Autonomy in InfoSec

egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+Member Posts: 480 ■■■■■□□□□□
Hello TE world,

Which field in InfoSec would you say has the most autonomy, I mean a situation where you can just obtain the skills needed and then be able to work for yourself. I used to assume it was mainly the CISA certification however I'm seeking some clarification.

egrizzly.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Comments

  • dustervoicedustervoice Member Posts: 877 ■■■■□□□□□□
    You can work for yourself doing anything! but to your point maybe PENTESTING.
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,926 Mod
    You can't circumscribe it to a single cert. There are very succesful independent consultants for basically every Infosec discipline. The question is how long will it take you to develop those skills and market them.
  • TheFORCETheFORCE Senior Member Member Posts: 2,298 ■■■■■■■■□□
    Work for yourself as making your own company or taking side gigs and contracts or work for yourself the issues of tasks you are assigned without involving other team members?
  • yoba222yoba222 Senior Member Member Posts: 1,233 ■■■■■■■■□□
    Consulting. You pick the specialty.
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
  • beadsbeads Senior Member Member Posts: 1,520 ■■■■■■■■■□
    Vulnerability research is the only path I have ever seen that would allow you to work completely solo, at home and on your own time. For instance, you find the right vulnerability and Google coughs up to 500k. Usually less but finding unknown exploits can be very lucrative.

    For most of us a single certification isn't going to provide you with a stable income. Most commonly its dedication, hard work and attention to detail that provide a stable enough income to consult for any length of time. Unfortunately, much of the security field in general is contract anyhow.

    Good luck,

    b/eads
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 480 ■■■■■□□□□□
    ...so to put it simply, penetration testing is what you're vaguely saying provides the most autonomy. Pen Testers find vulnerabilities in company servers working as white hat hackers.
    beads wrote: »
    Vulnerability research is the only path I have ever seen that would allow you to work completely solo, at home and on your own time. For instance, you find the right vulnerability and Google coughs up to 500k. Usually less but finding unknown exploits can be very lucrative.

    For most of us a single certification isn't going to provide you with a stable income. Most commonly its dedication, hard work and attention to detail that provide a stable enough income to consult for any length of time. Unfortunately, much of the security field in general is contract anyhow.

    Good luck,

    b/eads
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 480 ■■■■■□□□□□
    TheFORCE wrote: »
    Work for yourself as making your own company or taking side gigs and contracts or work for yourself the issues of tasks you are assigned without involving other team members?

    the latter
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • EnderWigginEnderWiggin Member Posts: 551 ■■■■□□□□□□
    egrizzly wrote: »
    the latter
    In that case, you can do it with pretty much any specialty. You just have to be better than the majority of the other people whom specialize in that area, and find a boss that likes results.
  • ISACA_your_bloodISACA_your_blood Member Posts: 6 ■□□□□□□□□□
    I agree with another poster that bug bounties are a good way to go if you want ‘full autonomy’, but you need to be confident in your fuzzing and pentesting skills. In other words, dont give up your day job to pursue it as the opportunities and rewards are unpredictable. Consulting is obviously a good start, but you’re still beholden to your clients’ expectations. For general infosec, the CISA and ISO LA routes could be an option. IMO auditing provides the best opportunity to be ‘independent’, given that it is a core tenet of the profession.
Sign In or Register to comment.