Advice on getting into INFOSEC

egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
I'd like to get into Information Security. Wether as a Network Security Engineer or as a Security Analyst. Currently I have an Associates Degree in Electronics, 10 years in helpdesk, and certified as a CCNA, CCNP. ok, actually, I'm about to graduate with a Bachelors in Information Systems come December of this year.

I'd certainly like some pointers on the best moves to make that will get me into Information Security (either as network security engineer or security analyst).
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Comments

  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    You have a CCNP and are planning on having a CCIE within the next few months and you work in helpdesk still? Be prepared to answer that question as to why.

    As for security, looking at the two possible paths you mentioned, networking knowledge helps a lot but you'll need more than that. What do you do in your current job that would line up with either one of those roles? Any kind of analytics? Incident response? Do you deal with AV? Firewalls? IPS/IDS? etc. If you tell us what you actually do now at your job it'll help everyone point you in the right direction you need to go. Even if you don't do any of those things at work, do you have a home lab and do anything security related there?
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Agree with Danielm7 - a CCIE with 10 years help desk experience is very strange to me. I'd be curious as to whether it's all book smarts & if you're missing the real-world skillset.

    Need to identify what part of the infosec realm you want to do. i assume networking security, so that'd be networking security/lockdown, network forensics, IPS, possibly web filtering, network DLP, etc. there are multiple other infosec paths. browse through https://www.sans.org/courses/ to get some ideas of possible paths
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    You should apply for a job so you can apply what you've learned. Helpdesk is just to gain some experience then move on. Finish your CCIE then look towards CCIE Security.
    I am a Jack of all trades, Master of None
  • volfkhatvolfkhat Member Posts: 1,072 ■■■■■■■■□□
    Time-out guys.
    He said "10 years in Helpdesk";
    but that doesn't mean he's resetting passwords all day.

    But even if he were....
    there's nothing wrong with earning a ccnp/ccie based purely on "book smarts".
    It demonstartes that he grasps the theory.

    Both exams have a legit hands-on/lab component; pretty hard to "****" your way through that.


    Now, as for pointers... beats me; i'm not in infosec.
    But i would probably browse through indeed/etc and read the requirements of positions you like.
    There's probably a common secuirty certification that you can identify; go get it (can help you meet the minimum qualifications).
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    It would be a little awkward for a CCIE to be working help desk (if it were a low level one)... I mean you would have to question "Why hasn't his company used this amazing resource and promoted him and kept him doing remedial work?" or "Why hasn't this guy tried to make an advancement his current job or another place?".

    I'm going to guess his job isn't low level right now though.

    But as far as info sec. Here is a thread with info on how to get a free book that is supposed to give good advice on how to get into Info Security. http://www.techexams.net/forums/jobs-degrees/121665-new-peerlyst-ebook-starting-career-security.html

    I received the book, have not gone through it yet though, so can't comment on how great it is yet.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    I'm curious what your experience is at the help desk. 10 years is a while, but if you've moved up the ladder and touch servers, routers, switches, firewalls, etc. then you're in good shape.
  • DatabaseHeadDatabaseHead Member Posts: 2,754 ■■■■■■■■■■
    I always see networking or system skills being a good entry way into security. What about data or programming? I rarely seen that entrance being talked about, maybe for good reason?
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Programming is a good way to get into Security also. Application security is a big aspect of it all. If you know how to code and understand secure programming, you're gold.
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    It would be a little awkward for a CCIE to be working help desk (if it were a low level one)... I mean you would have to question "Why hasn't his company used this amazing resource and promoted him and kept him doing remedial work?" or "Why hasn't this guy tried to make an advancement his current job or another place?".

    I'm going to guess his job isn't low level right now though.

    But as far as info sec. Here is a thread with info on how to get a free book that is supposed to give good advice on how to get into Info Security. http://www.techexams.net/forums/jobs-degrees/121665-new-peerlyst-ebook-starting-career-security.html

    I received the book, have not gone through it yet though, so can't comment on how great it is yet.

    Thanks dude. I'll check out the book.
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    ...just following up to show gratitude for all the responses so far.
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    Don't get too hung up on titles as they are fairly meaningless. Titles such as: Specialist, analyst, engineer, architect, professional and associated sub-categories all mean the same thing at the end of the day - analyst. Which is what are - analysts. The other buzzwords truly belong to other professions and trade organizations though surprisingly no on has declared us to be security physicians or lawyers yet but we're working on those takeovers as well. icon_lol.gif

    Jump on the security gravy train with biscuit wheels!

    - b/eads
  • NOC-NinjaNOC-Ninja Member Posts: 1,403
    Find a better job to get out of your help desk. Although, theres a guy here that passed cissp and got into security. Maybe that short cut will work for you. infosec is huge. You have the cisco implementation team, forensic team, pen test team, policy maker, physical sec, and etc. Which one do you want to work on?

    Also, i see you pass ccie. which CCIE is this? Is it CCIE wireless since it says W?
    How come you are not working as a network analyst or network engineer? How come you are not deploying technologies?
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    CCIE-W(ritten)? Really not uncommon. I have meet a few people who passed the written but nowhere near ready for the lab.

    - b/eads
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    NOC-Ninja wrote: »
    Find a better job to get out of your help desk. Although, theres a guy here that passed cissp and got into security. Maybe that short cut will work for you. infosec is huge. You have the cisco implementation team, forensic team, pen test team, policy maker, physical sec, and etc. Which one do you want to work on?

    Also, i see you pass ccie. which CCIE is this? Is it CCIE wireless since it says W?
    How come you are not working as a network analyst or network engineer? How come you are not deploying technologies?

    I actually planned on working on my CCIE-written till my Bachelors degree (BS Information Systems) took priority. I'll be graduating December 2016. the hard core Java programming and 12 hours/semester left little room for the original plans for CCIE
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • McxRisleyMcxRisley Member Posts: 494 ■■■■■□□□□□
    If you want to get into InfoSec the first thing you need to do is pass the CompTIA Security+ and an OS cert of some sort. Most jobs that you find in InfoSec are going to be Government contractor jobs and they all will have that minimum requirement. Where I work they won't even interview you until you have those certs and they can verify that they are legit.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Your resume is probably something that needs to be reviewed as to ascertain what duties you perform. From there you can pick out the security related duties and present them. If you do a lot of networking related work you shouldn't have an issue getting a security position somewhere. No matter what you are doing in security evidence will always be found on the network. I'd agree you should get a security related certification perhaps CCNA-Security since you are already an NP.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
Sign In or Register to comment.