From Windows Server Administrator to Security Career

sundarconfisundarconfi Member Posts: 7 ■■■□□□□□□□
Hi All..

I am Sundar & new to this forum. I have 13 years of experience in windows Server administration & Related technologies like AD, VM, Backup & Cloud. As my long desire to move into Security Career. Kindly advice me how can i build my career further in Security Area as i have already worked on Windows Server Security and related Hardening stuffs.

Even though there are good forum posts for building a security career here, i just find hard to see a post related to a Server Administrator building a career towards Infosec. I have presently MCSE, MCITP Certifications under my belt.

So experts please advice on how i can build my career in security with Certification Path & Various steps i need to do to build my career.




  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK Member Posts: 518 ■■■■■■■■□□
    What do you want to do in security?  What job position do you want to be doing?

    As you've somewhat said, you're kinda already doing security stuff, with hardening, permissions, managing servers, accounts, GPOs, patching, etc.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • yoba222yoba222 Senior Member Member Posts: 1,230 ■■■■■■■■□□
    With 13 years of server administration, you already have a huge edge over the glut of people with no experience whatsoever that have  decreed it to be their dream to work in information security. I'd grab a security cert or two and start applying for security jobs. Once you get that first security role, your path will sort of reveal itself.
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
  • McxRisleyMcxRisley OSCP, CASP, CySA+, CPT+, Sec+, CEH, Splunk Admin Member Posts: 494 ■■■■■□□□□□
    edited October 2019
    As LonerVamp stated above, you've already been doing security work. There is not much of a difference if any at all between lets say a remediation analyst and a windows server admin. 13 years is a LONG time to be a server admin for, I would question why you have been an admin for so long if it's your dream to work in security. Is this a recent dream that you've had? or are you just now deciding that you are looking for a change? 13 years as a server admin tells me a couple of things but the main one that sticks out to me is complacency. I interview people all the time and if I were hiring you to work for my team this would be a red flag. I need people that show drive, motivation and have the desire to improve themselves without me telling them to. Now I'm not saying that this is you, but its the impression I get from what little you have told me here. Just trying to help you out here because I wont be the only one asking these questions if you're looking to make a career change.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • sundarconfisundarconfi Member Posts: 7 ■■■□□□□□□□
    HI MCxRisley And Yoba .. Thanks for the suggestions..As i mentioned even though i am a windows admin,it includes team lead / Manager roles but i concentrated more on my technical stuffs. So i was in kind of technical Management role always rather than People Management. That's the reason i mentioned i was a Windows admin and always be a learner in technical stuffs.
    Coming Back to Security , its always a long pending dream to move to this field not just to career shift or paycheck. its a dream to move to full time security role to prevent and make sure my Infra is secured enough.  Also as this field keeps evolving with new Breaches & issues everyday, it would be helpful for me to stay updated always. But only thing , i didnt got to work full fledged into security role rather than being into Windows / Cloud/ Virtualisation. 
    So Getting Suggestions from experts like you all in this forum to get more idea whether its a good choice to move after my 13 years of experience.
  • Pmorgan2Pmorgan2 CISSP, CCSP, A+/Net+/Sec+/Project+, ECIH, ITIL v3, CIW SDA & WSP Member Posts: 115 ■■■■□□□□□□
    You can bridge the gap by looking into security engineering. Security engineering is basically system engineering with a lot more focus on designing your changes around security controls and/or considerations. Also you would be doing more SIEM / firewall / security appliance and software deployments. Having some knowledge in scanners, SIEMs, firewalls, FIMs, and other compliance tools would help you convert.
    2021 Goals: WGU BSCIA, AWS SAA, & AWS SecSpec
Sign In or Register to comment.