At a Crossroads... Seeking advice

I recently passed the CISSP exam, and am currently working on the submission of all relevant documents to make it official... But now I am at a decision point in my life... I have 5 years remaining in the U.S. military before I retire and am actively working in the Information Security field as an IASO but have no clue on what I should do now...

Over the next few months, I will take CCNA Security and CEH to further my security knowledge in addition to finishing my Bachelor in CyberSecurity, but would like to expand on my security knowledge.

I am trying to be as well rounded as possible as being in the military, I could do anything in the IT field, especially when deployed...

I would also like to continue in the management aspect as well, but unsure where to turn to...

OK, so to get to the point, is there any advice anyone can offer me as right now I really don't know which path to follow...

Find more posts tagged with

Comments

Turgon

WilliamK99 wrote: »

I recently passed the CISSP exam, and am currently working on the submission of all relevant documents to make it official... But now I am at a decision point in my life... I have 5 years remaining in the U.S. military before I retire and am actively working in the Information Security field as an IASO but have no clue on what I should do now...

Over the next few months, I will take CCNA Security and CEH to further my security knowledge in addition to finishing my Bachelor in CyberSecurity, but would like to expand on my security knowledge.

I am trying to be as well rounded as possible as being in the military, I could do anything in the IT field, especially when deployed...

I would also like to continue in the management aspect as well, but unsure where to turn to...

OK, so to get to the point, is there any advice anyone can offer me as right now I really don't know which path to follow...

Finish your time in the military and continue to get security experience. When it ends return as a contractor or seek work as a contractor in the private sector. Alternatively go for a permanent security job in the private sector.

JDMurray

Your time and experience in the military can pay off huge for getting a job with a defense contractor. Look at certs in your area(s) specialization and on the DoD 8570.01 list. For management jobs, you should get a Masters degree. It can be in Information Assurance, Cyber Security, or something more along the lines of project/program management (probably your best choice). Getting a TS/SSBI (or better) security clearance will also help get your foot in the door too. Most of the DoD contractor jobs are in the Beltway, so start thinking about homesteading in Virginia.

shednik

I think you are in a great spot right now to leverage yourself into whatever area of infosec interests you most. At the root of the security certifications board there are a few stickies, I suggest reading them all. I know JD and myself contributed to a few of them. You have to decide what you like in security, you will see the security field can be compared to the medical field with the different areas of specialization available. Chose what you like the best and become a master in that, of course for geekery keep doing what is enjoyable as well. I chose network security because I have a strong base in networks and it can be applied to anything easily, I however still have a liking for doing pen tests and vulnerability assessments. Luckily our IT Security department knows the network security group's knowledge and includes us in them at my company. Sorry for the rambling but I second what JDMurray has said look into those areas, Virgina may be the place to look unfortunately. I'm lucky enough that I have an office for CERT in my town, hoping for the best when I finish my masters.

Best of luck to you!

joe

cabrillo24

WilliamK99 wrote: »

I recently passed the CISSP exam, and am currently working on the submission of all relevant documents to make it official... But now I am at a decision point in my life... I have 5 years remaining in the U.S. military before I retire and am actively working in the Information Security field as an IASO but have no clue on what I should do now...

Over the next few months, I will take CCNA Security and CEH to further my security knowledge in addition to finishing my Bachelor in CyberSecurity, but would like to expand on my security knowledge.

I am trying to be as well rounded as possible as being in the military, I could do anything in the IT field, especially when deployed...

I would also like to continue in the management aspect as well, but unsure where to turn to...

OK, so to get to the point, is there any advice anyone can offer me as right now I really don't know which path to follow...

For starters, thank you for your service to our country.

I think you're doing very well as is, and you're headed in the right track. Many times I've interviewed people getting out of the military who were simply unprepared, and weren't keeping up with what's going on in the industry.

Sometimes the job you do in the military doesn't necessarily translate to what the civilian sector dictates. Now, does this prevent you from getting hired? No. If you show a history of grasping new concepts quickly and have solid foundation, you will be fine.

As for management. Very rarely does someone take a leadership position coming straight out of the military, but if I were you, I'd possibly consider obtaining the PMP certification. This lets potential future hires know that you're capable of leading from a business prospective and not just an operational/technical prospective.

As I've stated, you're on a very good track, you have time on your side and you're keeping up to date with what's going on in the industry.

cabrillo24

JDMurray wrote: »

Your time and experience in the military can pay off huge for getting a job with a defense contractor. Look at certs in your area(s) specialization and on the DoD 8570.01 list. For management jobs, you should get a Masters degree. It can be in Information Assurance, Cyber Security, or something more along the lines of project/program management (probably your best choice). Getting a TS/SSBI (or better) security clearance will also help get your foot in the door too. Most of the DoD contractor jobs are in the Beltway, so start thinking about homesteading in Virginia.

A lot of DoD contractor jobs are there, and also where there is a large military presence: D.C., Norfolk VA, Pensacola, San Diego...overseas (Naples, Guam, S. Korea) etc.

JDMurray

cabrillo24 wrote: »

A lot of DoD contractor jobs are there, and also where there is a large military presence: D.C., Norfolk VA, Pensacola, San Diego...overseas (Naples, Guam, S. Korea) etc.

...St Louis, San Antonio, Seattle, Silicon Valley, Southern California, Hawaii...

Yet somehow all the recruiters only want me for Beltway jobs.

rogue2shadow

Fort Meade, MD will be opening up with jobs for DISA soon (just wanted to add to the list).

JDMurray

Start with looking on the job boards for the really big defense contractors, like Boeing, Lockheed, General Dynamics, Northrop, SAIC, L-3 Communications, and Raytheon. They usually post jobs on their own job site before other job boards, like dice.com. The postings will also give you an idea of the geographical selection.

Hint: Any job classification or program name with the word "cyber" is really hot right now.

rwmidl

To add to what JD said - with the possibility of upcoming defense cuts, a lot of defense contractors are starting to shift their focus from the traditional "heavy metal" contracts/jobs to "cyber" areas. The next few years should be really interesting...

cabrillo24

rwmidl wrote: »

To add to what JD said - with the possibility of upcoming defense cuts, a lot of defense contractors are starting to shift their focus from the traditional "heavy metal" contracts/jobs to "cyber" areas. The next few years should be really interesting...

I don't think the defense cuts should hamper cyber security and the information assurance realm as much as the other DoD sectors. Many of the cyber security and IA functions are mandated by executive orders, DoD mandates, and FISMA. IA/CND is something the DoD is looking to expand upon, as cyber terrorism is coming to the forefront.

JDMurray

cabrillo24 wrote: »

I don't think the defense cuts should hamper cyber security and the information assurance realm as much as the other DoD sectors. Many of the cyber security and IA functions are mandated by executive orders, DoD mandates, and FISMA. IA/CND is something the DoD is looking to expand upon, as cyber terrorism is coming to the forefront.

There are two separate issues here: wanting to increase the U.S.'s cyber security and being willing to spend the money to do so. The DoD would like the private sector to pay for all of the future cyber development and vise versa. So right now it's a bit of a stand-off while we all wait to see what (if anything) changes in the White House in 2012.