New here, re-entering the cert game after a long hiatus.

I'm a Systems Administrator of 10+ years in beautiful Colorado. I specialize in everything almost anything Microsoft and/or security. I've worked in small to large-ish environments and did my time working for an MSP, as well. My next career goal is to make the jump to something more specifically security-centric. To that end, I'm preparing to obtain my Comptia CASP+. I've been out of the certification game for a long time and could use some guidance on next steps.

In my spare time I enjoy nerdy hobbies like 3D printing (extrusion and a new SLA--which is awesome!), making singing floppy drives with an Arduino, building emulated arcade machines, making wine, fixing cell phone screens, pretending to be a competent auto tech (I'm really, really not), picking locks, watching DefCon lectures, and trying to get enough Linux time to apply for Linux-heavy Admin jobs with a straight face ("~$ cd ~/desktop", "GAH!", "~$ cd ~/Desktop").

My favorite video game is BioShock Infinite and my favorite gaming console may still be the Nintendo 64.

Find more posts tagged with

Comments

Neil86

Welcome! I've been interested in 3D printing and would love to get one soon.

stryder144

Hey, welcome! I am also in Colorado (south Denver suburbs). Since you are thinking about going into the Cyber realm, consider joining the Cloud Security Alliance or a local CitySec (DenverSec is awesome). That will get your name/face out there for others in the game to see/know.

PCTechLinc

The N64 may well be the very best console and controller with the best choice of games ever made. I don't have time to play my emulated games. /sad face

stryder144

I want to buy another Sega Genesis and the Monaco GP II game...absolute favorite game for me. Oh, and Road Rash, too!

MarcusStar

RickyJo said:

I'm a Systems Administrator of 10+ years in beautiful Colorado. I specialize in everything almost anything Microsoft and/or security. I've worked in small to large-ish environments and did my time working for an MSP, as well. My next career goal is to make the jump to something more specifically security-centric. To that end, I'm preparing to obtain my Comptia CASP+. I've been out of the certification game for a long time and could use some guidance on next steps.

In my spare time I enjoy nerdy hobbies like 3D printing (extrusion and a new SLA--which is awesome!), making singing floppy drives with an Arduino, building emulated arcade machines, making wine, fixing cell phone screens, pretending to be a competent auto tech (I'm really, really not), picking locks, watching DefCon lectures, and trying to get enough Linux time to apply for Linux-heavy Admin jobs with a straight face ("~$ cd ~/desktop", "GAH!", "~$ cd ~/Desktop").

My favorite video game is BioShock Infinite and my favorite gaming console may still be the Nintendo 64.

Welcome! That's so cool to see a veteran in the field going for their certifications! I just joined the website about an hour ago and have been reading tons of new threads here. Doing my best to learn and understand what my first steps should be.

How do you like learning for COMPTIA? I am looking at A+ and Network+ by them but am not sure yet.

Good luck!

P.S. - I love BioShock so much! I remember playing it on my old xbox360 when I was younger. Boy does time fly!!

LonerVamp

First, welcome!

Second, your journey may sound a bit familiar. I started out doing years of work as a sysadmin and had a lull of about 10 years where I really earned nothing outside of work accolades and whatnot. I then wanted to pivot into full-time security work as opposed to part-time + hobbyist. And that required making sure I'm putting my learning and resume as priority activities.

So, here are two things I'd suggest:

1. Have some goals in mind on what you want to do. It *can* be enough to just say you want into infosec roles, but you probably need to be real about what you truly are wanting to do most in those infosec roles. Do you want to design/architectu, do malware analysis, forensics, red team/offense, blue team/defense, network security, identity administration, compliance/audit, building tools/development, etc. Having some idea what you like can help inform your path to get there. You can stay general, but realize you may have to work hard to be amongst the best candidates in those specialized areas. So, figure out what you want to do, what you'll accept doing, and what you don't want to do, and start making dots between where you are now and how to get there. Also, be honest and open with yourself about salary expectations, as well. Going from a 10+ year sysadmin career over to a "new" security specialist may incur a small bump down in pay. But, be sure to sell everyone you meet on your experience and knowledge of enterprise networks and systems that give you a huge advantage over more junior security folk!

2. When it comes to infosec certs, I usually suggest people start with Security+ and then (if you qualify for experience requirements) move right up to CISSP. With 10 years of sysadmin work, you've surely worked with network controls, permissions, account controls, patching, etc over your time. So, I'd suggest moving to your CISSP as soon as you can. That will get you noticed. I would honestly shoot for that before your CASP. I don't honestly see anyone asking for a CASP, but everything suggests CISSP. Even with your experience, I still suggest starting with Security+ as it gets you into the habit of studying, and there's lots of terminology overlap as you them move to CISSP.

That said, you can shoot for your CASP. I just personally would say do CISSP first, then finish CASP out.

After that, tackle that areas that connect your dots. Either they are topics/certs you need to get noticed and prove you know things, or they may be studies/certs that shore up weak areas you have. If you want to go do red teaming/offense/pen testing, you'd better direct yourself towards the eLearn pentesting track or PWK/OSCP soon.

RickyJo

Wow, so much to reply to! I'm going to work from the bottom up:

@LonerVamp : This is really helpful advice. I confess that red team is the most fun. I spend a lot of time following DefCon and trying out exploits in my home lab. I sort of got the feeling I'd have to take my lumps as some generic Jr. Security/glorified-patch-admin or something. However, if I could jump directly into Jr. Pen Tester I'd be much happier. That said, I have also enjoyed pushing the security work forward in my regular Systems Administrator jobs, so I'm not too picky. I just want to move in the right direction. I got my S+ three years ago and let it expire, so I'll probably renew it and grab the CASP+ because I already bought the voucher. Then, what the heck, I've been intimidated by CISSP, but once CASP is done it seems like what needs to happen.

@MarcusStar : Hello! I've had good luck with CompTIA. If you're getting started it seems like these certifications really are the ones everybody knows and looks for--they get you through the resume filter and all that. They are very achievable. I, honestly, just got a few basic certs and coasted on experience after that. Early in my career though, it was a huge help, more-so than my two-year degree which I worked much harder and longer on. You'll probably get a lot of bang for your buck and effort with A+, N+. I started with A+, N+ and MCP for XP Pro (which was the main OS at the time). Never had any problems getting Systems Administrator jobs after that. Maybe get the A+ and N+, then consider whatever Microsoft's Windows 10 cert is these days. That'll get you Help Desk/PC Tech easy if you got the technical chops to match the certs; put in a year or two there and you'll be ready for Jr. Sys Admin.

@stryder144 : Stryder, this is very exciting! I wasn't sure what to join. You, also being semi-local (relative to me) can maybe help me with another question: how the hell does one get beyond a certain level in Colorado without a security clearance? I've definitely stagnated as far as earning potential the last five+ years, and I feel like that's my biggest hangup (I'm not complaining, being a SysAdmin is more great money; just ever-upwards, and all that). I have no military background and am wondering if InfoSec is even possible without moving out of state. Are all the jobs in Denver for security requiring clearances like down here in the springs?

@Neil86: I just got a Cubic Photon, and I love it. It's orders of magnitude more detailed than extruded printing but the material costs are higher. Every once in a while I print something and think, "to hell with it, I'll just sell Warhammer figures on eBay!"

@PCTechLine: you are objectively correct and anyone that thinks otherwise is a fool

RickyJo

Wow, so much to reply to! I'm going to work from the bottom up:

@PCTechLine: you are objectively correct and anyone that thinks otherwise is a fool

RickyJo

Wow, so much to reply to! I'm going to work from the bottom up:

@PCTechLine: you are objectively correct and anyone that thinks otherwise is a fool

RickyJo

Wow, so much to reply to! I'm going to work from the bottom up:

@PCTechLine: you are objectively correct and anyone that thinks otherwise is a fool

RickyJo

Hey friends, passed the CASP. Thank you!