What cert should i do next?
I’ve been in security for 3 years. I am doing very well career and pay wise. I have my GSEC, sec +, crisc, Isaca csx, and itil. I have no idea what cert I want to do next. The CISSP just seems so boring and like I won’t leern anything beneficial. Any recommendations? I have no idea what I want to focus on security wise at this time.
Comments
-
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
If you want to go for one that will guarantee to benefit you, go for one that has focus on the tasks at your current position. -
OmniMan
Member Posts: 78 ■■■□□□□□□□
Will SEC504 offer me benefits beyond the GSEC or should I jump straight from GSEC to GPEN? -
E Double U
Member Posts: 2,244 ■■■■■■■■■■
What is your current role? Do you know what direction you want to head in career wise? GCIH is great for an incident handler, but not for someone performing audits.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Will SEC504 offer me benefits beyond the GSEC or should I jump straight from GSEC to GPEN?
Sure if the topics correlate to your current job functions and can see where learning more about them can benefit you. -
LonerVamp
Member Posts: 518 ■■■■■■■■□□
There's really just two main reasons to do certs: To get paid more and to learn more.
To get paid more, CISSP is probably the way to go. And I don't necessarily just mean it will pay you more, but if you're out looking for a job, it should get you a job and get money in your pocket faster than without. In other words, it's still a badge that gets you noticed. If you're looking at more audit stuff, CISA/CISM?
To learn more, it's about what you need to learn and/or what you want to learn.
What do you need to do your job better, or to do the job you want to be doing?
Otherwise, what do you want to learn? Are you excited about some part of it? Is there a weakness you perceive that you could improve?
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
LonerVamp
Member Posts: 518 ■■■■■■■■□□
Will SEC504 offer me benefits beyond the GSEC or should I jump straight from GSEC to GPEN?
I don't actually know GSEC or SEC504 specifically, but I do know that if you want to do pen testing or attack systems, or just know how attackers attack systems, that would be GPEN.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
TechGromit
Member Posts: 2,156 ■■■■■■■■■□
I don't actually know GSEC or SEC504 specifically, but I do know that if you want to do pen testing or attack systems, or just know how attackers attack systems, that would be GPEN.
Wouldn't the OSCP be a better choice for attacking systems. I thought the GPEN was a mix of compliance (to cover your azz) and penetration testing.Still searching for the corner in a round room. -
LonerVamp
Member Posts: 518 ■■■■■■■■□□
yeah. I tend to knee-jerk a bit to GPEN (if someone has already been talking about GIAC stuff) as it is more hand-held, or even eLearn. But if someone is full on about jumping into the moreorless deep end without the guidance, I say more power to 'em.TechGromit wrote: »Wouldn't the OSCP be a better choice for attacking systems. I thought the GPEN was a mix of compliance (to cover your azz) and penetration testing.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?