Choosing the right security certification

MitMMitM Member Posts: 622 ■■■■□□□□□□
After some debate about what my next role might be, I'm starting come back to the security side of things. More specifically, I'd want to stay on the network/perimeter security side of things. I'd like to also include cloud security.

I am certified in Palo Alto firewalls, as that is the vendor I use at my current company. I have also completed 1 out of the 4 CCNP Security exams. My CCNP R&S expires in 2019, so my initial thought to renew that was to complete the CCNP Security certification. However, I don't use a lot of the technologies it covers at my current employer but I was thinking becoming well versed in a second firewall would be beneficial. Also, Cisco ISE is something we hope to deploy and something I always wanted to learn.

Some of the other areas where I know I want to expand my knowledge is in network analysis, IDS/IPS, DDoS Protection, WAF, Cloud security

Obviously, I will want to renew my R&S somehow, but the question that I'm asking myself is does doing the full CCNP Security make the most sense, from a certification standpoint? Would I be better off with maybe the CISSP as the certification and then after use the rest of my free time learning and labbing the all technology that I want to learn, without worrying about taking exams? Also, since I want to add cloud security too, should I instead opt for maybe AWS Solution Architect and ISC2 CCSP?

Since I deal with Palo daily, I will also sometime this year take the latest PCNSE exam.

So to summarize, these are kind of where I see my options

Option A
Complete full CCNP Security
Possible complete AWS/CCSP certifications

Option B
Complete 1 of the CCNP Security exams just to renew my CCNP R&S for 3 years
Complete CISSP and maybe also AWS/CCSP

If what I'm suggesting doesn't make sense from a job market sense, or if you guys/gals think there is a smart option, I'm open to suggestions.

Comments

  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Any reason CCNA Cyber Ops isn't on the list?

    You stated:
    Some of the other areas where I know I want to expand my knowledge is in network analysis, IDS/IPS, DDoS Protection, WAF, Cloud security

    Seems to me that falls into the realm of monitoring and SOC like operations.

    I'd say Option B with the addition of CCNA Cyber Ops. I believe someone in the cloud section stated AWS was working on a security cert. CISSP is always a good thing, but I question the value of CCSP. I say this because the security concepts, in my opinion, will be the same and it's merely the tech that will be different. Policy wise you'll need to review and make sure to comply with any company rules/regulations/laws about storing data.

    Good luck!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • MitMMitM Member Posts: 622 ■■■■□□□□□□
    I didn’t really consider ccna cyber ops, because I thought that’s more for analysts, who monitor the logs. The knowledge that I’m looking for is that of the person who would be configuring devices for that protection.

    I don’t have anything against an analyst role except for my salary requirement ( > 120k) may be too high for a SOC type position?
  • yoba222yoba222 Member Posts: 1,237 ■■■■■■■■□□
    I would hate to be in a position where I had to worry about keeping two CCNPs from expiring for the rest of my IT career.
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    yoba222 wrote: »
    I would hate to be in a position where I had to worry about keeping two CCNPs from expiring for the rest of my IT career.
    I mean you would just have to focus on one area...you don’t have to alternate what you renew using. I’m in somewhat of a similar situation in that I probably am not going to renew my Cisco certs because I don’t use them, nor have I ever unfortunately. To be honest if you are going to actually deploy ISE, I would take that exam to renew, then go back to focusing on technologies you use right now. That way if you change jobs, you will still have active exams. If you were CCNA I would say don’t worry about it but CCNP means you have a little more invested.
  • MitMMitM Member Posts: 622 ■■■■□□□□□□
    TechGuru80 wrote: »
    I mean you would just have to focus on one area...you don’t have to alternate what you renew using. I’m in somewhat of a similar situation in that I probably am not going to renew my Cisco certs because I don’t use them, nor have I ever unfortunately. To be honest if you are going to actually deploy ISE, I would take that exam to renew, then go back to focusing on technologies you use right now. That way if you change jobs, you will still have active exams. If you were CCNA I would say don’t worry about it but CCNP means you have a little more invested.

    Yeah, too much invested to let it expire. Even though expires next year, I rather just renew it sometime this year so I don't have to worry about it until 2021.

    I guess some of my confusion is what "defensive" security positions consist of. Are they more about policies and less hands on?
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Forensics, incident response, packet or alert analysis, compliance, firewalls, system security...all of that stuff is defensive and depending on the organization, each could be a separate role or combined role...usually large companies will have them separate, smaller will be combined.
  • MitMMitM Member Posts: 622 ■■■■□□□□□□
    TechGuru80 wrote: »
    Forensics, incident response, packet or alert analysis, compliance, firewalls, system security...all of that stuff is defensive and depending on the organization, each could be a separate role or combined role...usually large companies will have them separate, smaller will be combined.

    TechGuru, thanks for the clarification. In my company, we don’t have a security department, so each team is responsible for handling their own security. I am responsible though for running vulnerability scans and meeting with the desktop and server to go over the findings.

    At this point, there’s not any more room to grow, so I’m trying to get the acquire the knowledge to get something new.

    Ideally, I won’t just be looking at firewall or WAF logs, I’ll also be in a position where I can stay current with the technologies to recommend and configure new features to continue to improve security.

    There’s a lot of good products out there from different vendors so that’s where vendor specific certs get iffy
Sign In or Register to comment.