Next SANS Cert GCWN or GRID

azkh18

Hello all,
I have an opportunity coming up where I can get sponsored to take on another SANS course. I already have the GICSP cert under my belt this year and am looking to build up my resume a bit more. Unfortunately I can only take OnDemand or Self Study courses at this time so that already whittles down the list quite a bit.
I was eyeing either the ICS515 (GRID) or SEC505(GCWN) certs. It seemed to me that there is a lot of hype built up around ICS515 because it comes recommended by Robert Lee. However, I don't see a lot of demand or job postings for that in the industry. Not that I see a lot of job postings for GCWN certs either but i get the feel that it has more useful practical material. Anyway, Just wanted to take a quick poll from the community on their thoughts on the matter. What has your experience been in the industry as to what's considered more valuable to employers? Any thoughts or feedback or alternative suggestions for SANS courses would be much appreciated.
Thank you all in advance!

markmorow

If you work in ICS area then that one would make more sense to me. If you dont then do GCWN. I just did that one a month ago and it was very very good. You come away with lots of actionable practicable things to do in an Windows/AD environment. If you aren't working in that space or trying to get into that space though that doesn't make sense for you to take.

LonerVamp

Basically two questions, what do you want to do and what do you do today? If you already have a job that meets ICS/SCADA types of duties, cool! If not, I can't say in my neck of the woods I'd have seen any jobs related to it, ever. If you're looking to land somewhere, GCWN is going to be more interesting to more employers, though honestly GCIH/GCIA may be a little more universal and recognized.

c5rookie

I haven't taken ICS515, so I can't speak to that course. However, I thought that SEC505 was a great learning experience. Windows is a complex beast and I learned a lot from the course. Being able to apply the techniques to my work environment and home network was quite valuable.

noble13

I took ICS 515 and passed the GRID in August. The course focuses on incident handling and using threat intelligence within ICS networks. There was a bunch on forensics such as redline and volatility so if you are looking for something with a forensics flair then it may be what you are seeking. I had completed FOR578 (Cyber threat intel) before taking it and found there to be overlap in around a third of the materials.

I enjoyed the course and learned a bunch coming from a non-ICS background. I took ICS 515 hoping to take ICS410 next and think it was a good intro as far as how ICS/SCADA systems go.

Ptey07

A bit of a long shot, and i know many are against but im currently studing the grid now, is there anyone willing to share an index so i could add to mine, i know its the part of sans however i always struggle with it and did so with my last sans 

charismaticx

The 505 course is a must for any Windows system admin. It’s builds upon any previous Windows administrations skills and it teaches you how to automate it. The class is definitely worth it!