kurzon wrote: » Hello everyone, I am about to immigrate to another country and I try to find ways to improve my CV quickly in 4-5 months. I have 12 years of network security and pentesting experience, but I do not have any certification except CCNA and SSCP. CEH is good to catch HR attention, but OSCP is much more reputable and challenging "IF" the HR knows about it. CEH is also much more easier to get, which is good for me as I am looking for something quick to get. Which one do you think I should get? Thanks.
kurzon wrote: » @jelevated, CISSP is not the direction I want to take. I have zero interest in managerial positions.
JoJoCal19 wrote: » Honestly you'd only be doing yourself a disservice to not go after the CISSP at some point. Far more than managerial positions ask for it.
SteveLavoie wrote: » welcome to Canada I just hope that for the "Cyber Security Analyst", you are speaking french as Bombardier is a very "french" compagny.
kurzon wrote: » Thank you for the welcome I showed those ads just as examples, I will not be applying any jobs for a couple of months as I don't have any intention to move yet. Thank you very much everyone for your opinions. The chart is very interesting DatabaseHead. I think I will go for OSCP for now. 4-5 months is enough to get prepared. And next year I will upgrade my SSCP to CISSP. I presume "CCNA, SSCP, OSCP, on the path to CISSP" would look nice enough to nail a decent job.
mgeoffriau wrote: » This is somewhat personal preference, but I'm not a fan of "on the path to" or "planned" or things like that. I might make an exception for something like a degree program where you have a set schedule and expected graduation date, but not for a certification exam. Save things like that for the interview.
Raisin wrote: » I've seen too many screw up were somebody quickly scans a resume and just sees a keyword like CISSP and assumes the candidate has it. That can create some negative feelings when the truth comes out. Better to just wait and not clutter your resume with things you don't have yet.
kurzon wrote: » I presume "CCNA, SSCP, OSCP, on the path to CISSP" would look nice enough to nail a decent job.
kurzon wrote: » It is a shame for the industry that I must obtain a certificate which I do not intend to follow its path just to pass the HR.
kurzon wrote: » It is a shame for the industry that I must obtain a certificate which I do not intend to follow its path just to pass the HR. In my opinion, OSCP+SSCP makes much more sense than OSCP+CISSP.
jelevated wrote: » However there are absolutely CISSPs with Dev, opsec, net, red team type experience. And these are the people who get the most interest from hiring managers.
kurzon wrote: » This is exactly what I'm talking about. CISSP is clearly a managerial certification which is for people who aim managerial positions.
higherho wrote: » If you want to stay technical and be the top of your pen testing game. Then get the OSCP then OSCE. CISSP is only popular simply because of the DOD 8570 requirements which then a flood of contractors, military, and government civilians got it. It's a high level (1 inch deep 1 mile wide) certification which most people forget half of what they read the moment the exam is over simply because too much content. General baseline knowledge of security? Eh maybe but it really is too high level. I've talked to too many CISSP only holders who can only talk the high level but can barely crawl when you get into the weeds. You want to know why we have a technical cyber security problem? Keep making certifications and studies like the CISSP and you will find out why we don't have good talent. I only recommend CEH to individuals who are new to the industry and want to get their foot in the door. Good content but the exam isn't hard at all.
