Advice on where to start as someone with aspirations in CS starting with no degree and only certific

endjinn

i'm looking for recommendations on viable certifications to start an entry level job making my way towards cyber security. i've been reading up and most people here say getting a job with no degree will probably require some experience working simple IT or even what people refer to as helpdesk. so i'm wondering if anyone could give me any specific advice on a smart direction to start either with finding any sort of IT or helpdesk job to advance my knowledge and career. it almost sounds like people are saying go get any customer service job at xfinity but i feel as thought blindly moving to an over the phone help desk at any company would be a bit naive. Would it be better to just get some decent certifications myself i.e Sec+, CySA+, Net+. and if so which certifications would be the most important to start with. i'm not opposed to getting a full degree in computer science or whatever direction would ultimately be required for the most gainful employment, but i'd like to start making steps immediately that don't involve enrolling in college.

JDMurray

If your career path is InfoSec then it doesn't make sense to start a degree that takes you down a different career path. Most people in InfoSec do not have a CompSci or CompEng degree and really have no idea how software works. That being said, understanding how software enables hardware to do work is a very good thing for an InfoSec professional to know, but you don't need a full-blown CS degree to do it. In fact, a CS degree on your resume will make some InfoSec hiring managers think you'd rather be a programmer working on security engineering projects, such as building rules and modules for SIEMs, or working in AppSec looking for vulns in code. If that's what you want to do that's great. But if you want to be a security analyst or incident responder then the CS degree is overkill.

So what do you want to do for a career in InfoSec?

endjinn

haven't even made it that far!
 The security aspect just has been the most grabbing for me while i'm trying to learn coding and systems so I wanted to try and ask people where to start if that's what interests me. A lot of recommendations from podcasts and forums are exactly that, a BA or masters in Computer science isn't exactly necessary or even optimal for starting a career in what people describe as "security". Is there anywhere to start at the base level of IT and develop experience at least around the field while identifying what exactly your desired niche is?

JDMurray

You can look at the CompTIA security career track as a guideline. You'll study A+, Network+, Security+ as a foundation and branch into CASP+, CySA+, or Pentest+ as a specialization. Pentest+ has programming topics (Ruby, Perl, Python, Javascript), but the cert itself won't teach you programming.

Software engineering alone will not teach you much about security. You will also need to study secure coding practices, the Secure Software Development Lifecycle (SSDLC), and software vulnerability analysis. Have a look at the topics on the (ISC)2 CSSLP cert to get an idea of how software and security mix.