What do you need to actually start working in infosec?

So the sec+ exam is the next (and first) in the list of cert's to do. I guess that after passing it I still stay at the same point as far as doors being opened for me. Of course the goal is CISSP but how on earth do I get that 5 years of experience? What else do I need to study to get me going?

I currently work as a support tech at a big ISP in my country. I really want to fit in it's infosec team/department but how can I? I'm sure having the Sec+ cert alone wont get me in there.

Any suggesstions?

BTW - working in such a company gives a great real life exapmles for the Sec+ exam preperations.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

broc

Well, if you work for a company with an infosec department, you should probably ask them what to do to get in the team! Then, let your boss know that you're keen to get into the security field, that you're working on your sec+ exam and that you'll be happy to work on any assignment related to security.

Experience is everything in this field but don't think it's just experience in security, to work in this field, you need to be a good network/infrastructure admin, have knowledge of Windows AND Linux and keep your skills up to date. Security change all the time!

Good luck.

Darril

Great advice Broc.

If your company has an infosec department, expressing an interest and a willlingness to learn is a great way to get in.

You may also want to consider SSCP after Security+ if you want another ceritification while you gaining experience. It's an ISC2 certification like CISSP but can be pursued by people that don't have 5 years of experience. It includes a lot of the domains that are included in CISSP.

Darril Gibson
Author: CompTIA Security+: Get Certified Get Ahead
ISBN-10: 1439236364
Security+ Tip of day Tweets

yosi199

So after the sec+ will SSCP be the natural choice I guess..

anyway, one step at a time. waiting for Darill's book to arrive to really start studying.

Darril

yosi199 wrote: »

So after the sec+ will SSCP be the natural choice I guess..

anyway, one step at a time. waiting for Darill's book to arrive to really start studying.

Yosi,

Like you say, one step at a time.... but here's a little more information on the SSCP that may help you decide.

It only requires one year of experience in any of the seven domains (one of which is Network and Telecommunications which it sounds like you fit into.)

If you pass this exam and subscribe to the code of ethics, you can waive a year off of the five year requirement for CISSP which you've mentioned as a goal.

I'm involved in a project loosely related to SSCP and the exam looks like it's just a short jump from Security+.

HTH,

Darril Gibson
Author: CompTIA Security+: Get Certified Get Ahead
ISBN-10: 1439236364
Security+ Tip of day Tweets