Information Security Analyst to Systems Security Engineer

NoOne_CipherNoOne_Cipher -Member Posts: 5 ■■□□□□□□□□
edited May 2019 in Professional Development
Hi Community,

I like this forum a lot, been lurking for a few weeks now. Next week I will have my final interview for a Systems Security Engineer post. I am currently working as an Information Security Analyst 3. My main duties are: security monitoring, incident response (first responder) and security engineering of the tools that the company are purchasing.

My goal is to become a Security Architect / Consultant. I'm still torn between the two.

For certifications I have ITILv3 and a lot of vendor and online certifications. I guess luck is on my side. When I started working after I got my degree, my first experience was in the InfoSec department and those were the days that CyberSecurity wasn't a hot topic as now.

Can you, Sirs and Madams, provide me guidance on how can I advance in the Security Engineering field? What certs I should focus? What are the resources (books, online videos, etc.) I should start investing my time into given that I get the position? Thank you. 

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    My advice would get your CISSP and then focus on whatever technologies are going help you the most.  Would look at the job ads of positions you want and see what they are asking for.  They don't make it secret on what skills they want their future employees to have.  ;) 

    Other than that, put yourself out there and join groups in your area and network with people.   Knowing the right people can be huge!
  • matt333matt333 Senior Member Bay AreaMember Posts: 257 ■■■■□□□□□□
    edited May 2019
    get your CCNA/JNCIA if you dont already way to many cyber security professionals dont understand how a network is built and end up in the way, proposing poor designs and loading up other teams with dumb policies. /rant
    Studying: Automating Everything, network API's, Python etc.. 
    Certifications: CCNP, CCDP, JNCIS-DevOps, JNCIS-ENT, JNCIP-DC
  • mikey88mikey88 CISSP, CySA+, Security+, Network+ and others Member Posts: 494 ■■■■■■□□□□
    My advice would get your CISSP and then focus on whatever technologies are going help you the most.  Would look at the job ads of positions you want and see what they are asking for.  
    May not all be InfoSec related, but here are a few most requested skills that I come across quite often.

    Nessus, Splunk, AWS/Azure, Python, Chef, puppet, ansible, VMware, 
    Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux

  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK Member Posts: 515 ■■■■■■■■□□
    I suppose it first matters what "Security Engineering" means to you. I'm not sure many places that don't have a strong SOC really define analyst and engineer all that differently.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2020 goals: AWS Security Specialty, maybe AWAE or SLAE, CISSP-ISSAP?
Sign In or Register to comment.