Switching stream to security - GCIH or CEH

JediMaster1

I am trying to switch my career from application development to security, owing to more interest in latter. As a first step I am trying to get some certifications in my resume before I start searching for a job (as my current employer does nothing in the security area). After few hours of google search, I found GCIH quite interesting (and challenging) and would like to go for it. However, it appears like CEH might be a well known name among the hiring managers.
Which one is more recommended in my case? Any other suggestions are also welcome.

P.S: Any certification I go for will be self-financed, so cant really opt for any training.

636-555-3226

Your current employer doesn't have any security program at all? A good time to talk to your boss & your boss' boss!

CEH looks good on the resume and will work for HR & many infosec program that don't have leaders that live in security. People who have been in security for awhile & know a lot don't typically put much, if any, value in it. Having personally reviewed some EC-Council material in the past, I can't say I'm very impressed.

GCIH will teach you loads more but doesn't have as much visibility. Unfortunately for GCIH, esp, for someone without much security experience, you'll probably need to use & study the official SANS material to pass.

Maybe talk your employer into starting an infosec dept and funding its first trainee?

E Double U

GCIH is more respected within the security community, but CEH better for getting past the HR filters. Since you are doing self financing, CEH would be easier on the pockets.

JediMaster1

Apparently the security department is quite small, so no place for me there
If GCIH needs SANS training and CEH is not as good, is there any other certification I can go for? Factor to be considered is that I am bit dependent on that for my next job.

temuchin

You could do Comptia Sec+. It's cheap and a good security entry level cert. GCIH and CEH are geared towards hacker methodology and incident handling.

TechGuru80

I think we are missing some key questions here since op is coming from dev. Do you have any knowledge of how networks operate? Any prior system knowledge? Or mainly just coding in languages like Java, etc?

TechGromit

JediMaster1 wrote: »

I am trying to switch my career from application development to security, owing to more interest in latter. As a first step I am trying to get some certifications in my resume before I start searching for a job

Do you possess any certifications? I think you should learn to crawl first before you start running, metaphorically speaking. You going to have a lot easier time challenging the CEH or GCIH if you have some bases first, like a Security+ certification background.

JustFred

Reading both sites, CEH seems much more expensive even if you do it yourself, while the GCIH could be done with self study and a bit of hard work. You also learn a lot, but being called a CEH has GCIH beat on the cool factor unfortunately

hal9k2

I am actually at the same position as you, dropping from dev and trying to switch to sec.

For now, I am going trough CompTia Linux+ Yes not a security related but I think Unix knowledge will be handy and then going to CompTia Security+ ... what will be next will see but probably I'll give a shot of CEH as I think this is most recognizable?