Job will pay for any certs. Which ones to get?

2»

Comments

  • fabostrongfabostrong Member Posts: 215 ■■■□□□□□□□
    Now I'm wondering if me not being able to purchase is a sign and if I should go for something else lol.
  • Dr. FluxxDr. Fluxx Member Posts: 98 ■■□□□□□□□□
    I would go for the OSCP if I were you. I had a thread detailing why I would NOT go for the CEH.

    If I had $$ left over, then the CISSP
  • cdxcdx Member Posts: 186
    Top 3 HR Certs:
    1) CISSP
    2) CEH
    3) SEC+

    Get those 3 on your resume, you can land job interviews easily. So if I were in your shoes, I would do those 3 and then a Pen test cert, one from SANS if they will pay the $$.
    Bachelor of Science - Information Technology - Security
    Associate of Science - Computer Information Systems
  • matt18ematt18e Member Posts: 28 ■□□□□□□□□□
    If they are paying, I'd look at SANS, since the training is very good, but also quite pricey. I've only been to SEC 504, SEC 542, and FOR 572, but from my experience it is all very good training. I think the biggest bang for the buck would be OSCP. I'm pursuing that one on my own as it is very affordable, I certainly couldn't afford any SANS training / GIAC certifications if my job didn't pay for it...
  • fabostrongfabostrong Member Posts: 215 ■■■□□□□□□□
    Dr. Fluxx wrote: »
    I would go for the OSCP if I were you. I had a thread detailing why I would NOT go for the CEH.

    If I had $$ left over, then the CISSP

    I already purchased the CEH. I'm still pretty green so I know I'll learn things from it. I also know that I'll be nowhere near being a "hacker" just cause I have the cert. I was thinking OSCP after the CEH but CISSP is also pretty tempting.
  • fabostrongfabostrong Member Posts: 215 ■■■□□□□□□□
    cdx wrote: »
    Top 3 HR Certs:
    1) CISSP
    2) CEH
    3) SEC+

    Get those 3 on your resume, you can land job interviews easily. So if I were in your shoes, I would do those 3 and then a Pen test cert, one from SANS if they will pay the $$.

    I ended up getting the CEH course. Next will be OSCP probably but starting to think about the CISSP instead.
  • fabostrongfabostrong Member Posts: 215 ■■■□□□□□□□
    matt18e wrote: »
    If they are paying, I'd look at SANS, since the training is very good, but also quite pricey. I've only been to SEC 504, SEC 542, and FOR 572, but from my experience it is all very good training. I think the biggest bang for the buck would be OSCP. I'm pursuing that one on my own as it is very affordable, I certainly couldn't afford any SANS training / GIAC certifications if my job didn't pay for it...

    I ended up going with the CEH. They're not looking to spend at least 5k on one course. But after the CEH, as of now at least, I think I'll go for the OSCP.
  • jelevatedjelevated Member Posts: 139
    cdx wrote: »
    Top 3 HR Certs:
    1) CISSP
    2) CEH
    3) SEC+

    I agree with your list but I'd say SEC+ is redundant if you have CISSP. Said another way, I wouldn't want to work in a position where the req specifies CISSP OR SEC+. That indicates HR/Hiring Manager doesn't really know what they want. I expect to see CISSP along side CISM, etc.
  • lostsollostsol Member Posts: 18 ■□□□□□□□□□
    Check out SEC560. SANS courses are pretty awesome. Friends have told me OSCP is one of the best.
  • fabostrongfabostrong Member Posts: 215 ■■■□□□□□□□
    So I passed the CEH and my job just paid for SEC504/GCIH today. Taking the course the week after next.
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    This all depends on two things. What you want to do, and what the company wants to offer as security services (level 2 style). Will you be able to get into pen testing at this company? I would slightly doubt that's what they have in mind, but only you know that for sure. Also, since this is also about forging a new security group in the company (either new or acquired), your suggestion will likely be taken as an indication of the gateway into whatever duties they foresee you doing. For instance, are you managing firewall rules, IPS rules, or UTM-type features? I love the OSCP and things to do with pen testing, but I'm not sure that's going to be directly applicable to what the company sees in that role? Things like CISA/CISM/SSCP could be applicable. Anyway, there's also the part about what you want to be doing, and certainly OSCP should be a benefit to you down the paths you mentioned. If you have any doubts, look to do elearnsecurity's version first: eCCPT. If they pay for you plus give you some latitude to do some studying while at work, that'd be excellent! More power to ya whatever you decide. :)

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • kalikkalik Member Posts: 6 ■□□□□□□□□□
    If the job is paying for anything, go for SANS courses. They're the most expensive and good value.
Sign In or Register to comment.