Community Manager at Infosec!
Who we are | What we do
Starting cyber security with 12 years of software development background.
Nvntn
Member Posts: 2 ■■□□□□□□□□
Hi
I know there are many experts here in cyber security and can help me in diving to cyber security ocean. I have 12 years of software development background. From past 4 years I am working on getting FIPS, JITC certification to my software applications. With the knowledge of software libraries and TLS protocol, etc, I am interested to move into cyber security area. Request to provide more knowledge on is that a good decision to move from development to cyber security with 12 years of experience. Which certifications shall I plan to complete to land in a good job in the cyber security with my previous experience.
Thanks in advance for your suggestions.
Nvntn
I know there are many experts here in cyber security and can help me in diving to cyber security ocean. I have 12 years of software development background. From past 4 years I am working on getting FIPS, JITC certification to my software applications. With the knowledge of software libraries and TLS protocol, etc, I am interested to move into cyber security area. Request to provide more knowledge on is that a good decision to move from development to cyber security with 12 years of experience. Which certifications shall I plan to complete to land in a good job in the cyber security with my previous experience.
Thanks in advance for your suggestions.
Nvntn
Answers
-
Nvntn Member Posts: 2 ■■□□□□□□□□Also wanted to know the area in cyber security where my previous skills of software development would help for my future career in cyber security.
-
odomscd Member Posts: 19 ■■■□□□□□□□I would like to know the answer to this as well1. I hope someone gives you an answer soon. LOL. I will keep checking back.
-
iBrokeIT Member Posts: 1,318 ■■■■■■■■■□DevSecOps is the latest buzz you could jump on to...
2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response -
odomscd Member Posts: 19 ■■■□□□□□□□iBrokeIT: I just looked up what DevSecOps is. Can you recommend a site or a course to learn more about this? Thanks
-
iBrokeIT Member Posts: 1,318 ■■■■■■■■■□You could also search that term on youtube for some great talks2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response -
Infosec_Sam Admin Posts: 527 Admin@JDMurray might have a good answer for you! I know he had a software development background before getting into cybersecurity.
-
the_Grinch Member Posts: 4,165 ■■■■■■■■■■I'd say any of the normal cybersecurity certifications should work for you (CISSP, Security+, etc). The big question is what aspect of cybersecurity are you trying to break into? Your software development background would help you in any of the cybersecurity realms, but to really answer your question we'd need to know where you'd like to end up. Pentesting? Auditing? Network Security? System security? All great paths, but all require a different road.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
JDMurray Admin Posts: 13,088 AdminThe good thing about a cybersecurity professional having a software background is that they understand how the technology works on the inside with respect to how data processing and logical decisions are performed. Knowing how software actually controls hardware is necessary too. All hardware is useless without some sort of software/firmware/microcode to tell it how to process data. You also understand first-hand things like what a patch is and how networking really works from a software perspective.
The bad thing about being a software security professional is that 99.9% of the problems you will work on are about software engineering and not information security. Many people volunteer to work on OpenSource security software projects and end up learning nothing about security from it. (For example, learning how to write a Malware scanner will teach you almost nothing about Malware itself.) You will need to move away from working in software as your primary responsibility in order to become a practiced InfoSec professional. -
odomscd Member Posts: 19 ■■■□□□□□□□Now that I have been studying the different paths and certs, I think that the DOD does a good job of lining up the certs to different career paths. Some of the certs appear to be multi-functional. Take a look at the DOD baseline chart "https://public.cyber.mil/cwmp/dod-approved-8570-baseline-certifications/". I think it will give you a good start to understanding what to select. I keep referring to it.
It also has a table that lists the Certification Providers associated with each approved certification.