Little confused with qualifications in UK

anizaniz Member Posts: 8 ■□□□□□□□□□
Currently I’m pursuing a masters in Cybersecurity in UK. I’m interested in blue team side like SOC analysts or Security analysts roles, but couldn’t find a good certification for it. I practice stuffs from online labs for SIEMs tools, trainings, etc. And I was thinking of doing a CREST CPSA or CEH for these roles, which one will be good? As applying without a cert is better than with a cert? 

Thanks!

Comments

  • anizaniz Member Posts: 8 ■□□□□□□□□□
    Any suggestions is highly appreciated. 
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    Blue Team level 1 cert, eLearnSecurity has similar courses. You definitely dont need CEH or CREST
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • anizaniz Member Posts: 8 ■□□□□□□□□□
    UnixGuy said:
    Blue Team level 1 cert, eLearnSecurity has similar courses. You definitely dont need CEH or CREST
    Any cert other than CREST, like elearn security courses will it be considered to pass hr or for interviews?
  • JDMurrayJDMurray Admin Posts: 13,096 Admin
    As a hiring manager in a SOC myself, I say the CompTIA CySA+ (CS0-003) is pretty much what we do on a daily/weekly basis.
    Job postings are where the HR requirements are. You need to look at job postings for SOC Analysts at all levels and see what certs are asked for. It's the interview(s) with the hiring manager and interview panel where you have a chance to make yourself appear as "great value for the money" by having advanced training, certs, degrees, experience, and presentation. You find out what being a "great value" is to the org by doing OSINT recon on the org itself.




  • anizaniz Member Posts: 8 ■□□□□□□□□□
    JDMurray said:
    As a hiring manager in a SOC myself, I say the CompTIA CySA+ (CS0-003) is pretty much what we do on a daily/weekly basis.
    Job postings are where the HR requirements are. You need to look at job postings for SOC Analysts at all levels and see what certs are asked for. It's the interview(s) with the hiring manager and interview panel where you have a chance to make yourself appear as "great value for the money" by having advanced training, certs, degrees, experience, and presentation. You find out what being a "great value" is to the org by doing OSINT recon on the org itself.




    Yeah thanks for the info. I looked into the postings, saw that many don’t ask for a cert in SOC positions but some asks like an entry level CEH or SEC+. Usually in UK, CREST is given more value but still some accepts other options also. So mainly I was wondering a more generic cert for overall? Like Cysa+ is good but any alternatives?

     If I do CEH? Because I got a scholarship from EC-Council and the exam fees got reduced a lot by 80%, so will it be good?

    Thanks!
  • JDMurrayJDMurray Admin Posts: 13,096 Admin
    edited June 2023
    The only certs that are good for you are the ones asked for--or just mentioned--in job postings for the kind of work you are looking for. One hiring manager may think C|EH is great, but another might think it's bogus and not want to interview you because you have it. This personal preference shows that certifications can entice--or discourage--a hiring manager from giving you a first-round interview.
    It's also not easy to determine what the hiring manager is really needing based on the job posting. For example, if it is asking for "a Security+ or CISSP cert" they might really want a CISSP but would settle for a Sec+, or they are only looking for someone with a Sec+, but don't want to exclude CISSP candidates that don't have Sec+. Better if you have the CISSP in either case. Even better if you can talk with the hiring manager before actually applying for the position.
    Getting a (good) job takes a lot of work.
  • anizaniz Member Posts: 8 ■□□□□□□□□□
    Yup I understand, so a more generic cert like Sec+ will be great for entry level roles or skip the help desk positions, since I also got a masters degree? Cause I saw there’re lot certifications listed but mostly Sec+ is common.
  • anizaniz Member Posts: 8 ■□□□□□□□□□
    JDMurray said:
    The only certs that are good for you are the ones asked for--or just mentioned--in job postings for the kind of work you are looking for. One hiring manager may think C|EH is great, but another might think it's bogus and not want to interview you because you have it. This personal preference shows that certifications can entice--or discourage--a hiring manager from giving you a first-round interview.
    It's also not easy to determine what the hiring manager is really needing based on the job posting. For example, if it is asking for "a Security+ or CISSP cert" they might really want a CISSP but would settle for a Sec+, or they are only looking for someone with a Sec+, but don't want to exclude CISSP candidates that don't have Sec+. Better if you have the CISSP in either case. Even better if you can talk with the hiring manager before actually applying for the position.
    Getting a (good) job takes a lot of work.
    Yup I understand, so a more generic cert like Sec+ will be great for entry level roles or skip the help desk positions, since I also got a masters degree? Cause I saw there’re lot certifications listed but mostly Sec+ is common.
Sign In or Register to comment.