rs23 wrote: » I started my Security+ certification prep but a lot of my friends/peers feel i am aiming too low and should do CISSP and CCSP or CCSK since my end goal is to do cloud security. What do you guys think?
Tekn0logy wrote: » I think you should stick to your plan. Get your feet wet with Security+ and then move up QUICKLY. Don't rest on your laurels between certs so you don't get brain-drain. I would also get an industry specific cert as well.
rs23 wrote: » Just curious, how easy is to recertify through CPE for both?
scasc wrote: » Agree with the ones who are saying go straight for CISSP. Don’t waste time and bite the bullet. You will pass this it’s not impossible. If you want to go down cloud route I’m inclined to say forget about CCSP etc and go straight for Azure or AWS. I’ve seen people with CCSP who can’t advise on AWS controls as they don’t get it.
rs23 said: I have 10 years Federal consulting experience and have a MS in Computer and Network security from 2008. I let my CCNA and CEH expire a few years ago as i shifted to middle management. I serve as a technology lead for our corporate teams advising on solution mainly in Office 365/Cloud migrations and have worked previous in NOC/SOC and ISO 27001 audits. I started my Security+ certification prep but a lot of my friends/peers feel i am aiming too low and should do CISSP and CCSP or CCSK since my end goal is to do cloud security. At 40 with 3 kids/wife i dont have too much time to waste and need to get a couple of certs under my belt for better opportunities. What do you guys think? Thank you
Goteki54 said: rs23 said: I have 10 years Federal consulting experience and have a MS in Computer and Network security from 2008. I let my CCNA and CEH expire a few years ago as i shifted to middle management. I serve as a technology lead for our corporate teams advising on solution mainly in Office 365/Cloud migrations and have worked previous in NOC/SOC and ISO 27001 audits. I started my Security+ certification prep but a lot of my friends/peers feel i am aiming too low and should do CISSP and CCSP or CCSK since my end goal is to do cloud security. At 40 with 3 kids/wife i dont have too much time to waste and need to get a couple of certs under my belt for better opportunities. What do you guys think? Thank you I would probably take a different approach. If I had the a CCNA and CEH cert but let them expired but wanted to get back into security, I would probably consider setting a 3 month time frame to knock out Security+ to get it out of the way, but instead of going for CISSP next, I would probably go for the CCNA Security Cert next pass that and then go for CISSP. The Sec+ and the CCNA Security would be a nice one two punch on your resume to get back into the security area while you work on toping it off with CISSP.
rs23 said: Goteki54 said: rs23 said: I have 10 years Federal consulting experience and have a MS in Computer and Network security from 2008. I let my CCNA and CEH expire a few years ago as i shifted to middle management. I serve as a technology lead for our corporate teams advising on solution mainly in Office 365/Cloud migrations and have worked previous in NOC/SOC and ISO 27001 audits. I started my Security+ certification prep but a lot of my friends/peers feel i am aiming too low and should do CISSP and CCSP or CCSK since my end goal is to do cloud security. At 40 with 3 kids/wife i dont have too much time to waste and need to get a couple of certs under my belt for better opportunities. What do you guys think? Thank you I would probably take a different approach. If I had the a CCNA and CEH cert but let them expired but wanted to get back into security, I would probably consider setting a 3 month time frame to knock out Security+ to get it out of the way, but instead of going for CISSP next, I would probably go for the CCNA Security Cert next pass that and then go for CISSP. The Sec+ and the CCNA Security would be a nice one two punch on your resume to get back into the security area while you work on toping it off with CISSP. That is an interesting take. What is the logic behind going for CCNA security? honest question. My original goal was Security+, CISSP and AWS SA associate
Goteki54 said: rs23 said: Goteki54 said: rs23 said: I have 10 years Federal consulting experience and have a MS in Computer and Network security from 2008. I let my CCNA and CEH expire a few years ago as i shifted to middle management. I serve as a technology lead for our corporate teams advising on solution mainly in Office 365/Cloud migrations and have worked previous in NOC/SOC and ISO 27001 audits. I started my Security+ certification prep but a lot of my friends/peers feel i am aiming too low and should do CISSP and CCSP or CCSK since my end goal is to do cloud security. At 40 with 3 kids/wife i dont have too much time to waste and need to get a couple of certs under my belt for better opportunities. What do you guys think? Thank you I would probably take a different approach. If I had the a CCNA and CEH cert but let them expired but wanted to get back into security, I would probably consider setting a 3 month time frame to knock out Security+ to get it out of the way, but instead of going for CISSP next, I would probably go for the CCNA Security Cert next pass that and then go for CISSP. The Sec+ and the CCNA Security would be a nice one two punch on your resume to get back into the security area while you work on toping it off with CISSP. That is an interesting take. What is the logic behind going for CCNA security? honest question. My original goal was Security+, CISSP and AWS SA associate I just did a took a glance at the AWS AS associate, it's an intermediate certification, CISSP is an advanced security management cert.. From the order you presented , you want to go from entry level, to advanced ,to intermediate. From what I've read from your first post, your goal is Security, if that's the case then how does AWS SA associate fits into the equation for you? I stated CCNA Security, because I felt since you had the CCNA cert before then getting the CCNA would be an easy pick up for an intermediate security cert to go along with the Security +. Here's why I wouldn't go for CISSP right off the bat. CISSP as we know is a security management cert requiring or expecting that the person has 5 years of experience in order to get the full certification. If the goal is to get full certification, then one has to have the accumulated experience to get it. To get the experience in the roles that will fulfill those requirements will require an intermediate security cert to do so along with Security+. Here's my logic Let's say that you pass the Sec+ and then pass the CISSP exam, So now you have one certification, your Security+ and a designation from ISC(2), Associate of ISC(2) CISSP, which means you pass the exam but doesn't have the experience to get the cert. So lets say that the security domain related roles you need to get from other job roles in order to fulfill your experience requirement require you to have more then a Security + Certification, then what will you do? In other words, instead of the "ready, aim fire" approach, it's now fire,aim, ready. I could be wrong about this, but I believe if you pass the CISSP and get the Associate badge, it's good for the same amount of time as the CISSP. If that's true, then you will have to pay the full exam price the first time of $699 just to get the associate badge and then again 3 years renewal later just to get the "associate badge again".if you haven't met the experience threshold. My thinking is that if I'm going to spend that kind of money on an exam, (A) I'm going to expect the full cert upon passing, which means I will have had all the work experience to get it or (B) I will be darn close to meeting the work experience to get to convert from Associate to full CISSP before renewal.
rs23 said: Goteki54 said: rs23 said: Goteki54 said: rs23 said: I have 10 years Federal consulting experience and have a MS in Computer and Network security from 2008. I let my CCNA and CEH expire a few years ago as i shifted to middle management. I serve as a technology lead for our corporate teams advising on solution mainly in Office 365/Cloud migrations and have worked previous in NOC/SOC and ISO 27001 audits. I started my Security+ certification prep but a lot of my friends/peers feel i am aiming too low and should do CISSP and CCSP or CCSK since my end goal is to do cloud security. At 40 with 3 kids/wife i dont have too much time to waste and need to get a couple of certs under my belt for better opportunities. What do you guys think? Thank you I would probably take a different approach. If I had the a CCNA and CEH cert but let them expired but wanted to get back into security, I would probably consider setting a 3 month time frame to knock out Security+ to get it out of the way, but instead of going for CISSP next, I would probably go for the CCNA Security Cert next pass that and then go for CISSP. The Sec+ and the CCNA Security would be a nice one two punch on your resume to get back into the security area while you work on toping it off with CISSP. That is an interesting take. What is the logic behind going for CCNA security? honest question. My original goal was Security+, CISSP and AWS SA associate I just did a took a glance at the AWS AS associate, it's an intermediate certification, CISSP is an advanced security management cert.. From the order you presented , you want to go from entry level, to advanced ,to intermediate. From what I've read from your first post, your goal is Security, if that's the case then how does AWS SA associate fits into the equation for you? I stated CCNA Security, because I felt since you had the CCNA cert before then getting the CCNA would be an easy pick up for an intermediate security cert to go along with the Security +. Here's why I wouldn't go for CISSP right off the bat. CISSP as we know is a security management cert requiring or expecting that the person has 5 years of experience in order to get the full certification. If the goal is to get full certification, then one has to have the accumulated experience to get it. To get the experience in the roles that will fulfill those requirements will require an intermediate security cert to do so along with Security+. Here's my logic Let's say that you pass the Sec+ and then pass the CISSP exam, So now you have one certification, your Security+ and a designation from ISC(2), Associate of ISC(2) CISSP, which means you pass the exam but doesn't have the experience to get the cert. So lets say that the security domain related roles you need to get from other job roles in order to fulfill your experience requirement require you to have more then a Security + Certification, then what will you do? In other words, instead of the "ready, aim fire" approach, it's now fire,aim, ready. I could be wrong about this, but I believe if you pass the CISSP and get the Associate badge, it's good for the same amount of time as the CISSP. If that's true, then you will have to pay the full exam price the first time of $699 just to get the associate badge and then again 3 years renewal later just to get the "associate badge again".if you haven't met the experience threshold. My thinking is that if I'm going to spend that kind of money on an exam, (A) I'm going to expect the full cert upon passing, which means I will have had all the work experience to get it or (B) I will be darn close to meeting the work experience to get to convert from Associate to full CISSP before renewal. I agree with your logic. I believe i have the 5 years required experience. My goal for doing AWS cert was to get into the cloud security domain.
Goteki54 said: rs23 said: Goteki54 said: rs23 said: Goteki54 said: rs23 said: I have 10 years Federal consulting experience and have a MS in Computer and Network security from 2008. I let my CCNA and CEH expire a few years ago as i shifted to middle management. I serve as a technology lead for our corporate teams advising on solution mainly in Office 365/Cloud migrations and have worked previous in NOC/SOC and ISO 27001 audits. I started my Security+ certification prep but a lot of my friends/peers feel i am aiming too low and should do CISSP and CCSP or CCSK since my end goal is to do cloud security. At 40 with 3 kids/wife i dont have too much time to waste and need to get a couple of certs under my belt for better opportunities. What do you guys think? Thank you I would probably take a different approach. If I had the a CCNA and CEH cert but let them expired but wanted to get back into security, I would probably consider setting a 3 month time frame to knock out Security+ to get it out of the way, but instead of going for CISSP next, I would probably go for the CCNA Security Cert next pass that and then go for CISSP. The Sec+ and the CCNA Security would be a nice one two punch on your resume to get back into the security area while you work on toping it off with CISSP. That is an interesting take. What is the logic behind going for CCNA security? honest question. My original goal was Security+, CISSP and AWS SA associate I just did a took a glance at the AWS AS associate, it's an intermediate certification, CISSP is an advanced security management cert.. From the order you presented , you want to go from entry level, to advanced ,to intermediate. From what I've read from your first post, your goal is Security, if that's the case then how does AWS SA associate fits into the equation for you? I stated CCNA Security, because I felt since you had the CCNA cert before then getting the CCNA would be an easy pick up for an intermediate security cert to go along with the Security +. Here's why I wouldn't go for CISSP right off the bat. CISSP as we know is a security management cert requiring or expecting that the person has 5 years of experience in order to get the full certification. If the goal is to get full certification, then one has to have the accumulated experience to get it. To get the experience in the roles that will fulfill those requirements will require an intermediate security cert to do so along with Security+. Here's my logic Let's say that you pass the Sec+ and then pass the CISSP exam, So now you have one certification, your Security+ and a designation from ISC(2), Associate of ISC(2) CISSP, which means you pass the exam but doesn't have the experience to get the cert. So lets say that the security domain related roles you need to get from other job roles in order to fulfill your experience requirement require you to have more then a Security + Certification, then what will you do? In other words, instead of the "ready, aim fire" approach, it's now fire,aim, ready. I could be wrong about this, but I believe if you pass the CISSP and get the Associate badge, it's good for the same amount of time as the CISSP. If that's true, then you will have to pay the full exam price the first time of $699 just to get the associate badge and then again 3 years renewal later just to get the "associate badge again".if you haven't met the experience threshold. My thinking is that if I'm going to spend that kind of money on an exam, (A) I'm going to expect the full cert upon passing, which means I will have had all the work experience to get it or (B) I will be darn close to meeting the work experience to get to convert from Associate to full CISSP before renewal. I agree with your logic. I believe i have the 5 years required experience. My goal for doing AWS cert was to get into the cloud security domain. Ok, got it. Well if you feel you have the 5 years, then I would say get the Security+ as you planned, then go for the CISSP then and AWS SA. That path makes sense. Just curious, since you want to go into cloud security, what do you think of ISC(2) Certified Cloud Security Professional?
@techgromit
If someone were so inclined, couldn't they also do the CISA/CISM for meeting the cert requirement for federal consulting instead of the CISSP? I'm just going by the DOD 8570 chart, so just wondering if you knew.
