Getting around the experience issue
Michael2
Member Posts: 305 ■■■□□□□□□□
I recently (six months ago) graduated with an Associate degree in Information Technology and went on to get my certification. The certification I have appears below my name on the left. I am looking for a job as a Network Security Engineer but all the descriptions I've seen require several years of experience. I am wondering how I can circumvent this requirement as I have no IT experience at all. I really don't want to enroll in school again. Would it help if I piled up on certifications?
Comments
-
Mc5ully Banned Posts: 48 ■■□□□□□□□□It's going to be difficult to land a infosec job with only 2 years college experience and a sec+ cert. Adding more and more certs won't help you too much, although a CISSP or something similar might help a little. If i was looking to hire someone for an infosec job I would want someone with real world experience, and degrees and certs only help after the experience already gets you past the door.
I would look for an IT job that will give you access to security experience that isn't really a infosec job. Like an IT specialist job of sysadmin, network admin, etc. -
MrRyte Member Posts: 347 ■■■■□□□□□□Certs won't guarantee a job, but they'll certainly get you noticed. I recommend going for the CCENT and then CCNA: Security for a start:
CCNA / CCENT
CCNA Security
Also; what other certs do you have now?NEXT UP: CompTIA Security+ :study:
Life is a matter of choice not chance. The path to your destiny will be paved by the decisions that you make every day. -
Michael2 Member Posts: 305 ■■■□□□□□□□I don't have any other certs, MrRyte. What happened is I was studying for the CCNA but I wanted to try and get it all done in one shot. I had so much difficulty keeping all that stuff in my head that I decided to just go for a simpler cert. I chose Sec+ because I decided to go for a career in information security. I decided after that I would not pursue any further certifications, but I'm wondering if I shouldn't reconsider.
I can't help wondering why you're asking about other certifications, though. -
Michael2 Member Posts: 305 ■■■□□□□□□□I don't have any other certs, MrRyte. I gave up the pursuit of CCNA because I found it too difficult to remember everything. I decided to pursue a lesser cert like Sec+ instead. Then, I decided not to pursue any more certs because I figured my current one along with my educational background would be sufficient for getting into network security.
-
Michael2 Member Posts: 305 ■■■□□□□□□□Are you saying, Mc5ully, that I should go for sysadmin rather than Infosec?
-
wrwarwick Member Posts: 104I wouldn't say you absolutely need more certifications, but with no experience, it will only help. To be honest, you are not going to get one of the higher level security engineer positions without any experience. LikeMc5ully stated, I would try to get something that might expose you to some security technology.
But again, to be blunt, you will probably have to start off on a helpdesk or a lower junior system admin position. Unless you get really, really lucky, there is no way around the fact that you have no experience. -
Mc5ully Banned Posts: 48 ■■□□□□□□□□Are you saying, Mc5ully, that I should go for sysadmin rather than Infosec?
I'm saying that since you probably won't land an infosec job with your current experience, I would go for another job that will give some security experience. One thing you can do is try and grab an IT job with a small company. That way you will hopefully be one of a few, if not the only, IT person working there. Which means you have to do everything IT related. This includes security related things. -
vCole Member Posts: 1,573 ■■■■■■■□□□Like others have said, a certification and a degree doesn't guarantee employment. However, if you're targeting a job such as a Network Security Engineer - aside from the experience look at all the other qualifications they're asking for - things you need to know, etc.
Your best bet is to get into a help desk/desktop support role with a company that is bigger (Fortune 500ish) or government where you could eventually move up or get some of that security experience. -
networker050184 Mod Posts: 11,962 ModA company isn't going to let someone with no experience engineer anything about their infrastructure. You need to aim at jobs that match your experience level. At this point that's helpdesk, NOC, etc.An expert is a man who has made all the mistakes which can be made.
-
cyberguypr Mod Posts: 6,928 ModI will echo what other have said. Short answer is you can't circumvent it. Truth is in most cases experience is king. How do you define Network Security Engineer? In some places this means a glorified password reset ninja, access badge control, etc. In others it is a very senior position where you will be expected to analyze and secure multiple systems including network, servers, workstations, applications, etc. It is very improbable for you to be able to successfully do the second without experience. I will venture to say that even if you had a Master's and zero experience, you would have a hard time landing a security position.
No matter how you define it, even entry level security position will require experience. In my opinion your best bet would be following wrwarwick's advice and landing a gig somewhere with potential for you to ease into a security role in a couple of years. -
YuckTheFankees Member Posts: 1,281 ■■■■■□□□□□Just like vCole and netowrker050184 said, there's no way a company will hire a person with no experience and the security+ cert for that role. You'll need probably at least 4 years of experience in I.T., maybe a bachelors, and probably more certs. Its nice to have network security engineer as a career goal but you need to crawl before you walk. When I first started to become interested in I.T. around April of this year, I was looking for an instant path to become a network engineer or Pentester..but they simply do not exist.
I was lucky enough to find a NOC position without any I.T. experience and now I know I'll have to work my way up in the I.T. field before I can get my dream job. After researching multiple forums and books, I know I'll probably have to take 1-3 more jobs before my dream job but hey, EXPERIENCE is the deal breaker in I.T.
Just start with any I.T. experience and work your way up, this field will reward you nicely. -
DigitalZeroOne Member Posts: 234 ■■■□□□□□□□I decided not to pursue any more certs because I figured my current one along with my educational background would be sufficient for getting into network security.
When you mention education, do you have a degree? Even though a degree doesn't translate into knowing how to perform the job, companies are looking for it. If you don't have the experience, and you don't have the certs, a bachelors may help. Keep in mind that a good portion of the people that you will compete against may have experience, certs, and a degree...you want to stack the deck in your favor as much as you can. -
Rappeller Member Posts: 67 ■■□□□□□□□□Here is my example. Who would you trust more in the battlefield, a just graduated 2nd LT ring knocker (West Point Grad) who technically does have the knowledge of the job, or a 2nd LT fresh from OCS (Officer Candidate School) who was an E7 before OCS. I'm not bagging on ring knockers, but knowledge without experience tends to get mis-applied in some cases.WGU B.S.IT - Software - Completion Date January, 2015 (Sooner Hopefully)
Courses Completed - EWB2 CLC1 AXV1 TTV1 INC1 WSV1
Courses Needed - INT1 BOV1 TPV1 QLT1 LAT1 GAC1 HHT1 LET1 ORC1 KET1 IWT1 MGC1 WDV1 KFT1 TWA1 ABV1 ANV1 WPV1 CPW5
Transferred- BAC1, BBC1, LAE1, LUT1, IWC1 SSC1, SST1, TSV1 -
Everyone Member Posts: 1,661In Transformers 3, there's a line an interviewer says when Sam is interviewing for jobs...You want the job after this job, but you need this one first.
I wish I could find a clip of that scene, it applies to this and so many other posts like it on this forum. -
docrice Member Posts: 1,706 ■■■■■■■■■■I work as a Network Security Engineer. That's my formal title. In my case, it's not just doing password resets or simple log-watching. I'm responsible for firewalls, IDS, IPS, incident response, log / event monitoring, security product evaluations, packet wack-a-mole, vulnerability scanning, and other things...
And I have quite a few certifications, including the Security+. I don't have a degree.
To be candid, while the certifications certainly helped me with foundations, when it comes to actually doing the job I'm nowhere near as competent as I'd like to be. Real-world environments can be very complicated with a ton of moving parts, stringent uptime requirements, an enormous amount of data to sort through, limited budgets, and gaps in visibility which always need to be addressed. These are things which certification studies (and seemingly academia) don't teach.
Sec+ is certainly a good first step, but there's a lot, lot more to information security beyond that. It very much depends which area of infosec you want to be in as well.
There's no way I'd be able to do what I do in my current position without having done helpdesk / desktop support, server support, and at least junior network admin support in my previous jobs. Those non-security-specific positions really helped me mentally put the puzzle pieces together so things have become a bit more second nature when visualizing data as it moves from one point to another on the network.
This isn't to bluntly or harshly disappoint you, but we all need a reality check. You have a good start, but depending on what kind of "network security engineer" position you're looking for, it would really help you to gain that foundational experience by managing front-line IT systems.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
DigitalZeroOne Member Posts: 234 ■■■□□□□□□□DigitalZeroOne wrote: »When you mention education, do you have a degree? Even though a degree doesn't translate into knowing how to perform the job, companies are looking for it. If you don't have the experience, and you don't have the certs, a bachelors may help. Keep in mind that a good portion of the people that you will compete against may have experience, certs, and a degree...you want to stack the deck in your favor as much as you can.
What the hell...I need a vacation. You mentioned in your post that you have your Associates degree, I overlooked that, my apologies. -
vCole Member Posts: 1,573 ■■■■■■■□□□Also, I'd like to throw another thing out there. You say you stopped studying for CCNA because it was too hard. The reality is this, to stay competitive and reach your goals (i.e.: dream job/money/etc) you need to put it work. There is no magical certification, degree, etc that will make that happen for you. Just good ol' fashioned hard work. As docrice said, you really need a solid foundation. Do doctors get to practice once they have a degree? No, they put in time, and the same applies for IT.
Some of these responses may seem harsh, but sometimes the truth hurts. -
Michael2 Member Posts: 305 ■■■□□□□□□□DigitalZeroOne wrote: »you want to stack the deck in your favor as much as you can.
So you're saying that I should stack up on certs? -
Akaricloud Member Posts: 938So you're saying that I should stack up on certs?
You should stack up on more education, certs and most of all experience.
Do you think anyone would hire you as a network engineer if during the interview you told them you have no experience and the CCNA was too difficult for you? -
MAC_Addy Member Posts: 1,740 ■■■■□□□□□□Are you saying, Mc5ully, that I should go for sysadmin rather than Infosec?
Your best bet is to take a helpdesk job, but don't stop studying. Keep taking certifications and work your way up.2017 Certification Goals:
CCNP R/S -
MAC_Addy Member Posts: 1,740 ■■■■□□□□□□You say you stopped studying for CCNA because it was too hard.
If I were you I'd study and take Network+, then after that think about doing the CCNA again, or at least the CCENT ICND1. That will give you a foundation level into networking, since you wanted to go with infosec certs, this will help you out A LOT.2017 Certification Goals:
CCNP R/S -
docrice Member Posts: 1,706 ■■■■■■■■■■In regards to the CCNA being difficult, I'd probably generally agree since it covers quite a lot. My friend failed it the first time he sat the exam, but he was also relatively fresh at the material. I've heard that it's a lot harder than it used to be five or ten years ago. However, even if you don't actually work on Cisco-branded network equipment on a daily basis, the CCNA subject matter does provide information which is very relevant in today's computing networks. The Network+ is a fine start, but the CCNA ups it some, especially with subnetting.
There are some things you should not rush learning, many of the core CCNA topics included. If you find it difficult to get the subject down, take your time. Networking concepts can be a bit abstract to grasp sometimes since things like "OSI model," "packets," "frame headers" and the like are kind of vague to understand since you can't really "see" them like you can with configuration settings on a screen. Even with debug commands you're not really looking at packets in their natural state. You'd have to break out the protocol analyzer. That's another skill set in and of itself.
From a certification standpoint, I'd almost argue that you really should have your CCNA to even be considered for a network security engineer role. There's a reason why so many other certification bodies respect its value. And to be frank, the CCNA doesn't really teach you all you need to know in any medium-to-large sized networks. It's still an elementary certification in my opinion.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
Psoasman Member Posts: 2,687 ■■■■■■■■■□I don't have any other certs, MrRyte. I gave up the pursuit of CCNA because I found it too difficult to remember everything. I decided to pursue a lesser cert like Sec+ instead. Then, I decided not to pursue any more certs because I figured my current one along with my educational background would be sufficient for getting into network security.
You might try the 2 exam route to CCNA. CCENT>>CCNA. Taking the exam in 2 parts would make the studying easier.