IT Pro Journey into Security?
Phalanx
Member Posts: 331 ■■■□□□□□□□
I was wondering if this is a good roadmap for someone with an IT background to get into the InfoSec side of things:
https://www.cbtnuggets.com/blog/2017/01/unlocking-your-it-security-career-pathway/
Thoughts? My waryness here is a lot of the vendor-specific stuff early on. Am I wrong in worrying?
https://www.cbtnuggets.com/blog/2017/01/unlocking-your-it-security-career-pathway/
Thoughts? My waryness here is a lot of the vendor-specific stuff early on. Am I wrong in worrying?
Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert
Comments
-
Danielm7 Member Posts: 2,310 ■■■■■■■■□□It depends, what area of security do you want to get into? It's like saying "I want to get into IT", when that could mean one of 20 different areas. That seems more like a path for network security, but like you said, very network specific. Like for my environment I'd appreciate the Cisco stuff, but you probably wouldn't be configuring the ASAs, and you wouldn't touch PA or Checkpoint gear. Overall, not an great guide.
Read this
https://tisiphone.net/2015/11/08/starting-an-infosec-career-the-megamix-chapters-4-5/
and try to figure out what actually interests you instead of just trying to collect letters, then you can make a path to get there. -
Phalanx Member Posts: 331 ■■■□□□□□□□Well the way I saw it, the CISSP (the ultimate goal) seems to suit anything from Security Consultant all the way to IT Director and through to the CISO. I guess it's more the getting there, in this case. In security, I'm thinking more along management and consultancyClient & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert -
Phalanx Member Posts: 331 ■■■□□□□□□□So this is my current plan:
Long-term, of course, and based on experience as it comes in. I figured having some network experience and understanding would be beneficial (I work as a Technical Consultant right now, so it's more validation).Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert -
cyberguypr Mod Posts: 6,928 ModI think this is duplicate in some areas and lacks focus. What is the end goal? Where do you want to get? That may help refine and narrow down the list.
-
Phalanx Member Posts: 331 ■■■□□□□□□□So out of all the areas, my main interest seems to have settled on Intrusion Detection & Monitoring. The idea of "countering" the attacker and figuring out how it happens/happened.Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert -
soccarplayer29 Member Posts: 230 ■■■□□□□□□□I'd probably drop MTA: Security fundamentals, CCNA: Security, and SSCP. And I'd consider adding CSA+ and maybe GCIH.
You could probably simplify it even further: Net+ -> Sec+ -> CEH -> CSA+ -> CASP/CISSPCerts: CISSP, CISA, PMP -
Phalanx Member Posts: 331 ■■■□□□□□□□Very helpful, thank you. I've taken out CCNA: Security and SSCP, and added CSA+ and GCIH. I assume GCIH comes after CSA+?
I've decided to keep the MTA, as I'm keen to make sure my bottom foundational levels are solid, so the more I validate there, the better I'll feel moving forward.Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□I assume GCIH comes after CSA+?
Doesn't really matter, they are fairly close in terms of knowledge. I would even question the need for both. GCIH is probably more well known, of course it costs a lot more though. The only reason I would ever get both is if you were having trouble getting a position you wanted and wanted to pad the resume. -
Phalanx Member Posts: 331 ■■■□□□□□□□Ah, interesting. OK, so perhaps focus on CSA+ unless I really need GCIH?Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□Yep, that is what I would do, unless a company is paying for you to take the course for the GCIH.
-
Phalanx Member Posts: 331 ■■■□□□□□□□That's perfect, thank you. Finally after a few weeks, I've got a plan in my head. Thank you.Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
Currently Studying: Microsoft 365 Enterprise Administrator Expert