Hello,
My Question:
Do you think I should start my journey in Cloud Security & Cyber Security through the
Security+ from Comptia and Cyber Security Certified from (ISC)2 certifications
to strengthen my Information Security fundamentals before I move towards Cloud
Security, & Cyber Security?
My Background:
I have no technical experience (I have not been part of the engineering
team designing or implementing security solutions) in Information Security. I
am from a non-technical background. In my current job, I am responsible for
Cloud Governance. I am working as a process consultant responsible for defining
processes, policies, and guidelines governing cloud workloads within my
company. I am Azure Fundamentals, & AWS Cloud Certified Practitioner
certified and at the moment working on my SC-900 (Microsoft Security,
Compliance, and Identity Fundamentals) certification. I have implemented ISO
27001 Information Security Framework, and I have been ISO 2701 Lead Auditor.
My plan/ambitions:
I want to be certified in Cloud Security & Cyber Security and I am aiming to be CCSK
certified in the next 3 months. My objective is not just to get a certificate,
I want to have a strong foundation in Cloud Security and move towards Cyber
Security Governance, Compliance, & Auditing.
I don't want to be in an actual Technical job (engineering team). I
want to be part of the auditing and governance team wherein I get to define
processes, procedures, and policies and perform auditing verifying the controls
implemented against CSA STAR Certification for Cloud Security and verify the
security and Cyber Security posture of an organization using the NIST, or other
Cyber Security frameworks or Standards.
Please help me with pointers on how do I start my journey in Cloud
Security and Cyber Security.
