Autonomy in InfoSec
egrizzly
Member Posts: 533 ■■■■■□□□□□
Hello TE world,
Which field in InfoSec would you say has the most autonomy, I mean a situation where you can just obtain the skills needed and then be able to work for yourself. I used to assume it was mainly the CISA certification however I'm seeking some clarification.
egrizzly.
Which field in InfoSec would you say has the most autonomy, I mean a situation where you can just obtain the skills needed and then be able to work for yourself. I used to assume it was mainly the CISA certification however I'm seeking some clarification.
egrizzly.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Comments
-
dustervoice Member Posts: 877 ■■■■□□□□□□You can work for yourself doing anything! but to your point maybe PENTESTING.
-
cyberguypr Mod Posts: 6,928 ModYou can't circumscribe it to a single cert. There are very succesful independent consultants for basically every Infosec discipline. The question is how long will it take you to develop those skills and market them.
-
TheFORCE Member Posts: 2,297 ■■■■■■■■□□Work for yourself as making your own company or taking side gigs and contracts or work for yourself the issues of tasks you are assigned without involving other team members?
-
yoba222 Member Posts: 1,237 ■■■■■■■■□□Consulting. You pick the specialty.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
beads Member Posts: 1,533 ■■■■■■■■■□Vulnerability research is the only path I have ever seen that would allow you to work completely solo, at home and on your own time. For instance, you find the right vulnerability and Google coughs up to 500k. Usually less but finding unknown exploits can be very lucrative.
For most of us a single certification isn't going to provide you with a stable income. Most commonly its dedication, hard work and attention to detail that provide a stable enough income to consult for any length of time. Unfortunately, much of the security field in general is contract anyhow.
Good luck,
b/eads -
egrizzly Member Posts: 533 ■■■■■□□□□□...so to put it simply, penetration testing is what you're vaguely saying provides the most autonomy. Pen Testers find vulnerabilities in company servers working as white hat hackers.Vulnerability research is the only path I have ever seen that would allow you to work completely solo, at home and on your own time. For instance, you find the right vulnerability and Google coughs up to 500k. Usually less but finding unknown exploits can be very lucrative.
For most of us a single certification isn't going to provide you with a stable income. Most commonly its dedication, hard work and attention to detail that provide a stable enough income to consult for any length of time. Unfortunately, much of the security field in general is contract anyhow.
Good luck,
b/eadsB.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ -
egrizzly Member Posts: 533 ■■■■■□□□□□Work for yourself as making your own company or taking side gigs and contracts or work for yourself the issues of tasks you are assigned without involving other team members?
the latterB.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ -
EnderWiggin Member Posts: 551 ■■■■□□□□□□the latter
-
ISACA_your_blood Member Posts: 6 ■□□□□□□□□□I agree with another poster that bug bounties are a good way to go if you want ‘full autonomy’, but you need to be confident in your fuzzing and pentesting skills. In other words, dont give up your day job to pursue it as the opportunities and rewards are unpredictable. Consulting is obviously a good start, but you’re still beholden to your clients’ expectations. For general infosec, the CISA and ISO LA routes could be an option. IMO auditing provides the best opportunity to be ‘independent’, given that it is a core tenet of the profession.