Career Path Guidance
Thepro21us
Member Posts: 16 ■■□□□□□□□□
I've always had an interest in IT just never knew anyone or delt with ppl in that career field. So I never knew what route it took to get into a IT job or career. I've been in telecommunications in the last 5 years of my life and during that time I've taken a couple of network specialist classes and look into studying and taking the ccna certification. After learning the cyber command center is coming to my area and is also bringing more IT companies with them I was told take the security + cert. So now I am studying and think I'm ready for the cert. I just landed my first IT job as a help desk/tech support agent for more experience in the IT world. Just wanted to get some suggestions on what path I can or should take into the security aspect of the IT field to eventually land a substantial job and start a career in this world of IT that I love so much.
Comments
-
jstock Member Posts: 21 ■□□□□□□□□□What is your experience in telecommunications? Depending on that, you may be able to leverage that experience. Help desk/support is an easy way to get experience, but I have found/heard it is difficult to be promoted upwards into a more network role. Use your time in your help desk role to gauge what you may like to move into. If it is security, take the Security+ and move into the ccna/ccna security certs. Those certs with some experience will increase your chances at breaking into the security industry.
-
DatabaseHead Member Posts: 2,754 ■■■■■■■■■■I did some research recently and found that the CEH and CISSP (two security certifications) were really sought out by employers at least by way of the job description. Personally I would consider the CEH, ~10% of security job positions either required it or preferred it. Not sure of the requirements but I would most certainly look into it.
-
leboratorical Member Posts: 46 ■■■□□□□□□□To add to what @DatabaseHead said, although the CISSP is a solid cert, start with something like Security+. It gives you a good foundation into most things security.
To add to @jstocks question - what is it about security that you like? To put it really simply, there's the idea of red-teaming (being the attacker who finds weaknesses), and blue-teaming (you're the guys on the other end). There's a lot more nuance than that obviously, and people always say that you find yourself a better blue-teamer if you know how to think like an attacker. I'm hoping it also works vice-versa.
A lot of people recommend understanding networks, to really understand how things hang together, and that's never a bad thing. It may not necessarily mean going straight into the CISCO/CCNA route, but there's always A+, and doing the home-reading and learning on the side.
Sometimes I get the feeling that when you're starting out, it doesn't matter as much how you get more information as long as you do, as long as you are in an area which you like, and as long as you can prove it... Which is what certs are for.
Ask yourself some hard questions. Ask the people on TE some questions. But "how do I get ahead?" is almost always going to be responded to by "where are you trying to go?" Don't get me wrong. Most of us (me!) can't answer that question well for ourselves. -
DatabaseHead Member Posts: 2,754 ■■■■■■■■■■@ leboratorical
What about the CEH? Looks like something that could be studied for and according to my research employers really like applicants to have this. Almost ever job I did a search for in security, CEH was with preferred or required for 10% position, sometimes upwards of 25% of the time. CISSP was at ~45% of the time, which clearly is a no brainer when it comes time.
Could someone forgo Security + and go just to CEH and then the CISSP? -
mbarrett Member Posts: 397 ■■■□□□□□□□CEH & CISSP both require a certain number of years experience within IT Security. Your best bet is to get some solid System Admin / Net Admin skills, and apply them in a Security role. As far as certs, ISC2 has an Associate program which is for people who can demonstrate knowledge of the Security field, but who do not yet have the required experience to obtain the full cert.
https://www.isc2.org/associate/default.aspx