Becoming an Information Security Analyst

L0gicB0mb508

Paul Boz wrote: »

Cisco certs are highly respected regardless of the industry. No one's ever seen my list of Cisco certs and said "man, you're really lacking MS."

Cisco certs definitely hold water no matter what you are doing. It shows a deep level of understanding of networking as whole, not just Cisco itself.

L0gicB0mb508

rogue2shadow wrote: »

With every sunrise comes an expanding of this new field and the title "InfoSec Analyst" is a lot more general than we may have thought a year ago.

This is so very true. It used to pretty much mean IDS analyst or something similar, but now I see it listed for everything. You really need to pay attention to the particular requirements for the job. Security analyst for most Gov organizations means IDS, firewall, log file analysis, and web filter analysis.

Paul Boz's old job title was security analyst. Here that position would be called pentester, vulnerability assessment engineer, or security auditor.

veritas_libertas

Thanks for the write-up L0gicB0mb508

Paul Boz

L0gicB0mb508 wrote: »

This is so very true. It used to pretty much mean IDS analyst or something similar, but now I see it listed for everything. You really need to pay attention to the particular requirements for the job. Security analyst for most Gov organizations means IDS, firewall, log file analysis, and web filter analysis.

Paul Boz's old job title was security analyst. Here that position would be called pentester, vulnerability assessment engineer, or security auditor.

Correct. I was called a security analyst and did pentesting, vuln assessments, audits, etc. I didn't actually engineer controls. At my current job I'm the lead security engineer for the largest home healthcare company in the USA and architect / implement enterprise security controls accordingly. I'd much rather engineer than analyze. Pentesting is fun but becomes tedious after a while because every job looks like the last one after a while.

Bl8ckr0uter wrote: »

I think it has to do with the fact that there are more windows servers than cisco routers, switches and firewalls. In most companies, AD is probably going to change more than firewall configs. Which is why I am going to be doing a lot of labbing of windows stuff for the GSEC and in general simply because AD is very important.

The general adds, moves, and changes to active directory usually do not require a high level of skill and is usually accomplished by a user access administrator. Sure there is skill in architecting the active directory structure and user access model but the maintenance part is pretty straight forward. I'd have to disagree with your assessment of the proliferation of Cisco equipment versus Windows infrastructure. Sure there are far more servers per environment than routers and firewalls, but EVERYONE has network equipment while not everyone has Windows infrastructure. I can just as easily work in a 100% Unix environment versus a Windows environment because the server infrastructure is irrelevant to my skills. As LogicBomb stated, Cisco certs don't really represent Cisco alone, but a general competency with networking in general. I can just as easily apply my networking skills to 3com, Dell, Juniper, or any other networking vendor. The technology and topologies are the same, the syntax is different.

tpatt100

Bl8ckr0uter wrote: »

I think it has to do with the fact that there are more windows servers than cisco routers, switches and firewalls. In most companies, AD is probably going to change more than firewall configs. Which is why I am going to be doing a lot of labbing of windows stuff for the GSEC and in general simply because AD is very important.

Just figured I would chime in and say this is true. I am now doing audits, review and certifying a Windows/Solaris system that runs a purchasing tracking program. The audits can change every other month if not each month due to patches, updates for the software. And then when GPO changes are made those can break/change configurations so it comes up in the next month scans.

There seems to be more to do in the Server side of things security wise.

Of course if you can do server security and you have your Cisco certs and real world router/switch experience you are pretty golden because you have a true understanding of the audits.

alvandelden

There is an alternative certification for IT Security called ACCERT by Antillean College. It is highly respected and you can do it online from your home for only 6 USD. Check it out www.antilleancollege.com.

The best of all is that it never expires and anyone can verify it on the website.

cyberguypr

Come on! Can you explain how exactly this is highly respected? Who exactly respects this and where? 30 questions, $6 bucks, the website looks like something my daughter could've put together. Overall extremely shady. Any free MOOC has more value than this.

pram

He may be a little biased, considering it's his website ;D

kurosaki00

pram wrote: »

He may be a little biased, considering it's his website ;D

lol I just saw that...
I guess a site/cert company has to start from somewhere.

UnixGuy

I enjoyed reading through this thread again. I wonder what happened to the regular posters (Dynamic, Boz, ..etc).

Great advice

--chris--

UnixGuy wrote: »

I enjoyed reading through this thread again. I wonder what happened to the regular posters (Dynamic, Boz, ..etc).

Great advice

Send them a pm, if they still use the email registered here they will see it.

alvandelden

Thanks for the comments. It is good to hear critics too. We have a renewed website now. Do you like it? www.antilleancollege.com

alvandelden

Pass the test, and we will talk

E Double U

Had over 5 years of networking experience before I landed a job in the SOC. Spent 4 years in a NOC working on Cisco routers (got the CCNA during this time). Moved on to the config/migrations team working on Cisco routers/switches for over a year. Joined the SOC after that and stayed for less than a year. Worked on Cisco, Check Point, and Blue Coat equipment.

Now I'm an Info Sec Analyst at a bank working on Cisco, Symantec, and other systems. Even doing some physical security. I completed the CCNP Security in the spring and now working towards CISSP.

Everyone that I've worked with in the security field has a strong networking background. And many held the CCNA at some point. That cert helped me land 3 jobs already so it was definitely worth it.

itsgonnahappen

alvandelden wrote: »

Pass the test, and we will talk

Is this guy serious? A quick glance reveals this guy is trying to pass as a self accredited college offering random "diplomas" and "certifications" ranging from drug abuse to IT security. Correct me if I'm wrong, but isn't this just short of a diploma mill?

SephStorm

Meh, i'll give him the benefit of a doubt.