Information Security Certification path
Hello
I hope you are doing good. I have good experience with security products and routing, switching as well. I am JNCIE-SEC.
i need to go ahead further on security domain , but confused on deciding which course to take ,i have interest on information security on the technical field more than management
I really would appreciate if you could give me your expert inputs what would be the good path to start with.
Really appreciate and thanks
Regards,
Midhun P.K
I hope you are doing good. I have good experience with security products and routing, switching as well. I am JNCIE-SEC.
i need to go ahead further on security domain , but confused on deciding which course to take ,i have interest on information security on the technical field more than management
I really would appreciate if you could give me your expert inputs what would be the good path to start with.
Really appreciate and thanks
Regards,
Midhun P.K
Comments
What exactly would you like to do or what do you think you would like to do within InfoSec?
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
Also, although I'm looking for a stratetic or management role, I dont have an IT background, so will these courses be overwhelming for a newbie? Is ComptiA+, Network+ a better place to start?
What is driving you to get into InfoSec? And please don't say money...
Also, what is your current background?
Plus, at 35, I dont have the time to try and muddle my way along, which is why I'm trying to get as many sources of opinion around, to see my best and most streamlined route. I also realise that at 35 there are 16 year olds who can code etc. a million times better, which is why I'm probably aiming towards the management/strategic side.
So you're looking into becoming a penetration tester? I hate to be the bearer of bad news, but that often takes years of technical experience. Of course you could always look into the physical security side of things. I met a guy who helped design the physical security of data centers and he has been wildly successful. Your law enforcement background would be great for that. Another field you could look into that's more technical is forensics, which goes hand in hand with law enforcement. You could always study for and take the CISSP and gain a broad but not so deep knowledge of InfoSec. The only issue would be having the necessary experience in two or more of the domains to actually obtain the credential (you could probably satisfy the physical security domain, but not 100% on that).
If I were you, I would look into the following for sure:
1. Studying for and taking the CISSP. There is lots of non-technical material on that exam which you would probably excel at. The technical stuff isn't TOO bad, but since you don't have experience in that realm it may take a little time to absorb. Also, meeting the 5 year experience requirement in 2 or more domains could be difficult. Check out (ISC)2's site for more details.
2. Since you work in law enforcement, check and see what digital forensics opportunities are out there. These jobs are in huge demand and already being in law enforcement could give you a leg up. There are lots of certs out there as well that can give you understanding of concepts which you can practice at home in a lab environment.
3. If you believe you REALLY want to pursue a pentesting career (ethical hacker), I would probably recommend trying the eJPT cert. It's fairly basic, but gives you a lot of great fundamentals and the labs and exam are all hands on which is excellent for learning. I'm looking to get this cert later this year as well.
It can be difficult to make a jump into the technical realm, especially in InfoSec, but we all started somewhere! It's never too late to pursue this stuff so don't discount yourself based on age.
Best of luck!
am interested in ethical hacking(CEH & OSCP) , its mainly related to technical , now am having 10 years of experience in network security managing vendor devices,but now am looking for a change, at the age of 32 is it good to divert my career to complete infosec by doing CEH & OSCP or go for CISSP level, Kindly advice
Thanks for reply, How about going for CEH & OSCP, its more related to technical compare to CISSP, and am now having 10 years of experience in network security managing vendor devices,but now am looking for a change, at the age of 32 is it good to divert my career to complete infosec by doing CEH & OSCP or go for CISSP level.
Hi,
I couldn't do the follow-up on my previous post , I will make sure not to post the same thing again .
I read about CISSP, CEH & OSCP , am interested in ethical hacking(CEH & OSCP) , and CISSP i feel its more related to management than technical , having 10 years of experience in network security managing vendor devices, at the age of 32 is it good to divert my career to complete infosec by doing CEH & OSCP or go for CISSP level, or any other certificate which is good for my career Kindly advice.
this information can help you,
Offensive Security are the creators of Kali Linux, also have online courses for security certification and penetration testing
If you like to learn from the source it self,
Check out the website
https://www.offensive-security.com
CISSP - live n' kickin'
My CISSP study apps
My CISSP study advice blog