Need your suggestion, especially JDMurray

fawadn_84

Dear All,
I am a network Engineer in a software house here in Pakistan, i have around 2 years Network experience. I have done 4 years Bsc. in Telecommunication Engineering.
and now in my job, with the troubleshooting and maintenance of overall IT in my company, I used to deal with the ISA - proxy server.

so, what should i do?

I want to pursue my career in SECURITY, so what should i do ?
i believe in my self, that regarding study , i can study CISSP, but only lacking the SECURITY EXPERIENCE.


kindly suggest me your advices.


Thank you,

take care

laidbackfreak

The security experience is pretty broad, given your roles so far you probably cover a couple of the domains already. Where you lack is in length of experience, your degree will\may take a year off but you still need a further 4 years to qualify.

you have a couple of opitons open to you now. Look at the SSCP path or take the CISSP exam to earn the "associate" status untill you meet the requirements.

Do you have any other certifications ? You may want to look at Security+ or others in the mean time.

fawadn_84

laidbackfreak wrote: »

The security experience is pretty broad, given your roles so far you probably cover a couple of the domains already. Where you lack is in length of experience, your degree will\may take a year off but you still need a further 4 years to qualify.

you have a couple of opitons open to you now. Look at the SSCP path or take the CISSP exam to earn the "associate" status untill you meet the requirements.

Do you have any other certifications ? You may want to look at Security+ or others in the mean time.

Dear laidbackfreak,

yeah thats wat i am asking for, that what should i do ??...

should i go for SSCP or Associate CISSP... ????
or should i go for CCNA or MCSE..
these all are making me mad...
someone told me that first make yr base, by doing CCNA, then choose anyother field.

i have studied many courses abt networking in university, but those were VENDOR NEUTRAL, ccna is VENDOR SPECIFIC.. i dont wanna go for VENDOR SPCIFIC things, ...

kindly suggest me a path...

plz..

fawadn_84

Dear Friends,

as the experience is getting probilem for me ay the moment.. so , WHAT DO YOU SAY, IF I GO FOR CEH CERTIFICATION..

I CAN STUDY.. STUDYING IS NOT AN ISSUE ...


JUST NEED YR ADVICE...


please please reply

JDMurray

Are you looking for a career in information security specifically Pakistan, or are you looking to make yourself more marketable abroad? I really have no idea what Pakistani employers look for when hiring InfoSec workers. You would need to check job postings in your local area for that information.

In the USA and Europe, a network engineer with security experience would be good to have CCNA: Security, CCSP, Security+, SSCP, and any certifications/training related to auditable policies/procedures at the employer's business (e.g., PCI, SOX, HIPAA, ITIL, ISO/IEC 27001, etc.).

Go for the CEH if the topics it covers really interest you, but I wouldn't make it a priority for a career goal. And strongly consider getting the CISSP when you have the work experience.

fawadn_84

JDMurray wrote: »

Are you looking for a career in information security specifically Pakistan, or are you looking to make yourself more marketable abroad? I really have no idea what Pakistani employers look for when hiring InfoSec workers. You would need to check job postings in your local area for that information.

In the USA and Europe, a network engineer with security experience would be good to have CCNA: Security, CCSP, Security+, SSCP, and any certifications/training related to auditable policies/procedures at the employer's business (e.g., PCI, SOX, HIPAA, ITIL, ISO/IEC 27001, etc.).

Go for the CEH if the topics it covers really interest you, but I wouldn't make it a priority for a career goal. And strongly consider getting the CISSP when you have the work experience.

thank you JDMurray, i really appreciate your concern,

just tell me that from where i start,,, ,,,,,
should i start with SSCP or associate of CISSP.. ??
or before all that , shoudl i go for CCNA, only CCNA...
then...go for SSCP or CISSP..? ??
as the SECURITY JOB MARKET IS VERY LOW IN PAKISTAN AND SAUDI ARABIA. ( I BELONG TO THESE BOTH COUNTRY) SO THATS WHY, I AM VERY WORRIED THAT WAT TO CHOOSE ?

I HAVE INTEREST IN SECURITY BUT JOB MARKET IS VERY LOW...IN SAUDIA AND PAKISTAN..AND THAT ALWAYS MAKE ME WORRIED..


KINDLY ENLIGHTEN ME ON IT

JDMurray

It sounds like you will need to rely on your network administration and architecture skills to keep you in a job while the security market is thin, so I recommend making yourself more marketable with the Cisco certs. You would probably go the CCSP track, but look at the possibility of choosing the CCNP or CCDP track instead.

Try Security+ as your first InfoSec cert. If you don't have the work experience to get the CISSP, get the SSCP first. You can then take the CISSP exam and get the Associate designation. Just be aware of the annual educational and maintenance fee requirements of the (ISC)2 certs.

LinuxRacr

I'm with JD on this. The Security+ cert is a good place to start.