What cert should i do next?

OmniManOmniMan Member Posts: 78 ■■■□□□□□□□
I’ve been in security for 3 years. I am doing very well career and pay wise. I have my GSEC, sec +, crisc, Isaca csx, and itil. I have no idea what cert I want to do next. The CISSP just seems so boring and like I won’t leern anything beneficial. Any recommendations? I have no idea what I want to focus on security wise at this time.

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    If you want to go for one that will guarantee to benefit you, go for one that has focus on the tasks at your current position.
  • OmniManOmniMan Member Posts: 78 ■■■□□□□□□□
    Will SEC504 offer me benefits beyond the GSEC or should I jump straight from GSEC to GPEN?
  • E Double UE Double U Member Posts: 2,229 ■■■■■■■■■■
    What is your current role? Do you know what direction you want to head in career wise? GCIH is great for an incident handler, but not for someone performing audits.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    OmniMan wrote: »
    Will SEC504 offer me benefits beyond the GSEC or should I jump straight from GSEC to GPEN?

    Sure if the topics correlate to your current job functions and can see where learning more about them can benefit you.
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    There's really just two main reasons to do certs: To get paid more and to learn more.

    To get paid more, CISSP is probably the way to go. And I don't necessarily just mean it will pay you more, but if you're out looking for a job, it should get you a job and get money in your pocket faster than without. In other words, it's still a badge that gets you noticed. If you're looking at more audit stuff, CISA/CISM?

    To learn more, it's about what you need to learn and/or what you want to learn.

    What do you need to do your job better, or to do the job you want to be doing?

    Otherwise, what do you want to learn? Are you excited about some part of it? Is there a weakness you perceive that you could improve?

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    OmniMan wrote: »
    Will SEC504 offer me benefits beyond the GSEC or should I jump straight from GSEC to GPEN?

    I don't actually know GSEC or SEC504 specifically, but I do know that if you want to do pen testing or attack systems, or just know how attackers attack systems, that would be GPEN.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    LonerVamp wrote: »
    I don't actually know GSEC or SEC504 specifically, but I do know that if you want to do pen testing or attack systems, or just know how attackers attack systems, that would be GPEN.

    Wouldn't the OSCP be a better choice for attacking systems. I thought the GPEN was a mix of compliance (to cover your azz) and penetration testing.
    Still searching for the corner in a round room.
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    TechGromit wrote: »
    Wouldn't the OSCP be a better choice for attacking systems. I thought the GPEN was a mix of compliance (to cover your azz) and penetration testing.
    yeah. I tend to knee-jerk a bit to GPEN (if someone has already been talking about GIAC stuff) as it is more hand-held, or even eLearn. But if someone is full on about jumping into the moreorless deep end without the guidance, I say more power to 'em. :)

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
Sign In or Register to comment.