What do you need to actually start working in infosec?

yosi199yosi199 Member Posts: 23 ■□□□□□□□□□
So the sec+ exam is the next (and first) in the list of cert's to do. I guess that after passing it I still stay at the same point as far as doors being opened for me. Of course the goal is CISSP but how on earth do I get that 5 years of experience? What else do I need to study to get me going?

I currently work as a support tech at a big ISP in my country. I really want to fit in it's infosec team/department but how can I? I'm sure having the Sec+ cert alone wont get me in there.

Any suggesstions?

BTW - working in such a company gives a great real life exapmles for the Sec+ exam preperations.

Comments

  • brocbroc Member Posts: 167
    Well, if you work for a company with an infosec department, you should probably ask them what to do to get in the team! Then, let your boss know that you're keen to get into the security field, that you're working on your sec+ exam and that you'll be happy to work on any assignment related to security.

    Experience is everything in this field but don't think it's just experience in security, to work in this field, you need to be a good network/infrastructure admin, have knowledge of Windows AND Linux and keep your skills up to date. Security change all the time!

    Good luck.
    "Not everything that counts can be counted, and not everything that can be counted counts.”
  • DarrilDarril Member Posts: 1,588
    Great advice Broc.

    If your company has an infosec department, expressing an interest and a willlingness to learn is a great way to get in.

    You may also want to consider SSCP after Security+ if you want another ceritification while you gaining experience. It's an ISC2 certification like CISSP but can be pursued by people that don't have 5 years of experience. It includes a lot of the domains that are included in CISSP.

    Darril Gibson
    Author: CompTIA Security+: Get Certified Get Ahead
    ISBN-10: 1439236364
    Security+ Tip of day Tweets
  • yosi199yosi199 Member Posts: 23 ■□□□□□□□□□
    So after the sec+ will SSCP be the natural choice I guess..

    anyway, one step at a time. waiting for Darill's book to arrive to really start studying.
  • DarrilDarril Member Posts: 1,588
    yosi199 wrote: »
    So after the sec+ will SSCP be the natural choice I guess..

    anyway, one step at a time. waiting for Darill's book to arrive to really start studying.

    Yosi,

    Like you say, one step at a time.... but here's a little more information on the SSCP that may help you decide.

    It only requires one year of experience in any of the seven domains (one of which is Network and Telecommunications which it sounds like you fit into.)

    If you pass this exam and subscribe to the code of ethics, you can waive a year off of the five year requirement for CISSP which you've mentioned as a goal.

    I'm involved in a project loosely related to SSCP and the exam looks like it's just a short jump from Security+.

    HTH,

    Darril Gibson
    Author: CompTIA Security+: Get Certified Get Ahead
    ISBN-10: 1439236364
    Security+ Tip of day Tweets
Sign In or Register to comment.