Based on my experience/certifications what should I do next?

Lenniusce

Hello,

Based on the following, what would you guys recommend I do next in terms of job/certifications? Looking for advice. Thanks in advance!

Location: San Diego, CA
Working in IT: Since 2011
Working as Network Engineer: Since 2016
Current Job: Associate Manager / Network Systems Engineer - The sole network engineer in a large development team. Networking here is fairly easy for someone like me, no advanced protocols used.
Prior Job #1: Network Engineer IV - Government Contractor - Lead Manager over 3 direct reports. Didnt like leading so I found another job and got 20%
Prior Job #2: Network Engineer - Government Contractor - Left for 20%
Prior Job #3:Test Engineer - Government Contractor - Left for contract reasons
Prior Job #4: IT Specialist - MSP in San Diego as helpdesk/support for two companies Left for 20%

Education #1: MSIS from Auburn University
Education #2: MBA in ITM from WGU

Certifications: PMI PMP, CCNA, A+, N+ Sec+, Linux+, Server+, MCSA Server 2016

matt333

Sounds like you want a more complex environment to work in. I'd say you can go everywhere. 5+ years of experience is enough to move to another network engineer role it just depends on what size of a company you prefer to work in. 

JDMurray

What degrees/certs next depends on where you want to take your career next. Any ideas?

Lenniusce

JDMurray said:

What degrees/certs next depends on where you want to take your career next. Any ideas?

I want to do a combination of networking but adding in network programming skills and network security.

My currently company pays for: CISSP, all GIAC certifications, CISM, CISA regardless of whether or not I pass them.

However, they DONT cover any Cisco certs. I kind of want to get the DEVNET but think the CISSP could be useful. Part of why I’m throwing this out there for ideas/input.

JDMurray

Of those certs, CISSP has the best ROI across all of the InfoSec profession. However, free GIAC certs is very tempting, especially with their programming-oriented certs. Does that funding include the corresponding SANS training as well?

E Double U

JDMurray said:

Of those certs, CISSP has the best ROI across all of the InfoSec profession. However, free GIAC certs is very tempting, especially with their programming-oriented certs. Does that funding include the corresponding SANS training as well?

I second this. All other certifications I would self-study for, but when an employer is willing to pay for SANS/GIAC I jump on it because I would never pay out of pocket with their high price tags. 

Lenniusce

JDMurray said:

Of those certs, CISSP has the best ROI across all of the InfoSec profession. However, free GIAC certs is very tempting, especially with their programming-oriented certs. Does that funding include the corresponding SANS training as well?

The offer training along with each cert. They offer about 170ish certs that can be taken without coming out-of-pocket up to 3 attempts.

Here are some samples of exams they offer under the "Cyber" category:

CAP - Certified Authorization Professional

CCSP - Certified Cloud Security Professional

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA)

CISSP - Certified Information Systems Security Professional

CompTIA CySA+

CompTIA Security+

CSSLP - Certified Secure Software Lifecycle Professional

EC-Council Certified Ethical Hacker (CEH)

GCED: GIAC Certified Enterprise Defender

GCFA: GIAC Certified Forensic Analyst

GCFE: GIAC Certified Forensics Examiner

GCIA: GIAC Certified Intrusion Analyst

GCIH: GIAC Certified Incident Handler

GCSA – GIAC Cloud Security Automation Certification

GEVA - GIAC Enterprise Vulnerability Assessor

GNFA: GIAC Network Forensic Analyst

GPEN: GIAC Certified Penetration Tester

GPYC: GIAC Python Coder

GSLC: GIAC Security Leadership Certification

GSTRT: GIAC Strategic Planning, Policy, and Leadership

GWAPT: GIAC Web Application Penetration Tester

GXPN: GIAC Exploit Researcher and Advanced Penetration Tester

Palo Alto Networks Certified Cybersecurity Associate (PCCSA)

Palo Alto Networks Certified Network Security Administrator (PCNSA)

Palo Alto Networks Certified Network Security Engineer (PCNSE)

SaltStack Certified Administrator (SSCA)

SaltStack Certified Engineer (SSCE)

SSCP - Systems Security Certified Practitioner

E Double U

@Lenniusce - Since you mentioned network security, I would recommend SEC530 (GDSA) though I do not see it in the list above. That material was valuable for my previous network security role. 

Is there a limitation on the amount of certifications you can do per year? Is there a requirement for you to stay employed with them for so long after achieving the credential or pay them back if you leave within so much time of obtaining it?

As @JDMurray said CISSP has the best ROI, but I personally do not feel that training is necessary. Interested to see which direction you choose. Good luck either way.

DatabaseHead

I am in no way an industry expert in your space, but this one sounded pretty interesting.  

CSSLP - Certified Secure Software Lifecycle Professional

Just saying......  

SteveLavoie

CISSP is a certification well-suited for self-study. There is no way you can cram it in a bootcamp unless you had studied before. In your case, I would jump on any SANS/GIAC course because training is very good and price tag very high.. 

scasc

For me, GIAC/SANS is incomparable. I think you will pick up some really great skills if you venture down and focus on this route. 

TechGromit

Lenniusce said:

My currently company pays for: CISSP, all GIAC certifications, CISM, CISA regardless of whether or not I pass them.

Wow! They hiring.   My company was paying for training and certs, but once they were compliant with the regulations issued by the Nuclear Regulatory commission, the training budget got cut. I even have to pay for renewals on my one dime now.