Changing Careers-GCIH Training/Exam
Hey guys,
I'm posting on here hoping to get some guidance on the GCIH path, InfoSec careers and how the GCIH cert fits into the long-term plan of succeeding in the field.
About 3 months ago I decided to make a career jump to InfoSec--I came from a Corporate Security Analytics background. It was a heck of a risky move. I wanted to get into Network Security and Threat Intelligence because I have a passion for getting involved and solving detailed, complex problems, and performing in-depth investigations. I have never held an InfoSec or IT job in my life. I'm still a complete beginner to foundational networking concepts (I'm learning as much as I can), IDS/IPS, Linux OS, programming, etc... 3 months ago I got my "dream" job. Initially I was excited; when I was hired I informed the hiring manager that I did not have an InfoSec background and my previous education and jobs were not related to IT. He hired me anyways; I am super appreciative of it, but I was also very unsure of what my job would actually entail (even after numerous conversations). When I was hired I was advised that I would get GCIH training from a SANS live event and would get the cert exam covered. I was informed that when I started I would get trained up on everything and that a training plan would be given to me.
So far I've been a bit disappointed and it's been very stressful; I am wayyy more stressed out than I was at my other job. I wasn't provided the on the job training I was promised and I was asked to basically figure it out on my own by watching videos and reading documentation. This isn't the type of job where you can just be expected to get it after repetition; you need to be provided with some sort of training
. I'm a pretty driven guy and I'm having to create my own training plan and I'm being aggressive with getting help from my co-workers.
I'm taking the GCIH training in a few months. I know you have 4 months to study for the GCIH after the training.
I have a couple questions:
(1) Am I truly ready for GCIH training? What about for the certification by December? How can I prepare for it?
(2) Is getting adequate on-the-job training a problem industry wide? Is it just expected that you should know this stuff?
Thanks guys. Looking forward to hearing from you.
Lord
I'm posting on here hoping to get some guidance on the GCIH path, InfoSec careers and how the GCIH cert fits into the long-term plan of succeeding in the field.
About 3 months ago I decided to make a career jump to InfoSec--I came from a Corporate Security Analytics background. It was a heck of a risky move. I wanted to get into Network Security and Threat Intelligence because I have a passion for getting involved and solving detailed, complex problems, and performing in-depth investigations. I have never held an InfoSec or IT job in my life. I'm still a complete beginner to foundational networking concepts (I'm learning as much as I can), IDS/IPS, Linux OS, programming, etc... 3 months ago I got my "dream" job. Initially I was excited; when I was hired I informed the hiring manager that I did not have an InfoSec background and my previous education and jobs were not related to IT. He hired me anyways; I am super appreciative of it, but I was also very unsure of what my job would actually entail (even after numerous conversations). When I was hired I was advised that I would get GCIH training from a SANS live event and would get the cert exam covered. I was informed that when I started I would get trained up on everything and that a training plan would be given to me.
So far I've been a bit disappointed and it's been very stressful; I am wayyy more stressed out than I was at my other job. I wasn't provided the on the job training I was promised and I was asked to basically figure it out on my own by watching videos and reading documentation. This isn't the type of job where you can just be expected to get it after repetition; you need to be provided with some sort of training
. I'm a pretty driven guy and I'm having to create my own training plan and I'm being aggressive with getting help from my co-workers.I'm taking the GCIH training in a few months. I know you have 4 months to study for the GCIH after the training.
I have a couple questions:
(1) Am I truly ready for GCIH training? What about for the certification by December? How can I prepare for it?
(2) Is getting adequate on-the-job training a problem industry wide? Is it just expected that you should know this stuff?
Thanks guys. Looking forward to hearing from you.
Lord
Comments
Not having any IT background will not help you. I guess anyone can memorize the books and pass the exams, but passing the exams isn't going to give you the experience you need to perform your job. Your going to have to go back on your own and practice using the tools that applies to your area of cyber security.
It also sounds like you haven't taken any certifications exams either. If that is the case, this is going to be a "trial by fire" deal. I'm assuming your doing the live class in Sept/Oct timeframe, and yes 4 months is plenty of time. If your co-workers have passed any GIAC exams, definitely use their advice. Since the exam comes with 2 practice exams, you have the option of purchasing additional GCIH practice exams on your own in case you need more. Be expected to grab additional material outside of the SANS books that you will get. You will be a bit burnt out after the training, but it will also be a great experience. Focus on going through the labs, and getting the audio/MP3 files off of your SANS account once the class is over. Then work on creating your index.
Getting some linux hands on would be useful for the class. Download the SANS linux **** sheet, practice and understand those commands.
You have a few months to get there. Between now and then, beef up on the basics.
Whether your boss or your company wants to pay for additional certs or you just need the knowledge, start watching Sec+ videos (i.e. Prof Messer), some Linux, Windows admin stuff, read the Matt Walker CEH book, the 11th Hour Conrad book (for the crypto), and learn about general incident handling procedures and tools.
It seems like they hired you knowing you as an entity, so don't stress your worth right now and use this lapse of time to get better until your next performance review.
Still its a fun field to work in when you have the right or positive pressure to function and perform.
What are of blue team are you ultimately looking?
- b/eads
Appreciate all of the feedback.
It definitely helps to have some positive feedback; especially for a newbie. I know it's going to be a huge uphill battle. My perspective is to always encourage people that are new in a field to give it the best they can; if one gets fired, so be it. To prevent getting fired, you need to communicate; that is, communicate in a constructive manner.
I come from a fraud analytics background, so definitely not compliance. I have an M.A in CJ, with more emphasis on stats.
@TranceSoulBrother: You were right on about the hire; that's the only reason why I got the job. Thanks for your reading and training tips.
@beads: SIRT and Threat HUnting:D. And when I actually get the time to, Reverse Engineering
Off-topic; has anyone read SAMS TCP/IP book? I've been reading that for the past 4 months and it's helping me gain a better understanding of OSI and TCP/IP.