IT Pro Journey into Security?

PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
I was wondering if this is a good roadmap for someone with an IT background to get into the InfoSec side of things:

https://www.cbtnuggets.com/blog/2017/01/unlocking-your-it-security-career-pathway/

Thoughts? My waryness here is a lot of the vendor-specific stuff early on. Am I wrong in worrying?
Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert

Comments

  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    It depends, what area of security do you want to get into? It's like saying "I want to get into IT", when that could mean one of 20 different areas. That seems more like a path for network security, but like you said, very network specific. Like for my environment I'd appreciate the Cisco stuff, but you probably wouldn't be configuring the ASAs, and you wouldn't touch PA or Checkpoint gear. Overall, not an great guide.

    Read this

    https://tisiphone.net/2015/11/08/starting-an-infosec-career-the-megamix-chapters-4-5/

    and try to figure out what actually interests you instead of just trying to collect letters, then you can make a path to get there.
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    Well the way I saw it, the CISSP (the ultimate goal) seems to suit anything from Security Consultant all the way to IT Director and through to the CISO. I guess it's more the getting there, in this case. In security, I'm thinking more along management and consultancy
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    So this is my current plan:

    A1mEn3I.png

    Long-term, of course, and based on experience as it comes in. I figured having some network experience and understanding would be beneficial (I work as a Technical Consultant right now, so it's more validation).
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I think this is duplicate in some areas and lacks focus. What is the end goal? Where do you want to get? That may help refine and narrow down the list.
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    So out of all the areas, my main interest seems to have settled on Intrusion Detection & Monitoring. The idea of "countering" the attacker and figuring out how it happens/happened.
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • soccarplayer29soccarplayer29 Member Posts: 230 ■■■□□□□□□□
    I'd probably drop MTA: Security fundamentals, CCNA: Security, and SSCP. And I'd consider adding CSA+ and maybe GCIH.

    You could probably simplify it even further: Net+ -> Sec+ -> CEH -> CSA+ -> CASP/CISSP
    Certs: CISSP, CISA, PMP
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    Very helpful, thank you. I've taken out CCNA: Security and SSCP, and added CSA+ and GCIH. I assume GCIH comes after CSA+?

    I've decided to keep the MTA, as I'm keen to make sure my bottom foundational levels are solid, so the more I validate there, the better I'll feel moving forward. :)
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Phalanx wrote: »
    I assume GCIH comes after CSA+?

    Doesn't really matter, they are fairly close in terms of knowledge. I would even question the need for both. GCIH is probably more well known, of course it costs a lot more though. The only reason I would ever get both is if you were having trouble getting a position you wanted and wanted to pad the resume.
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    Ah, interesting. OK, so perhaps focus on CSA+ unless I really need GCIH?
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Yep, that is what I would do, unless a company is paying for you to take the course for the GCIH.
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    That's perfect, thank you. Finally after a few weeks, I've got a plan in my head. :) Thank you.
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
Sign In or Register to comment.