wouldn't be too impressed if a candidate brings it up during an interview. If you really want to specialize in security you need to move on to tools/processes that are standard fro the industry. SIEM, DLP, vulnerability management, centralized logging and correlation, data analytics, pen testing tools, etc. My advice: go out there on the job boards, look for what your dream job is, see what the requirements are, and work towards that.

That makes sense because there is a email management solution, but there's a lot more. Anything from SIEM, to patch management, to app management, to DLP, to securing devices with profiles, to built in VPN.

Best thing to do towards a IT security career based on my current knowledge?

Comments