Options
Transitioning to Cyber Security from Systems Administration
lavidicus
Member Posts: 18 ■□□□□□□□□□
Hey everyone, I've recently seen a post on linked in talking about the gap for cyber security trained individuals and I'm wondering what your thoughts are on how to best bridge that gap if your someone who wants to move into the cyber security field after 15+ years of Systems Administration.
I've worked in the DoD domain for the last 15 years as a sys admin and I have extensive experience in unix / secure information processing. I'm sort of an all in one sysadmin that handles database, networking and system administration with my strengths being more systems design / architecture leaning.
Since March of this year I've gotten busy studying to get caught up to the rest of the industry and to move out of the systems admin side and into cyber security. I've recieved my ITIL,Sec+,CISA,CISSP and I'm about to complete the MCSA 2012, with the expectation of getting the MCSE. Also for reference I've held a clearance for the last 15 years.
With that experience what would you all recommend I focus on going forward in regards to training/certifications, or what steps should I take to move into cyber security, and which side of cyber security would my skills best fit?
And then the more political/though provoking question. If there is a gap in cyber security trained individuals, why are companies not hiring people with systems or networking experience and moving them into the security field. It would seem that by making an investment in those people by providing training, and requiring that they sign a contract to stay within the company for X amount of years is a better solution than allowing that gap to remain. Thoughts?
I've worked in the DoD domain for the last 15 years as a sys admin and I have extensive experience in unix / secure information processing. I'm sort of an all in one sysadmin that handles database, networking and system administration with my strengths being more systems design / architecture leaning.
Since March of this year I've gotten busy studying to get caught up to the rest of the industry and to move out of the systems admin side and into cyber security. I've recieved my ITIL,Sec+,CISA,CISSP and I'm about to complete the MCSA 2012, with the expectation of getting the MCSE. Also for reference I've held a clearance for the last 15 years.
With that experience what would you all recommend I focus on going forward in regards to training/certifications, or what steps should I take to move into cyber security, and which side of cyber security would my skills best fit?
And then the more political/though provoking question. If there is a gap in cyber security trained individuals, why are companies not hiring people with systems or networking experience and moving them into the security field. It would seem that by making an investment in those people by providing training, and requiring that they sign a contract to stay within the company for X amount of years is a better solution than allowing that gap to remain. Thoughts?
Comments
-
Options
markulous
Member Posts: 2,394 ■■■■■■■■□□
What exactly do you want to do in security? Sounds like you have some valuable experience and some great certs as well. -
Optionsougijoe
Member Posts: 37 ■■□□□□□□□□
I made the transition not too long ago.
Honestly, with a clearance and your CISSP... you're not really going to need additional certs to find a Security Engineer or Analyst position.
As with the previous poster, what specifically do you want to do/focus on within the Security realm? -
Optionslavidicus
Member Posts: 18 ■□□□□□□□□□
The reason I'm working towards MCSE is to design systems infrastructure. I think I would like to build and design systems so maybe secure architecture design would be a better fit for my skill set? I know I want to do something other than watching monitors all day. For me personally if I'm not learning something I'm not growing and stagnation is really what I'm trying to avoid.
-
Options
Cyberscum
Member Posts: 795 ■■■■■□□□□□
U want to still work DOD? Are you contract or civil service?
Are you willing to move? -
Optionslavidicus
Member Posts: 18 ■□□□□□□□□□
Some of the things we get to do with the military as a contractor are really cutting edge and interesting. I wouldn't mind staying in DoD as long as the work is intriguing. In which context are you talking about with SAP?
-
Optionslavidicus
Member Posts: 18 ■□□□□□□□□□
Yeah I'm already working in an enclave environment, but making that jump from secret to TS is hard when companies require it before they hire someone. From what I've been told the CEH is not very well respected outside of DOD so I was looking into the OSCP as my pentest cert, which was also why I was looking into MCSA /RHCE certs to learn the baseline of those operating systems in order to better understand vulnerabilities. I finished my MCSA this morning and will be studying for RHCSA and then get the RHCE as time permits. I will get the CEH most likely just for the knowledge and the title on resume but will focus more on passing the OSCP.
Pentesting is a whole different skill set I have played around with but haven't really applied any effort into learning yet. I've seen some jobs requiring TS for pentesting gov systems that looked really interesting. That may be the side of cyber security that interests me the most, but my goal is to be as well rounded as possible. -
Optionslavidicus
Member Posts: 18 ■□□□□□□□□□
Thank you for the advice and replying to the post. I think that's the hardest part is finding where I want to live after spending 15 years in Las Vegas. I'm trying to get back near family after my 3rd child is born next month. I've been preparing to move closer to family and I'm scared of 'painting myself into a corner' from lack of oppertunities in that area.
-
Optionslavidicus
Member Posts: 18 ■□□□□□□□□□
Well thank you that's very nice of you. If your 3rd child's arrival doesn't motivate you nothing will. Lol
Im headed to Shreveport, La initially to try and get a job at the Cyber Inovation Center under one of the contracting companies there. Then from there I'll try to figure it out.
