Another what's next thread. (3 Certs, IS degree, Help Desk)
TwoJ
Member Posts: 10 ■□□□□□□□□□
I've been working at a help desk for half a year now. I have a degree in IS and I'm going to get my 3rd cert (CSA+) in the beginning of July. I already have the Net+, the Sec+, and I created a website/web-server to serve as a landing page for prospective employers.
I really enjoy studying subjects from the red-team realm (reading basic security testing in Kali Linux 2) and I'm interested in taking the CEH. I don't have 2 years of infosec experience so I would have to drop 800 dollars just to sign up, is there something else that I should study instead? Should I completely focus on finding another job now?
I really enjoy studying subjects from the red-team realm (reading basic security testing in Kali Linux 2) and I'm interested in taking the CEH. I don't have 2 years of infosec experience so I would have to drop 800 dollars just to sign up, is there something else that I should study instead? Should I completely focus on finding another job now?
Comments
-
scaredoftests
Mod Posts: 2,780 Mod
Start sending out your resume to jobs that you'd be interested in. You never know until you jump in. It doesn't take that much time to send a resume out. You can still focus on other things too....Never let your fear decide your fate.... -
UnixGuy
Mod Posts: 4,570 Mod
Skip the CEH - waste of time waste of money.
I strongly recommend eLearnSecurity eJPT, you will learn practical skills in a proper lab environment, and you can later do eCPPT and OSCP -
TwoJ
Member Posts: 10 ■□□□□□□□□□
I strongly recommend eLearnSecurity eJPT, you will learn practical skills in a proper lab environment
That's awesome, thanks. I was actually wondering if there were more entry-lvl alternatives to the OSCP. -
Slowhand
Mod Posts: 5,161 Mod
At this point, you've got your entry-level cert in the Security+, it's time to swing for the fences. As UnixGuy mentioned, start nailing down the bigger skills, and work towards the bigger certs, that's your ticket to jump to something more lucrative. I'd also recommend making sure you've got a solid grasp of the platforms you're working on so pursuing something like your CCNA, LPIC/RHCSA, or MCSA is not a bad idea, depending on where you're focused. Oh, and scripting. . . Python is going to be your friend, and the other folks in this thread who are more security-focused than I am can definitely recommend other languages and frameworks that will be useful to you.
Free Microsoft Training: Microsoft Learn
Free PowerShell Resources: Top PowerShell Blogs
Free DevOps/Azure Resources: Visual Studio Dev Essentials
Let it never be said that I didn't do the very least I could do. -
TwoJ
Member Posts: 10 ■□□□□□□□□□
I'd also recommend making sure you've got a solid grasp of the platforms you're working on so pursuing something like your CCNA, LPIC/RHCSA, or MCSA is not a bad idea,
Would I be better off doing one of those first before going for the eJPT? I would love to do another security related cert, but I'm afraid of appearing as a "knows about security, but doesn't really know anything" type to prospective employers. I don't know how founded this fear is though.
From all of those, I would be most interested in getting the LPIC.