Need advice- boot camp?

Hi guys,

Quick background- I am a 21 year old looking to get into cyber security. I figured my certs would be a great help, but I have no formal training and much of what I learned in the certs has already left my mind. However, I haven't given up yet.

I'm currently in an internship at a large IT company. They have refused to give me a cyber security role, or training in...well...anything! I've written a security review for an app and did a presentation on OWASP vulnerabilities but otherwise have had no real exposure. I've done some compliance work with an infrastructure as code language but haven't written a line of code, just documentation on how to set up a work station.

So here's where I stand currently. My internship ends in 2 weeks, and school starts back up in 3 weeks. Additionally, in 3 weeks, applications will open for a company I want to work for, and whom might let me do security. They would have me doing information protection work. I want to increase my chances of getting into their program while there is still time.

I have two assets left that could help me.

I've obtained a list of some of the security applications and tools this company uses. Additionally, I've been given permission by my parents to do a boot camp in whatever I wish right during that 1 week gap between the internship ending and the new job applications opening.

What would you recommend? I am willing to give more information if needed.

Find more posts tagged with

Comments

yoba222

For quick skill building I'd squeeze in doing eJPT. Not a boot camp but it will feel somewhat like you went to one afterwards.

CertifiedMonkey

I agree with the post above. Check out the eJPT for $350 instead of spending $1k+ on a boot camp. Also, I'd review the A+, Net+, and Sec+ material if I was you. You said that a lot of what you learned from those certs has left your mind. Well, if you go into an interview and can't answer questions that are covered by these certs, how do you think that will look?

GirlyGirl

Deus Ex Machina wrote: »

Hi guys,

Quick background- I am a 21 year old looking to get into cyber security. I figured my certs would be a great help, but I have no formal training and much of what I learned in the certs has already left my mind. However, I haven't given up yet.

I'm currently in an internship at a large IT company. They have refused to give me a cyber security role, or training in...well...anything! I've written a security review for an app and did a presentation on OWASP vulnerabilities but otherwise have had no real exposure. I've done some compliance work with an infrastructure as code language but haven't written a line of code, just documentation on how to set up a work station.

So here's where I stand currently. My internship ends in 2 weeks, and school starts back up in 3 weeks. Additionally, in 3 weeks, applications will open for a company I want to work for, and whom might let me do security. They would have me doing information protection work. I want to increase my chances of getting into their program while there is still time.

I have two assets left that could help me.

I've obtained a list of some of the security applications and tools this company uses. Additionally, I've been given permission by my parents to do a boot camp in whatever I wish right during that 1 week gap between the internship ending and the new job applications opening.

What would you recommend? I am willing to give more information if needed.

How much money are your parents willing to spend for a boot camp? That will help facilitate the best answer based upon my opinion.

I am not saying nothing bad about the eJPT. I did a sample or evaluation or something to that effect with it like 2 years ago. It was like teaching me how to ride a bike, with training wheels. So, I never went back to it. But, I know our circumstances are different.

I would not suggest eJPT if you are looking to get a heads up on competition. The cert is useless in terms of competing in the Cyber Security Field. Did I say useless? It is good for learning but it will not stick out any resume. Most HR do not even know what it is. Put it in indeed and see how many hits you get, I will wait.................................

10 years later.

Ok, I am back. It might be useful in the future but as of now I would not get the cert for a competitive advantage. If you only have a few hundred to spend I would go the Offensive Security route and attempt OSWP. Granted the OSWP is not going to have job boards buzzing, but you'll get more hits than eJPT. If you want to be slick, you make sure you put Offensive Security-OSWP on your resume. So, if someone is familiar with Offensive Security (more than likely they are) and not OSWP, they can at least reference the cert on the website. Getting the eJPT is a step in showing someone you are attempting to get into CyberSecurity. I will say that positive sentence. But, who isn't trying to get into CyberSecurity? That is the main question. You and everyone else is following this fad. What makes your attempt greater or less than the next individual attempt to get in.

I personally paid for a CEH bootcamp out of my pocket. I have also paid for more than one SANS event. For the price of attending a SANS event in Germany I should have just ordered OnDemand and taken the course in my bedroom. But, that is another topic and I got out topic. My apologies.

I see know way to increase chances with eJPT. From a governmental perspective you have the foundation to success, Security+. I think you have a better chance of being competitive with CEH, although frowned upon it will get passed the HR filters and possibly lead to semi-success.

I will give you a little insight. HR looks for key words, cert, education, experience that the hiring staff/managers want. If you don't have that buzzing word in your resume such as Bachelor's, CEH, GCIH, SANS, GIAC, Isc2, Offensive Security, HIPS, IDS, Burp Suite, etc...you might not make it past HR. Although sometimes they'll push a resume that is remotely close, depending on the desperation.

If your budget is several thousands of dollars, attend SANS training. Yes, being a facilitator is a lot cheaper. You can read it hundreds of times on this board. But, in my experience they have contacted me less less than a month prior to the event. That really does not give someone an enormous amount of time to request leave and/or adjust leave pending someone else is out specific dates. I have never had a response from SANS within 3 weeks and I have liter

Either route you pick, I wish you the best!

Deus Ex Machina

@yoba222
Thanks, I'll have to check that out.
@GirlyGirl
My budget is pretty big. I could probably negotiate my way through anything under 5k, maybe split the cost for anything above that. It's a pill I'd be willing to swallow if it ultimately made the difference between me getting into a security development program or not. With that being said, would you have any particular SANS courses in mind? The "SEC401: Security Essentials Bootcamp Style" course stands out to me...but its close to $6000. I'll do it if its really gonna allow me to kick some ass come interview time.

Deus Ex Machina

I've spoken with my parents about SANS training. They've told me that they would be willing to work something out IF it guarantees/significantly improves my chances of getting into a security track. There are obviously no guarantees in life (I could get hit by a bus tomorrow...even if I don't go outside), but I guess the real question here is whether the SANS training (and potentially GIAC cert) would really bolster my odds. If they won't or it will only improve them by a small amount, the answer is no. If they improve them by a significant amount, the answer is yes.

stryder144

Honestly, many of the job recs I've read lately have mentioned GIAC certs. They usually say something like this: "CISSP, SSCP, CEH, any GIAC, Security+, etc". Any GIAC, not a specific one like the rest of the certs mentioned. As such, I would recommend that you seriously consider getting your GIAC GSEC cert. It will significantly improve your odds on paper (meaning that you need to be able to convey your skillset during interviews, dress well, be respectful, etc).

ITSpectre

I have a question.
On the website it says that the eJPT infinity voucher is 200.00. Is that JUST the certification alone or does that include the course AND the certification??? If so then all I need to do is purchase the voucher and the course comes with it??? if not.... what course will I need to pay for Before taking the eJPT....