Help required choosing Security Certification
anotherday
Member Posts: 4 ■□□□□□□□□□
Hi All !
I have a Bachelor of Engineering in IT.And a recent post graduate diploma in Cyber Space Security.I recently got Comp TIA Security + certified.
I really need a frank opinion in choosing my next certification.I am a fresh graduate with 3 months ( internship) of experience as IT support.And m also looking for jobs now.
My main interest is to go into Info.Security ( Risk Mgmt domain is also of interest to me ).
Can anyone please suggest me something ?
I'd be grateful.
Thank You.
I have a Bachelor of Engineering in IT.And a recent post graduate diploma in Cyber Space Security.I recently got Comp TIA Security + certified.
I really need a frank opinion in choosing my next certification.I am a fresh graduate with 3 months ( internship) of experience as IT support.And m also looking for jobs now.
My main interest is to go into Info.Security ( Risk Mgmt domain is also of interest to me ).
Can anyone please suggest me something ?
I'd be grateful.
Thank You.
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□Be sure to read through all the stickies at the top of this forum. There is some very good information in those.
What area are you interested in working in (Microsoft, Cisco, Firewalls, etc.)?
Welcome to the forums, and congratulations on your Security+ pass. -
JDMurray Admin Posts: 13,101 AdminThe way you get into InfoSec is by leveraging your current experience and skills. For you that would be IT and netadmin. Concentrate on the learning security aspects of those fields and getting the related certifications (CCNA: Security, CCSP, SSCP, etc.). Emphasize the security parts of your job on your resume.
All of InfoSec is about risk management. If you specially want to work in risk management itself, the financial, insurance, or healthcare industries are what you should focus on, as they are very RM-focused. -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■JD is right on the money. If there is one thing I have learned so far between studying for the CEH exam and trying to find an info security job is you have to have sound knowledge of what it is you want to secure. Because if you don't have a solid grasp of how a technology works there isn't a good chance you will be able to secure it. So if its networking (Juniper/Cisco), Windows (MCSA/MCSE, 2008 might be good as well because not a ton of people have jumped on it just yet), or Linux (Red Hat, Solaris) all offer certification and a place to start. Experience is key! On another note, with you educational background you shouldn't have an issue being granted an educational waiver to take the Certified Ethical Hacker exam. Good luck and congrats!WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
anotherday Member Posts: 4 ■□□□□□□□□□Thank you all! Appreciated ! Reading those sticky thingy didnt help much
I need a plain suggestion of all the certifications step by step from security + to CCSP/ CISSP
I really expect a good / beneficial suggestion from the senior members here.Please help me.
Also,I read about SSCP.What is with the Associate SSCP thing ?
Regards. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□anotherday wrote: »Thank you all! Appreciated ! Reading those sticky thingy didnt help much
Did you see this post? That's gold.anotherday wrote: »I need a plain suggestion of all the certifications step by step from security + to CCSP/ CISSP
CCNA > CCNA: Security > CCSP
Consider doing the CCNP as well. Like Mike says, how can you secure something you don't understand?
CISSP can fit in anywhere, but you'll need four years of experience to qualify (it's five by default, but one of your other certs will take a year off).anotherday wrote: »Also,I read about SSCP.What is with the Associate SSCP thing ?
You're an associate if you pass the exam but don't meet the experience requirement. You earn the full certification once you meet the requirement. You can be an associate for the CISSP as well.anotherday wrote: »Do you suggest writing CEH ?
It's a good introduction into ethical hacking/pentesting. Does that interest you? -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■I find the CEH to be the next logical step after Security+. Thus far I have found it to be like Security+ on steroids. You'll get an overview on tools and methods for beginning and finishing a penetration test. It won't make you a hacker, but I think it is a good place to start. But like others have said you need to know what you want to deal with. System Security? Network Security? Penetration Testing? Vulnerability Research? Security areas are like flavors of Linux, there are tons.
Like dynamik said, you gotta know how something works before you can secure it. That is part of the reason you see big experience requirements for security positions. Most people start off as a System/Network Administrator for a few years and then move to security. In that time you learn what works, what doesn't, and how to get everything just write. This would also be the reason why almost all security certifications require some years of experience:
SSCP - 1 Year
CISSP - 5 Years
CISA - 5 Years
CISM - 5 Years of Security Experience + 3 Years of Management Experience
CCSP - No experience requirement, but a CCSP with no experience won't be very successful with being higher
Best suggestion is to look at Monster and various other sites to see what would be required for what you want to do. Find a direction and then you'll know what certs to go after.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
JDMurray Admin Posts: 13,101 Adminthe_Grinch wrote: »I find the CEH to be the next logical step after Security+.
-
anotherday Member Posts: 4 ■□□□□□□□□□Thank you so much !
I did go through SSCP, and I found it good.CEH also is of interest but looks like it would shine up the " hacking ' thing. If not,I am considering doing it. Guys, m totally a novice with no one around to advise me at all !
But doesnt SSCP require 1 yr of exp.? Or I should go for the associate thing ?
Regards ! -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■Yeah SSCP requires a year of experience, but you get something like three years to get the experience. Good luck!WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
JDMurray Admin Posts: 13,101 Adminanotherday wrote: »But doesnt SSCP require 1 yr of exp.? Or I should go for the associate thing ?