Confused About Security Career

Sahil Arora

Hey Buddies!
I am From India,Sahil Currently Pursuin Graduation(BCA 2nd year) alongwith GNIIT in Hardware and Networking Domain.
Please help me in my Career:
1.I want to be on the top Position among Information Security Professionals.Please help me where to i start with,i searched a lot of Internet but didn't found anything Worth.
2.I don't have even Comptia A+ Certification since i just got only training from GNIIT.
Please give me Suggestions so that i can make my "Lovely Dream Become True"
Also i do have Questions regarding Servers,please help me in that too.
Please guys help me,i am really Confused

ccnaomkar

there are lot of certification

check below websites and then see what u want to do
EC COUNCIL-www.eccouncil.org/

ISC2-www.isc2.org/

GIAC-www.giac.org/

CISCO-www.cisco.com/web/learning/le3/ccie/security/

CHECKPOINT-www.checkpoint.com

OFFENSIVE SECURITY-www.offensive-security.com/

COMPTIA-certification.comptia.org/getCertified/certifications/security.aspx

INFORMATION ASSURANCE CERTIFICATION REVIEW BOARD

www.isaca.org/

Paraben's Computer Forensic Software and Training

Sahil Arora

That's Good that if you have given me all Certifications list,but please where do i start with and how do i reach the Top Security Position.

Priston

CompTIA Security+ is a good entry level certification.

I don't think you should be worried about how to reach the top security position, what you should be worried about is how to actually get into the field and obtain work experience.

Once you have work experience, then you can worry about getting to the top.

rogue2shadow

If you do a quick search through this sub forum you'll definitely find some good threads on starting out. Theres a wide variety of security professionals on this forum and their words are rooted in those topics.

Sahil Arora

Priston wrote: »

CompTIA Security+ is a good entry level certification.

I don't think you should be worried about how to reach the top security position, what you should be worried about is how to actually get into the field and obtain work experience.

Once you have work experience, then you can worry about getting to the top.

How to get Experience,what Experience you are talking about Dude?
And i don't have Comptia A+ Certification,i am Eligible for Comptia Security Plus?

sb97

If you are in school then my usual advice is to find a paid internship either directly as a security professional or as some type of admin. In the meantime, try and figure out what area of security you would like to specialize in. From there it is much easier to set a patch to the top. As far as certifications go.... As previously stated, the Security+ is a good entry level. I would also consider some entry level vendor certs. (For instance, if network security is your thing then Cisco/Juniper/Sourcefire)

Also, if you eventually want to get into management then I would look for ways to develop your business/communication skills.

Sahil Arora

NO,I am not in School and i just want to be on Top among all Security Professionals,i don't know what that position is called,if you could give m einformation regarding that position then please help.

chrisone

Do you want to be a security manager with NO hands on technical responsibilities (just overseeing security engineers do there job) or do you want to be a security engineer with technical responsibilities with hands on security configuration/troubleshooting/designing?

To be a manager with no technical hands on go the comptia security+ , Net+ , ITIL , SSCP , CISSP direction.

To be a security engineer with technical hands on go the comptia security+, CCNA, CCNA Security, CCNP Routing/Switching, CCNP Security, CEH from eccouncil, OSCP from offensive security for your penetration testing studies.

That should be a solid base for either path.

cyberguypr

Sahil Arora wrote: »

NO,I am not in School and i just want to be on Top among all Security Professionals,i don't know what that position is called,if you could give m einformation regarding that position then please help.

The position you are looking for is called SGMU: Security God, Master of the Universe.

Seriously dude, take it easy. The InfoSec arena is no joke and can't be rushed. There is no universally recognizable "Top Security" position. You could be a great pen tester, a CISO, forensics guru or whatever. It is up to you to decide what you want to specialize in. Do your homework, research, and then hit us with questions that make sense.

Sahil Arora

@cyberguypr,Your last post really hurt me a Lot and De Motivated me!!
My Questions are clearly Sensible!!
@chrisone:I have "Very Little" but have tEchnical Background i think i told that i am pursuing BCA and GNIIT.
And my simple question was that how could i be a COmputer Crime Investigator,how do i add Experience,i mean what should be my first step towards my this Goal.

Turgon

Sahil Arora wrote: »

@cyberguypr,Your last post really hurt me a Lot and De Motivated me!!
My Questions are clearly Sensible!!
@chrisone:I have "Very Little" but have tEchnical Background i think i told that i am pursuing BCA and GNIIT.
And my simple question was that how could i be a COmputer Crime Investigator,how do i add Experience,i mean what should be my first step towards my this Goal.

Your first step is to get an IT job with a security flavour. Your next step is to work hard and excel at it. That takes time and commitment on your part. Inside five years you could be advising busy people like myself on certain security specifics and if you want to be a top security consultant that's what you need to be shooting for.

Sahil Arora

I didn't got what you are saying.

Turgon

Sahil Arora wrote: »

I didn't got what you are saying.

Im giving you an indication of the level you need to get to if you want to be considered a top security consultant. To attempt to get there start in a junior role and work your way up. There is much to learn well.

Priston

Sahil Arora wrote: »

Hey Buddies!
I am From India,Sahil Currently Pursuin Graduation(BCA 2nd year) alongwith GNIIT in Hardware and Networking Domain.

Sahil Arora wrote: »

NO,I am not in School and i just want to be on Top among all Security Professionals.

I'm getting confused on your situation... can you clarify what your current background in Security is?

Sahil Arora wrote: »

i don't have Comptia A+ Certification,i am Eligible for Comptia Security Plus?

Yes, you are eligible. There are no pre-requirements for the Security+

Sahil Arora wrote: »

And my simple question was that how could i be a COmputer Crime Investigator,how do i add Experience,i mean what should be my first step towards my this Goal.

So your goal is to become a "Computer Crime Investigator"? These are details that we need to know from the beginning to help lead you into the right direction. Simply saying "Top Security Professional" makes us unsure of what your true goal is.

Sahil Arora

From the details of Google,it shows that Computer Crime Investigator is the Top Position among Security Professionals.
And about Security Plus,Comptia Website says that Network + as well as 2 years Security Experience is Required,you can yourself check it!!
CompTIA Security+ Certification

onesaint

Sahil Arora wrote: »

From the details of Google,it shows that Computer Crime Investigator is the Top Position among Security Professionals.
And about Security Plus,Comptia Website says that Network + as well as 2 years Security Experience is Required,you can yourself check it!!
CompTIA Security+ Certification

Just FYI from your link to comptia,

Recommended experience: CompTIA Network+ certification and two years of technical networking experience, with an emphasis on security.

Granted, I understand there is a language barrier here, but "recommended" is different than "required".

As many others have stated, you need to select if you want that "top Position among Information Security Professionals" to be management or technical. Then you should start with an entry level security related position, continue your education to gain a strong foundation and work your way up.

Sahil Arora

Accepted there was a Language Barrier!!
I want to be in Legal Department,whose Job is to Investigate and Catch Computer Criminals.

docrice

The path to becoming a computer forensics investigator may be different depending on where you are located. In addition, investigating computer "crime" versus doing computer forensics in an infosec team for a corporation will have differing contexts in terms of roles and responsibilities from a legal perspective.

Security in general harbors a lot of cross-disciplines including (but certainly not limited to) basic computer hardware mechanics, operating systems, deep level of file system knowledge, networking protocols, policies, compliance mandates, application architectures, intrusion analysis, as well as legal systems and procedures such as custody chains. You generally don't get a good handle on this until well into your first decade's worth of experience. It's not something you jump into after a few years of general IT experience.

And you will not attain the skills through certifications alone. As a matter of fact, I doubt I was hired for my current security position based on certifications at all as one of the individuals who interviewed me didn't put a lot of weight in them from a practical perspective ... and as someone who holds quite a few certs, I fully agree with him. They help, but they're just a starting point to apply in the real world. You need a very strong degree of dedication and patience sustained in the long-term.

Your original post indicates an enthusiasm which we can all appreciate. However, if you want to get your security career to an early start, you need to develop your search skills as well as professional demeanor. Researching / digging for information is something that to a large degree isn't taught by others, but is demonstrated through your own persistence, and it doesn't seem like you really put in much effort so far as lot of the information others have posted here is already very commonly detailed in this forum and elsewhere on the Internet.

The CompTIA certs are a good start, but it's going to be a long road to becoming a computer crime investigator and I don't mean to sound harsh, but I get the impression from your posts that you might not understand the journey ahead.

Sahil Arora

Thanks for the Dedicated Post Dude and yes i will Understand the Story!!
And still out of Computer Crime Investigator and Computer Forensics,i need great Explanation.
Which one has got Worth position?

docrice

I'm not sure I understand what you mean by "worth position" (a position that pays more, or a position that is worth more personally to you?). The field of computer security is also constantly evolving, so what you consider "computer crime investigation" today may mean something different a few years from now.

You should also understand what it is about this particular area that motivates you. I suggest trying out one of the Honeynet Challenges to get a feel for it.

Sahil Arora

Ya,that's what i am asking,what work we are required to do in Computer Forensics and Computer Investigation,by search on google on some site i don't remember it was written that on Security field,Computer Crime Investigation is the Top Position.

onesaint

docrice wrote: »

You should also understand what it is about this particular area that motivates you. I suggest trying out one of the Honeynet Challenges to get a feel for it.

That is an awesome resource for folks interested in InfoSec. Appreciate you posting it.

docrice

Sahil Arora wrote: »

Ya,that's what i am asking,what work we are required to do in Computer Forensics and Computer Investigation,by search on google on some site i don't remember it was written that on Security field,Computer Crime Investigation is the Top Position.

I hate to be blunt, but it looks as if your research has only been superficial. I've already given you a clue as to the kind of work entailed. I'll leave it up to you to find it as your first challenge.

Sahil Arora

ok,i accept your Challenge,i will find the relevant Information!

ccnaomkar

if u want to become cyber crime investigator
then there is a institute called asian school of cyber laws

Asian School of Cyber Laws


add some certification with above
ccna,ccna security,security+

it will help you to gain some technical side

ccnaomkar

You will become expert(top)after gaining a lot of experience
certs are only addons

Turgon

Sahil Arora wrote: »

From the details of Google,it shows that Computer Crime Investigator is the Top Position among Security Professionals.
And about Security Plus,Comptia Website says that Network + as well as 2 years Security Experience is Required,you can yourself check it!!
CompTIA Security+ Certification

Comptia can say what they like about that but we had a guy on the forum this week who is convinced he can nuke the test in couple of weeks with a book. He has little or no demonstrable security experience.

JDMurray

I think this confusion has come from the FBI now requiring its computer crime and forensic investigators to get both the A+ and Network+ certs. This is an effort to train its people in the technical side of what they are dealing with. CompTIA successfully lobbied to have its certs required by the DoD, and maybe they've accomplished the same with the FBI.

I would say that tech knowledge at the A+ and N+ level is the absolute minimum a computer crime investigator should have, not the pinnacle needed by a truly superior investigator.

Sahil Arora

Ok,but what about my Query?
Through search on Google,i found that Computer Crime Investigator is the top position in iNFORMATION Security field,is it right?

JDMurray

Sahil Arora wrote: »

Ok,but what about my Query?
Through search on Google,i found that Computer Crime Investigator is the top position in iNFORMATION Security field,is it right?

In India? It seems like you should only be concerned about what's the top Information Security position in India. Of that I have no idea.