What networking do I need for Info Sec?

jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
Hello All,

Currently I'm running the VMWare AirWatch project at work. Because I'm getting into light security with AirWatch, I'm wondering if this is a good starting point to get security knowledge. With that being said, what's the level of networking you need for Info Sec?

Comments

  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    What exactly do you want to do? Infosec is a broad field. If you're going to be doing networking security, then I'd say you'd probably want CCNP-level knowledge. If you're doing more malware remediation and systems security, then CCNA-level would likely suffice. Either way, you have to understand what you're protecting.
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    markulous wrote: »
    What exactly do you want to do? Infosec is a broad field. If you're going to be doing networking security, then I'd say you'd probably want CCNP-level knowledge. If you're doing more malware remediation and systems security, then CCNA-level would likely suffice. Either way, you have to understand what you're protecting.

    May I ask your advice? I'm currently a Systems Administrator working mainly on Windows Servers. I do love it, but I'd also like to do some security. What security-field focus would be good for a Windows Sysadmin?
  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    In a way, aren't you dealing with SOME security on your servers? Monitoring to see if intruders are trying to get in, updates and such?
    Never let your fear decide your fate....
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    In a way, aren't you dealing with SOME security on your servers? Monitoring to see if intruders are trying to get in, updates and such?


    Well yes, all of the basic stuff. Patching, monitoring, encryption, etc
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    jerseytech wrote: »
    May I ask your advice? I'm currently a Systems Administrator working mainly on Windows Servers. I do love it, but I'd also like to do some security. What security-field focus would be good for a Windows Sysadmin?

    I wouldn't base it off of that. What do you WANT to do?
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    markulous wrote: »
    I wouldn't base it off of that. What do you WANT to do?


    I don't think I fully know enough about all of the security specializations to answer that unfortunately.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Well there's your answer. You need to narrow down what that next step is. Learning a bunch of networking to then realize you want a GRC or some other non-technical role would be wasting time. You REALLY need to put some effort getting to know what's out there and what you want to pursue. Time and money are usually limited, so you need to make an informed decision about how you will invest both. Go out there, check job titles, see what each one does and what skills are required.

    Possible starting points:

    Blue vs. Red Team careers: https://tisiphone.net/2015/11/08/starting-an-infosec-career-the-megamix-chapters-4-5/
    SANS Career Roadmap: https://www.sans.org/media/security-training/roadmap.pdf
    https://www.securitywizardry.com/index.php/home/cnd-ltd/recruitment/security-roles-defined.html
    https://zeltser.com/information-security-job-titles-popularity/
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    cyberguypr wrote: »
    Well there's your answer. You need to narrow down what that next step is. Learning a bunch of networking to then realize you want a GRC or some other non-technical role would be wasting time. You REALLY need to put some effort getting to know what's out there and what you want to pursue. Time and money are usually limited, so you need to make an informed decision about how you will invest both. Go out there, check job titles, see what each one does and what skills are required.

    Possible starting points:

    Blue vs. Red Team careers: https://tisiphone.net/2015/11/08/starting-an-infosec-career-the-megamix-chapters-4-5/
    SANS Career Roadmap: https://www.sans.org/media/security-training/roadmap.pdf
    https://www.securitywizardry.com/index.php/home/cnd-ltd/recruitment/security-roles-defined.html
    https://zeltser.com/information-security-job-titles-popularity/


    Well I DEFINITELY want to stay on the technical side. Let me ask you this. If I like Systems Administration and VMWare AirWatch, what's a few good options for me?
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    Maybe try getting into a security analyst role. Something where they're maybe a bit more of a generalist to give you a solid security foundation and see what you like. Cyberguy had some good links though to narrow it down.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    OK, that helps. My advice to you is to forget AirWatch. As I've said before in your posts, this is a tool that is normally used outside of hardcore security specific teams. I doubt you will find it listed in many job posts. In fact, if you search Indeed you will see it 90%+ of the time it is listed for mobile or sysadmin roles. I work for a somewhat big well-known company and the guys who administer our AirWatch are mobility, not security. As Markulous said, Security Analyst or SOC sounds like your next logical step. Remember that the bigger the company, the more specific the role will be. Smaller/cheaper companies tend to blend roles (aka overwork you) so the potential for learning different tools/processes is bigger.
  • Madmd5Madmd5 Member Posts: 83 ■■■□□□□□□□
    cyberguypr wrote: »
    Well there's your answer. You need to narrow down what that next step is. Learning a bunch of networking to then realize you want a GRC or some other non-technical role would be wasting time. You REALLY need to put some effort getting to know what's out there and what you want to pursue. Time and money are usually limited, so you need to make an informed decision about how you will invest both. Go out there, check job titles, see what each one does and what skills are required.

    Possible starting points:

    Blue vs. Red Team careers: https://tisiphone.net/2015/11/08/starting-an-infosec-career-the-megamix-chapters-4-5/
    SANS Career Roadmap: https://www.sans.org/media/security-training/roadmap.pdf
    https://www.securitywizardry.com/index.php/home/cnd-ltd/recruitment/security-roles-defined.html
    https://zeltser.com/information-security-job-titles-popularity/

    +1 These sites are really helpful for those already in or looking to get into the Infosec world and what typical responsibilities may be like. Thanks for the links!
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    cyberguypr wrote: »
    I work for a somewhat big well-known company and the guys who administer our AirWatch are mobility, not security.

    Completely agree, I'm in the same type of workplace, we also use AirWatch, our Security group doesn't really touch it.
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    I feel like you've asked this question before, and you've mentioned AirWatch before. You've got the answers before; no one's going to tell you that Airwatch is a great tool to get your foot in security - It is simply not.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

Sign In or Register to comment.