What certs to pursue BEFORE pen test certs

2»

Comments

  • lumbercislumbercis Member Posts: 27 ■□□□□□□□□□
    I'm guessing you are in the DC area? Good market there if you are clearable. Especially if you are clearable up to the TS/SCI level.

    I probably still am. I used to work as a cryptologic linguist for the Air Force where I held a TS/SCI. It's been expired for a few years now though. I haven't gotten in any debt or been arrested since then, so I should be clearable.

    However, a lot of jobs in the DC area ask for people with Active clearances since there is actually a decent pool of cleared people around here. So having once had the clearance doesn't hurt, but I'll always lose out to someone with an Active clearance since the company doesn't have to do the extra work to get me cleared.

    You are right though that an Active clearance is Gold around here.
  • coffeekingcoffeeking Member Posts: 305 ■■■■□□□□□□
    lumbercis wrote: »
    Two other questions to throw out there for your consideration:
    1) Again assuming a newb, are the broader certs such as Network+ and Sec+ "enough" background before starting in with security specific certs? Or is it more beneficial to get the deeper understanding provided by the MCSE/CCNA type certs before diving into security-specific certs? What would your ideal "cert path" look like if your goal was pentesting?

    You don't have to have a cert path to be a pentester. Our department hired 2 pentesters about a year ago, neither one of them have any certs; CCNA, CCNA:S, MCSE and others. They have their MS degrees, but both of them have a very solid OS knowledge; be it *nix or Windows, and that I think was the key point in identifying themselves as pentesters
    lumbercis wrote: »
    2) If you were hiring a pentester for your organization, what type of certs would you be looking for? What else on the resume would get someone a call?

    Thanks for all the great insights so far! icon_cheers.gif

    Certs definitely help but are not a necessity. Like someone has stated that they would rather have their to-be-hired pentester have performed several test instead of certifications.

    I have CCNA and CCNA:Sec certs but I don't I am anywhere close to be a pentester, there is a lot more involved in it that a couple of certs. Again, you don't have to go chase every possible cert before jumping in. Like Dynamik has mentioned, jump into it and you will learn along the way.

    I know these questions have been answered above but am just trying to give you another perspective.

    Good Luck.
Sign In or Register to comment.