Over 4 months in Help Desk with a 4 year degree, Net+ and Sec+, what next?

TwoJTwoJ Member Posts: 10 ■□□□□□□□□□
I'm currently studying for the CSA+, soon to be supplemented with knowledge from this book. I would like to get into some kind of entry level auditing or defensive security role(SIEMS monitor/SOC analyst). However I'm unsure if the CSA+ would be a good use of my time, I want to get out of Help Desk sooner than later. I've only been studying for the CSA+ for a few days now and I'm wondering if I would be best served pursuing another certification? My bachelor's is in Information Systems and I have worked as an administrative assistant in the past.

Comments

  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    Start sending out your resume out(to the environment that interests you) and see who bites. Then what you want to study for and get certified gets paid for..
    Never let your fear decide your fate....
  • anhtran35anhtran35 Member Posts: 466
    CSA cert is so new that no one knows or recognize it. Type it into INDEED and you get 0 information.
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Certs are good for the resume, but you need the real world skills that an employer will hire you for. if you want to do defensive security in a windows environment, learn all about securing windows and securing powershell. if you want to do SIEM work, download splunk (free) and get really good with it. if you want to do SOC analyst type of stuff, download security onion and get really good with it. lots of youtube videos and free websites that tell you all kinds of stuff you'll need to know for each. i like seeing security certs on resumes that come my way, but i really love seeing that someone is passionate enough that they downloaded the tools at home and have been running them for the past 12 months to learn every single thing they can about them. that's what gets you the job!

    windows primer - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory

    windows more in-depth - https://adsecurity.org/

    siem you're likely to see in SOCs - https://www.splunk.com/

    free tools to help you learn the ropes for SOC work - https://securityonion.net/

    fwiw, splunk admins by me make a mint. they're up there with cloud engineers in terms of scarcity & how much money big companies are willing to pay to attract & retain good talent
  • ITSec14ITSec14 Member Posts: 398 ■■■□□□□□□□
    Certs are good for the resume, but you need the real world skills that an employer will hire you for. if you want to do defensive security in a windows environment, learn all about securing windows and securing powershell. if you want to do SIEM work, download splunk (free) and get really good with it. if you want to do SOC analyst type of stuff, download security onion and get really good with it. lots of youtube videos and free websites that tell you all kinds of stuff you'll need to know for each. i like seeing security certs on resumes that come my way, but i really love seeing that someone is passionate enough that they downloaded the tools at home and have been running them for the past 12 months to learn every single thing they can about them. that's what gets you the job!

    windows primer - https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory

    windows more in-depth - https://adsecurity.org/

    siem you're likely to see in SOCs - https://www.splunk.com/

    free tools to help you learn the ropes for SOC work - https://securityonion.net/

    fwiw, splunk admins by me make a mint. they're up there with cloud engineers in terms of scarcity & how much money big companies are willing to pay to attract & retain good talent


    Nothing to add. Just want to confirm what was said here. This exactly on point. Get your hands dirty and show your dedication to learning this stuff.
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    I think the skills you'd learn by studying for the CSA+ would help you a lot when your looking for the types of roles you mentioned. The cert itself, not so much.
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    Learn what you can about the stuff you want to defend. Learn some offensive stuff so you'll better know whats going on and how the attacker(s) might be performing the attack.

    Do you have a home lab with virtual machines running different operating systems with security projects going on?
    Do you think you'll be able to assist with security efforts at your current job or even just talk to the people that deal with the security stuff there?
    Do you have resources to help you learn new things on the job such as labs at the job?
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
Sign In or Register to comment.