Some career advise guidance, please.
mzek99
Registered Users Posts: 2 ■□□□□□□□□□
Hello everyone,
I'd appreciate some advice/input for my future career in IT. First a bit of my background:
BBA in Computer Information Systems
CCENT
Passed the CISA exam(2010), not certified due to the experience criteria.
Professional Certificate of IT Auditing from a local university.
Been working as PC/Desktop Support for the past 5 years.
I'm looking to break out of desktop/pc support towards a security oriented field. Ideally, I'd like to become an IT auditor, however even the minimum level jobs requires at least 1 year of IT auditing experience.
How can I go about accomplishing this? Should I get a few security certs, i.e. security+, network+, or ccna to get acquainted with hardware security before trying to transition from there?
Thanks for your time.
mzek99
I'd appreciate some advice/input for my future career in IT. First a bit of my background:
BBA in Computer Information Systems
CCENT
Passed the CISA exam(2010), not certified due to the experience criteria.
Professional Certificate of IT Auditing from a local university.
Been working as PC/Desktop Support for the past 5 years.
I'm looking to break out of desktop/pc support towards a security oriented field. Ideally, I'd like to become an IT auditor, however even the minimum level jobs requires at least 1 year of IT auditing experience.
How can I go about accomplishing this? Should I get a few security certs, i.e. security+, network+, or ccna to get acquainted with hardware security before trying to transition from there?
Thanks for your time.
mzek99
Comments
-
afcyung
Member Posts: 212
I think your best move would be to go from Desktop support to a Sys admin position. Then from there go into security. I would however pickup sec + now because its an easy cert to get. -
rogue2shadow
Member Posts: 1,501 ■■■■■■■■□□
I agree with af. The Security+ would be a good cert to round you out from a certification standpoint. Make sure you're aware of the fact that CPEs and renewal/AMF(sorta) fee are now involved with the SY-301 exam and beyond. When it comes to this cert's ROI from a knowledge standpoint, this kind of knowledge is priceless and will help set a security minded foundation for you for the future. When it comes to ROI in the financial sense, theres a lot of things to weigh in. This is the cheapest solution (up front) to get you DoD 8570 IAMI and IATII compliant. As you excel through your career though, and if you decide to go through the private sector, your experience, degree, and higher certs may overshadow your Security+ and paying a renewal fee for the cert may not seem feasible anymore. For more information, see the link below:
CompTIA Security+ Certification
In regards to the CCNA and Network+, in my honest opinion, you should go with the CCNA and not do the Network+ as I feel the CCENT covered most of the material in the Network+ from a "Cisco" way of thinking. -
Everyone
Member Posts: 1,661
+1 to Security+ being a good start. Eventually work towards a CISSP if you decide Security is really where you want to be. -
Turgon
Banned Posts: 6,308 ■■■■■■■■■□
Hello everyone,
I'd appreciate some advice/input for my future career in IT. First a bit of my background:
BBA in Computer Information Systems
CCENT
Passed the CISA exam(2010), not certified due to the experience criteria.
Professional Certificate of IT Auditing from a local university.
Been working as PC/Desktop Support for the past 5 years.
I'm looking to break out of desktop/pc support towards a security oriented field. Ideally, I'd like to become an IT auditor, however even the minimum level jobs requires at least 1 year of IT auditing experience.
How can I go about accomplishing this? Should I get a few security certs, i.e. security+, network+, or ccna to get acquainted with hardware security before trying to transition from there?
Thanks for your time.
mzek99
I suggest you get security + and then familiarise yourself with some of the basic security auditing methodologies offered by the security standards bodies. Check if you need to be affiliated and then offer your services as an affordable basic security auditor to the small shops in your town. It's experience and may help your clients work towards ISO accreditation etc. Basic security auditing and reporting isn't difficult. Do some research, use common sense and templates, offer standard recommendations, dont try and pass yourself off as an expert.
Do that for 12 months and then knock on the door of companies that offer security auditing as a service and sell yourself to agencies as a security auditor.