Cybersecurity Career Advice- EMBA or More ccertifications ?

shreenag

Hello Everyone

So I was thinking to apply for one of the leading B schools in my country(Top 30 B school in the world) for its executive MBA program over the weekends. Currently working as IT Security controls testing lead with one of the IT service companies. Now I have 8.5 years of experience excluding a 1 yr break which I took because of personal reasons. By the time I reach 12 years of experience I want to be at Associate Director/Director levels at Pwc, Deloitte ,EY etc... I would like to be involved in Sales/ Account management.

My experience in Info sec is in the Assurance and controls testing arena for the past 3 years. Prior to my current stint in the Controls testing arena I was involved as a VoIP Test engineer for 5 years I have certifications like CCNA, CEH, ISO 27001 LA and ISO 27001 LI. Though I could not clear the CISSP(failed with 66 I got a broad view of IT security and lot of useful knowledge.

My question is would an Executive MBA help me land such roles as mentioned above or should I study more security certifications like CISSP(reattempt), CISA, OSCP , GPEN, GCIH ? Thing is I am relatively new to infosec, so I was wondering whether I should join exec MBA now or postpone this idea until I have a firm technical base.

Another way to think is that I can do these courses like GPEN and GCIH even after or during the MBA (as its over weekends only).

Any advice would be appreciated.

R6Raven

I'm in a similar position myself and have gone way down the certification vs. MBA rabbit hole, so here's my take: You need to decide firmly where you want your career to head first. The focus of the MBA, and even more so the EMBA, will be very different from the OSCP. Like, worlds apart. If you're more interested in the management route then obviously the CISSP/CISM and perhaps CRISC will be of more use and the MBA will just cap that off. If you want to stick with a more technical route, the MBA will certainly help in some situations (negotiating a higher pay for instance) but won't contribute as much to a technical arena and you'd likely see more value from the OSCP/SANS certs. For me personally, I got most of the certs I wanted out of the way, am migrating toward a management position, and applying for MBA programs soon. From what I can see, the MBA will help bring it all together, but it won't be a silver bullet for my career and a move into management. If you have a shiny piece of paper, but don't know how to manage people, it really doesn't do you much good, right? Regardless, if you're planning to stay in the security space keep going with the CISSP, if only to get past the HR filters. My career options expanded significantly once those letters hit my resume and the test is certainly doable, but it does take a lot of time and dedication. Hope this helps and good luck with your decision.