Security Implementation/Architecture Path
mikey88
Member Posts: 495 ■■■■■■□□□□
So I recently acquired CISSP certification just because it's highly sought after, but I'm not really interested in management track right now. My other certs are CompTIA (CySA+, Sec+ etc) My current duties right now are mostly administration of existing cybersecurity tools as well as server management etc.
What I'm looking to do is move into more of an Implementation Engineer/Architect role. So what skills should I be learning? What about certifications?
CASP - How valuable is it actually outside of DoD?
CCNP Security - Cisco proprietary, how valuable is the knowledge to deploy non cisco gear?
MCSE - No security track for MCSE currently?
RHCA - We deploy some red hat servers but I don't know how common they are in enterprise environments?
VCP/Citrix/AWS/Azure - Not sure how valuable these are
Anything else I'm missing? Thanks for reading.
What I'm looking to do is move into more of an Implementation Engineer/Architect role. So what skills should I be learning? What about certifications?
CASP - How valuable is it actually outside of DoD?
CCNP Security - Cisco proprietary, how valuable is the knowledge to deploy non cisco gear?
MCSE - No security track for MCSE currently?
RHCA - We deploy some red hat servers but I don't know how common they are in enterprise environments?
VCP/Citrix/AWS/Azure - Not sure how valuable these are
Anything else I'm missing? Thanks for reading.
Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux
Comments
-
stryder144 Member Posts: 1,684 ■■■■■■■■□□How about one of the CISSP concentrations or the TOGAF?The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia
Connect With Me || My Blog Site || Follow Me -
JDMurray Admin Posts: 13,091 AdminSecurity architecture and security engineering (implementation) are two different career paths that are alternatives to working in security operations. When deciding on certs for any of these career paths, you should look at many job postings and note which certs are asked for in the jobs that appeal to you. Also, note what non-cert qualifications are asked for. You will find that there is rarely an "entry-level security architect" position advertised and that many architects were security (or network) engineers and even started in security operations. Engineers need to be more technical than architects, but architects that have a good technical background are usually better than those that don't.
Also, keep in mind:- Most enterprise networks are based on Microsoft Active Directory.
- Most servers and midpoint boxes are running UNIX or Linux.
- Most user interfaces use Web-based technologies.
- Organizations that are growing are moving to the Cloud and AWS is the big dog in that area.
- Security is about defending against active and malicious attackers. You must always be aware of this in your architectural or engineering mindset. Anything else (accidents, incompetence, negligence, etc.) is just safety issues.
-
JDMurray Admin Posts: 13,091 Adminmikey88 said:So basically know everything haha. If only I had unlimited time
This is why you need to look at job postings to see what employers are looking for. No one can be a hands-on SME in everything. An AD architect must be very experienced in AD networks, but many orgs won't care that their engineers are UNIX/Linux experts if you know how to get around on the command line. You need to find what is in demand and what you enjoy and that will indicate your most successful career path until the market, or your desire, changes.
No matter how much you may not like it, finding a new job--and a new career--is work. -
Pmorgan2 Member Posts: 116 ■■■■□□□□□□I am doing security engineering now. Here's what I would recommend:
- Experience 6+ years in system, network, and/or sysops administration. This is called system support services, infrastructure, or SAN experience at various places.
- Get your CCNA, MCSA, Linux+, and VCP-DCV to demonstrate solid fundamental understanding of systems infrastructure.
- Get Security+, SSCP, GSEC, CASP, CISM, CISSP, or GSE to demonstrate a fundamental understanding of a wide array of security topics. Skip straight to CISM, CISSP, or GSE if you're capable, or build your way up.
- Get CRISC, GSNA, GCCC, GMON, or CISA to demonstrate security compliance knowledge.
- Select a focused security area of expertise and get advanced certifications in that area. I.E. - JNCIE / CCIE Security / PCNSE for network security engineering. GAWN / OSCP / OSCE for system testing. GICSP / GRID / GCIP for industrial control system security architecture. Project+ / CAPM / GCPM / PMP for project management if you're going into a large organization.
- As you prepare to move from security engineer to security architect, learn and certify advanced knowledge in multiple focus areas.
- Get a Junior SysAdmin or help desk job.
- Security+ or SSCP
- MCSA
- CCNA
- Linux+ and/or RHCSA
- Move to SysAdmin or SysOps if you haven't already.
- VCP-DCV
- GSEC or CASP
- Move to Risk Compliance or Security Management
- CISM, CISSP, and/or GSE
- One or two of: CCNP Sec, GMON, GCCC, GCIH, GCFE, CISA, GCWN, GPEN, GAWN, OSCP, OSCE, GREM, CFIP, GRID, ENSA, ect.
- Move to Security Engineering
- CISSP or GSE if you haven't already. CISSP-ISSEP, CISSP-ISSMP, or OSCP if you have.
- Move to Security Architecture
- Get GSLC, CISM, and a master's degree
- Move to CISO / CIO / CEO
2021 Goals: WGU BSCSIA, CEH, CHFI | 2022 Goals: WGU MSCSIA, AWS SAA, AWS Security Specialist -
UnixGuy Mod Posts: 4,570 ModI wrote about SABSA, check it out https://community.infosecinstitute.com/discussion/135591/sabsa-foundation-training-reviewReading the book might be sufficient from a knowledge perspective, if you are interested in Enterprise Security Architecture.