Some career advise guidance, please.

Hello everyone,

I'd appreciate some advice/input for my future career in IT. First a bit of my background:

BBA in Computer Information Systems
CCENT
Passed the CISA exam(2010), not certified due to the experience criteria.
Professional Certificate of IT Auditing from a local university.
Been working as PC/Desktop Support for the past 5 years.

I'm looking to break out of desktop/pc support towards a security oriented field. Ideally, I'd like to become an IT auditor, however even the minimum level jobs requires at least 1 year of IT auditing experience.

How can I go about accomplishing this? Should I get a few security certs, i.e. security+, network+, or ccna to get acquainted with hardware security before trying to transition from there?

Thanks for your time.
mzek99

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

afcyung

I think your best move would be to go from Desktop support to a Sys admin position. Then from there go into security. I would however pickup sec + now because its an easy cert to get.

rogue2shadow

I agree with af. The Security+ would be a good cert to round you out from a certification standpoint. Make sure you're aware of the fact that CPEs and renewal/AMF(sorta) fee are now involved with the SY-301 exam and beyond. When it comes to this cert's ROI from a knowledge standpoint, this kind of knowledge is priceless and will help set a security minded foundation for you for the future. When it comes to ROI in the financial sense, theres a lot of things to weigh in. This is the cheapest solution (up front) to get you DoD 8570 IAMI and IATII compliant. As you excel through your career though, and if you decide to go through the private sector, your experience, degree, and higher certs may overshadow your Security+ and paying a renewal fee for the cert may not seem feasible anymore. For more information, see the link below:

CompTIA Security+ Certification

In regards to the CCNA and Network+, in my honest opinion, you should go with the CCNA and not do the Network+ as I feel the CCENT covered most of the material in the Network+ from a "Cisco" way of thinking.

Everyone

+1 to Security+ being a good start. Eventually work towards a CISSP if you decide Security is really where you want to be.

Turgon

mzek99 wrote: »

Hello everyone,

I'd appreciate some advice/input for my future career in IT. First a bit of my background:

BBA in Computer Information Systems
CCENT
Passed the CISA exam(2010), not certified due to the experience criteria.
Professional Certificate of IT Auditing from a local university.
Been working as PC/Desktop Support for the past 5 years.

I'm looking to break out of desktop/pc support towards a security oriented field. Ideally, I'd like to become an IT auditor, however even the minimum level jobs requires at least 1 year of IT auditing experience.

How can I go about accomplishing this? Should I get a few security certs, i.e. security+, network+, or ccna to get acquainted with hardware security before trying to transition from there?

Thanks for your time.
mzek99

I suggest you get security + and then familiarise yourself with some of the basic security auditing methodologies offered by the security standards bodies. Check if you need to be affiliated and then offer your services as an affordable basic security auditor to the small shops in your town. It's experience and may help your clients work towards ISO accreditation etc. Basic security auditing and reporting isn't difficult. Do some research, use common sense and templates, offer standard recommendations, dont try and pass yourself off as an expert.

Do that for 12 months and then knock on the door of companies that offer security auditing as a service and sell yourself to agencies as a security auditor.

mzek99

Thank you all for your advice. Gladly appreciate it!