Career path for IT, with emphasis on Security

Hello everyone.

I am trying to devise a certification path that I would eventually follow in the years to come. My goal is to get certifications from the big-timers such as Microsoft and Cisco, but with an emphasis on security. My ultimate goal would be something along the lines of Cisco, so I would say CCSP.

I currently hold A+ and Security+. What would be the next logical step for me? Does Microsoft have any certs inclined towards security?

I guess my path would be something like this:

A+ --> Security+ ----> _______ ---> _______ ---> CCSP

What are good certs to get before my ultimate goal of CCSP? Possibly CISSP?

Working on MS-ISA at Western Governor's University


  • mwgoodmwgood Member Posts: 293
    CCNA is a prerequisite... so you can plan on that.

    If you want a decent Microsoft cert - I'd at least do MCSA if not MCSE.

    If interested in security - look at CEH also.
  • janmikejanmike Member Posts: 3,076
    Here is the page for infor on the MCSA 2003 Security Specialty,

    Good luck!
    "It doesn't matter, it's in the past!"--Rafiki
  • keatronkeatron Security Tinkerer Member Posts: 1,213 ■■■■■■□□□□
    If you're really going to be security heavy, I would suggest going ahead and doing the full MCSE Security path. While the MCSE is designed more for network architects and design professionals, the knowledge gained will prove valuable as you go about trying to secure large Microsoft technology based networks. Why? Because you will have a decent understanding of how they are designed which will enable you to better secure them. I usually don't recommend MCSE for people not actually looking to do network design and complex implementations, however, the theory and conceptual knowledge you gain about active directory design puts you in a much better position to exploit it's weaknesses.

    CISSP is designed for professionals who have actually been in the security field for a while who have now moved into managing other security professionals and providing consulting services for other companies and government agencies. Some people mistakenly think that CISSP does not require much technical depth since it's more of a security management certification. This is dead wrong. To truely understand and prove your knowledge in the areas being tested on you kinda have to have "been there and done that".

    I would suggest that after the MCSE (or in parallel mode) pursue some of the Cisco certifications while keeping your emphasis on the security side (and work some voice in whenever possible). In the Cisco forums you have Kenny, Mikej, Keenon and many others who are as sharp as a razor when it comes to those technologies and applicable certifications. So spend some time there, even if you don't feel you're ready, you'll gain knowledge just from reading the conversations.

    Get yourself on ebay and find some cheap routers, build yourself a little mock WAN, and go to work. Also look into getting a copy of Virtual PC or Virtual Machine.

    This is just a start but once you get going you'll start to get a better understanding of where you are and where you want to end up.

    Good luck.
  • Vask3nVask3n Member Posts: 517
    Thank you.

    That advice is extremely helpful, I will definately take it all into consideration.
    Working on MS-ISA at Western Governor's University
Sign In or Register to comment.