Opinions on Certifications

Vontech615Vontech615 Member Posts: 50 ■■□□□□□□□□
I work in IT as a Network Analyst, have a CCNA R&S as well as misc like A+ and Network+, and am looking to delve into security as possibly a new career path within the industry. I've got about 8 years of experience working in technical roles but only 1.5 years in large Enterprise networking. However, I've been fortunate to get a lot of experience in that time.

I've been looking at something that's not only going to gain some attention on a resume, but also give me valuable knowledge. What I'm finding is a cert like Security+ would be great for HR and keyword searches, but an OSCP or equivalent would be best from a learning perspective. What about a GIAC as a starting point? It seems that cert doesn't come up nearly has much as the Sec+.


  • DatabaseHeadDatabaseHead Member Posts: 2,753 ■■■■■■■■■■
  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    Security+ and then CCNA:Sec would be a good compliment your CCNA:R&S.

    If you can get your employer to fork over the $6k+ for a SANS class + GIAC cert, by all means do that too but most people can't afford it.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    If you're thinking of some pen testing, a word of warning - you need to know a lot about a lot of stuff to be good at it. Anybody who hires you based on the OSCP is going to hire you to be a pentester. OSCP isn't used for hiring for regular old security admin roles

    OSCP isn't exactly an entry-level cert. If you want to go that route, I'd start with Security+ and then if your boss is paying I'd recommend GSEC (SANS SEC401) leading to GPEN (SANS SEC560). Skip GSEC if you're already familiar with all the content. GPEN is much more user-friendly than OSCP, and it actually teaches you better than the OSCP material, IMO.
  • Vontech615Vontech615 Member Posts: 50 ■■□□□□□□□□
    Thanks for the replies. I was about 70/30 on going Security+ first and I think I'll go ahead with it. I actually bought the a Gibson's Sec+ SY0-201 years ago, but decided to go with the CCNA instead. I have no regrets as the CCNA has opened doors for me in the Enterprise space, but Security is really something that I'm interested in and don't want to let that interest go unexplored.
Sign In or Register to comment.