Security Certificatioin Advice
Jinuyr
https://www.linkedin.com/in/francis-nunziata-4a95b624/Member Posts: 251 ■■□□□□□□□□
Hello everyone,
I was wondering if the community could provide me with a bit of feedback on my chosen certification and degree path for my current profession.
Currently, I have seven (7) years of experience in the IT industry. For five of those years I worked as a Desktop Technician, Network/Server/Security Administrator, and IT Manager. Two of them were spent as a Database Administrator using MS SQL.
I have noticed a number of threads comparing the different security certifications and their value within the community and organization. I hope to continue my role within IT focusing primarily on Microsoft technologies and Security. Networking will rely mainly on HP ProCurve network rather than Cisco. After speaking to numerous IT professionals, my organization, the TE community, and an (ISC)2 representative it was concluded that I possessed the requirements for experience to complete the CISSP. I am currently pursuing this certification as it has a much higher impact and need for my current role and I am actively involved in projects that relate directly to a number of the domains covered in this exam.
Past that however, there is a question regarding the next step in security. CISM, C|EH, and a few of the certification I saw regarding security. For my long term goals and those that my organization would like me to be able to accomplish include the following: Vulnerability Assessment, Penetration Testing, Risk Analysis and Mangemant, Disaster Recovery Planning, and Business Continuity Planning. I did a number of these previously at another company.
I assume that Project+ would be a good supplement in getting these items done on time and efficiently. The CISSP would help to validate my knowledge in most of these areas.
Sorry for being wordy... So what do you think? CISSP enough? Go for C|EH and/or CISM? Find another security certification?
Completed: Network+, Security+
Current: CISSP
Future: MCITP:EDST7, MCITP:EDA7, Project+, HP:AIS, MCITP:SA, HP:ASE, MCITP:EA, HP:MASE
I was wondering if the community could provide me with a bit of feedback on my chosen certification and degree path for my current profession.
Currently, I have seven (7) years of experience in the IT industry. For five of those years I worked as a Desktop Technician, Network/Server/Security Administrator, and IT Manager. Two of them were spent as a Database Administrator using MS SQL.
I have noticed a number of threads comparing the different security certifications and their value within the community and organization. I hope to continue my role within IT focusing primarily on Microsoft technologies and Security. Networking will rely mainly on HP ProCurve network rather than Cisco. After speaking to numerous IT professionals, my organization, the TE community, and an (ISC)2 representative it was concluded that I possessed the requirements for experience to complete the CISSP. I am currently pursuing this certification as it has a much higher impact and need for my current role and I am actively involved in projects that relate directly to a number of the domains covered in this exam.
Past that however, there is a question regarding the next step in security. CISM, C|EH, and a few of the certification I saw regarding security. For my long term goals and those that my organization would like me to be able to accomplish include the following: Vulnerability Assessment, Penetration Testing, Risk Analysis and Mangemant, Disaster Recovery Planning, and Business Continuity Planning. I did a number of these previously at another company.
I assume that Project+ would be a good supplement in getting these items done on time and efficiently. The CISSP would help to validate my knowledge in most of these areas.
Sorry for being wordy... So what do you think? CISSP enough? Go for C|EH and/or CISM? Find another security certification?
Completed: Network+, Security+
Current: CISSP
Future: MCITP:EDST7, MCITP:EDA7, Project+, HP:AIS, MCITP:SA, HP:ASE, MCITP:EA, HP:MASE
Comments
Vulnerability Assessment, Penetration Testing, Risk Analysis and Mangemant, Disaster Recovery Planning, and Business Continuity Planning are covered in CISSP.
Penetration testing is covered in other exams such as CEH, OSCP, GPEN. The latter two being more advanced, the first one "CEH" being introductory.
Certified Ethical Hacker, EC Council, CEH, Information Security, Computer Security, Network Security, Internet Security, Security Courses, Hacking
Information Security Certifications by Offensive Security
Information Security Certification - GIAC
2023 Cert Goals: SC-100, eCPTX
I haven't really done much research on the C|EH, do you happen to know what it would require? Penetration Testing is definitely something I need to expose myself to more in order to have the appropriate level of experience for such an exam.
R,
J.
M.S Information Assurance and Security______ Completed: 0 CU's
Start Date: October 2011 _ ______________________ _Remaining: 32 CU's
Goal for term ending 3/30/12 - EWOB1
Courses Remaining / Term 2 Goal -
Completed this term -
We don't support Government agencies, most we do here is SOX and PCI compliance. PCI is a really big thing right now for our organization so they wanted somebody willing to take on a larger responsibility in the project as well as having a more well rounded understanding of information systems security.
Hope this helps.