Path after GSEC SEC-401
laughing_man
Member Posts: 84 ■■□□□□□□□□
in GIAC
I have posted a couple of times here on TE. I am currently wrapping up my studying for GSEC. My end date for my exam period is May 23rd, though I hope to sit for the exam before that.
GSEC is my first cert attempt, mainly because my employer is requiring it. I am a junior security analyst, pretty much bottom of the barrel for security where I work. Before this I had general Desktop Support experience for about 5 years. I looked at jumping right into security as a real break for me, and so far I am loving it. My department basically took me on to groom me for log management and incident handling. Right now I am mainly a "log dog", but it is good experience. I am required to attain GSEC before my two year anniversary (this October).
Anyway, I initially felt a little overwhelmed at first by all the material, especially for someone as green as me. I honestly wish I had done Security+ before tackling GSEC. My company really puts a lot of stock in SANS, but I still wish I had done Sec+ just for my own sake.
So after I finish GSEC, I am thinking of doing either GCIH (for obvious reasons), SSCP or CEH. My company also requires me to attain CISSP in order to break into a Senior level analyst position. I won't be eligible for CISSP for at least another 3-5 years anyway, so I am not in a hot rush, especially given everything I else I need to learn.
So given my requirements for advancement, does doing GCIH next or CEH/SSCP make sense? I have seen keatron's recommendations, and with an eventual goal of doing CISSP, would SSCP or CEH be better? I feel like there would be a lot of overlap between SSCP/GSEC.
GSEC is my first cert attempt, mainly because my employer is requiring it. I am a junior security analyst, pretty much bottom of the barrel for security where I work. Before this I had general Desktop Support experience for about 5 years. I looked at jumping right into security as a real break for me, and so far I am loving it. My department basically took me on to groom me for log management and incident handling. Right now I am mainly a "log dog", but it is good experience. I am required to attain GSEC before my two year anniversary (this October).
Anyway, I initially felt a little overwhelmed at first by all the material, especially for someone as green as me. I honestly wish I had done Security+ before tackling GSEC. My company really puts a lot of stock in SANS, but I still wish I had done Sec+ just for my own sake.
So after I finish GSEC, I am thinking of doing either GCIH (for obvious reasons), SSCP or CEH. My company also requires me to attain CISSP in order to break into a Senior level analyst position. I won't be eligible for CISSP for at least another 3-5 years anyway, so I am not in a hot rush, especially given everything I else I need to learn.
So given my requirements for advancement, does doing GCIH next or CEH/SSCP make sense? I have seen keatron's recommendations, and with an eventual goal of doing CISSP, would SSCP or CEH be better? I feel like there would be a lot of overlap between SSCP/GSEC.
Comments
Where are you talking SANS 401? I'll be in the 401 class down in San Diego next month. I'll find out how close the GSEC material is to the SSCP. I'm betting that GSEC is broader more technically difficult.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Oh and I did take the assessment, but about a year ago and I can't retake it. I would like to see how I do now.
JDMurray, why are you taking 401? You have CISSP, SSCP and all that?! GSEC will be a cake walk for you!
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Still, I would think you will find most of the material pretty basic. But I hope you get something new and interesting out of it.