Options
Certification/Career Advice
tpatt100
Member Posts: 2,991 ■■■■■■■■■□
I am going to be losing my job soon due to another
company being awarded the contract. I have been working
for the same company for 5 years now as a Security
Analyst. I was a jack of all trades security due to
everybody needing to do everyone's job due to the size of
our staff we all had "official titles" but we rotated
responsibilities.
The network had several domains with a few hundred
Unix/HPUX and several hundred Windows servers. Clients
were few since I did not handle the client level only the
server level.
I was hired by a pretty large company, Fortune 500 and
all a couple of months ago but they implemented a hiring
freeze right after they hired me. I already received the
welcome aboard packet after I signed and accepted their
offer letter.
I was told a couple of weeks ago to be patient but in
todays market I am not going to just sit around and
"wait" just in case and use my time productively.
Currently my job was several different positions but were
the following:
Vulnerability Analysis: Daily, weekly, monthly scanning
of several domains for an enterprise network. I took the
results and generated reports for the different
organizations.
Checkpoint Firewall admin: Every few days due to
different migrations took firewall change requests,
checked to verify they were not security risks and then
created and pushed the policies. This was about 20
percent of my job.
Certification and accreditation of government servers: I
was responsible for scanning with software and manual
verification to ensure they were compliant. Created
reports from findings, uploaded to central database with
deadlines for servers to correct findings.
Enterprise Admin: Level 3 support, Level 2 Windows
admins handled day to day tasks and troubleshooting. I
was part of the last step to approve changes to ensure
they were compliant. Was responsible for approving
Active Directory changes. I designed and implemented AD
policies to enforce security standards not the day to day
stuff.
I have known about the contract ending a few months ago
and started looking but the security front has changed a
lot since the economy took a downturn. It seems
positions that used to be different have been merged
under "security" which makes sense.
It appears security positions are providing a laundry
list of stuff. I can do day to day Checkpoint
administration but most of the stuff we did not use
because there was no need for it. We had 6 Checkpoint
firewalls total.
Windows admin stuff I had to dig through configurations
finding issues based on government policies and my patch
management was finding missing patches and notifying the
Windows or Unix teams.
It seems now that Cisco level work is thrown in with
security. I have an old CCNA but I did not want to get
certified on what I do not do day to day. My Microsoft
certs are from the NT and Win2K days.
Only certs I have done this past year was the Security+
and then the CISSP.
I wonder if I should look at upgrading my Microsoft certs
or just take the first Checkpoint CCSA exam which I know
I could pass with self study and it will help fill in
gaps in my knowledge due to apps we never used.
My friends at work are telling me to get my CCNA and then
CCNA security but not too sure on that due to I have a
tendency to forget what I do not regularly use.
It seems I have become the jack of all trades but really a master of none
company being awarded the contract. I have been working
for the same company for 5 years now as a Security
Analyst. I was a jack of all trades security due to
everybody needing to do everyone's job due to the size of
our staff we all had "official titles" but we rotated
responsibilities.
The network had several domains with a few hundred
Unix/HPUX and several hundred Windows servers. Clients
were few since I did not handle the client level only the
server level.
I was hired by a pretty large company, Fortune 500 and
all a couple of months ago but they implemented a hiring
freeze right after they hired me. I already received the
welcome aboard packet after I signed and accepted their
offer letter.
I was told a couple of weeks ago to be patient but in
todays market I am not going to just sit around and
"wait" just in case and use my time productively.
Currently my job was several different positions but were
the following:
Vulnerability Analysis: Daily, weekly, monthly scanning
of several domains for an enterprise network. I took the
results and generated reports for the different
organizations.
Checkpoint Firewall admin: Every few days due to
different migrations took firewall change requests,
checked to verify they were not security risks and then
created and pushed the policies. This was about 20
percent of my job.
Certification and accreditation of government servers: I
was responsible for scanning with software and manual
verification to ensure they were compliant. Created
reports from findings, uploaded to central database with
deadlines for servers to correct findings.
Enterprise Admin: Level 3 support, Level 2 Windows
admins handled day to day tasks and troubleshooting. I
was part of the last step to approve changes to ensure
they were compliant. Was responsible for approving
Active Directory changes. I designed and implemented AD
policies to enforce security standards not the day to day
stuff.
I have known about the contract ending a few months ago
and started looking but the security front has changed a
lot since the economy took a downturn. It seems
positions that used to be different have been merged
under "security" which makes sense.
It appears security positions are providing a laundry
list of stuff. I can do day to day Checkpoint
administration but most of the stuff we did not use
because there was no need for it. We had 6 Checkpoint
firewalls total.
Windows admin stuff I had to dig through configurations
finding issues based on government policies and my patch
management was finding missing patches and notifying the
Windows or Unix teams.
It seems now that Cisco level work is thrown in with
security. I have an old CCNA but I did not want to get
certified on what I do not do day to day. My Microsoft
certs are from the NT and Win2K days.
Only certs I have done this past year was the Security+
and then the CISSP.
I wonder if I should look at upgrading my Microsoft certs
or just take the first Checkpoint CCSA exam which I know
I could pass with self study and it will help fill in
gaps in my knowledge due to apps we never used.
My friends at work are telling me to get my CCNA and then
CCNA security but not too sure on that due to I have a
tendency to forget what I do not regularly use.
It seems I have become the jack of all trades but really a master of none
Comments
-
Options
Ashenwelt
Member Posts: 266 ■■■■□□□□□□
It happens. I have an odd suggestion for you. Look at the jobs you would want, that you have the experience for. Look at the certs they want. Make a list of them, and mark them easiest/quickest (the top) to hardest/longest (the bottom). Start grabbing them one after another from the top.
Don't waste all your time on one cert, when employment loss is staring you in the face. Grab whatever you can as fast as you can.
Sometimes, that means running for a CCNA, other times that may mean grabbing an MCTS. Or whatever is in your direct field.
I totally understand the jack of all trades concept.
Good luck! -
Optionstpatt100
Member Posts: 2,991 ■■■■■■■■■□
Thanks, I am thinking the Checkpoint CCSA would be the best for me right now since it is one test and I can actually use the study time to fill the gaps and I have five years experience with it.
Might follow up with the Microsoft exams soon after. -
Optionsapena7
Member Posts: 351
It's not necessarily a bad thing if you're a jack of all trades. With all the downsizing going on, companies are looking more for generalists than specialists. I mean, why employ many people when you can employ one that can wear many hats?Usus magister est optimus
-
Options
ccnpninja
Member Posts: 1,010 ■■■□□□□□□□
man, you say ONLY CISSP?? in my country, CISSP gives you a senior security consultant right away with a bunch of benefits!Only certs I have done this past year was the Security+
and then the CISSP.my blog:https://keyboardbanger.com -
Optionstpatt100
Member Posts: 2,991 ■■■■■■■■■□
man, you say ONLY CISSP?? in my country, CISSP gives you a senior security consultant right away with a bunch of benefits!
Well before that was my MCSA in Windows 2000 back in 2001 I took a long break from certs lol. -
Options
Kasor
Member Posts: 933 ■■■■□□□□□□
So, what is the option that you have right now?Kill All Suffer T "o" ReBorn -
Optionstpatt100
Member Posts: 2,991 ■■■■■■■■■□
So, what is the option that you have right now?
Cert wise? I could do Checkpoint and do the labs on our development firewall at work. Plus I can get a copy and play with it at home in demo mode.
Microsoft certs I already have the Microsoft press.
