The "which cert should I get" but with a twist - how to prioritize for maximum pay?:)

My background...

I have 10 years of technology experience including software development (e.g. C, VB etc..), program management, project management in Windows operating systems, application security, IT security etc.. and I have a degree in Computer Science. I'm the jack of all trades and have enjoyed the adventure.

Most of my background comes from Windows since I worked at Microsoft for the majority of the time, however, I am looking to expand to other platforms. I have worked with Linux and Virtualization but far from an expert.

Currently, I am a Technical Account Manager focusing on security products making ~100L and feel very fortunate to do so. It has required a lot of hard work, but also luck. Like everyone, I'm looking to make 'more.' Cert wise, I only have the CISSP which I from a career perspective, has helped me quite a bit. Moving from my old job, I am making 30% more / year. It was a great learning experience and for those that qualify, I say bust your ass and skip everything in between.

My philosophy is that although certifications will only go so far, a cert book + real hand exercises (e.g 'virtual labs') can be very valuable and provide a solid roadmap for technical development. I believe they can be a great stepping stone and filling in the gaps in tandem with intens labs and/or experience.

Right now, I'm trying to prioritize between..

RCHA
CCSK.
WireShark (simply for the technical troubleshooting aspect).
CCNA.
X virtualization cert (which one?)
LCP-1
ITIL (more management focused..)

Not really interested in 'stepping stones' such as Linux+, Network+, Project+ etc.. When I go for something, I go big or go broke.

My goal? Pretty simple: make the most $$.. with the least amount of effort and stress

.
The roles that *I* am aware of that will take me to the next level are...

1.) Systems Engineer. I've heard SE's making base of six figures and bonuses/commission upto 50% of their salary.
2.) Security Architect. 120 - 200K.
3.) Security Manager -> Director of Security --> CISO.

My 'ultimate' role? A CISO/CIO.. I think. Writing about it, I'm thinking a path to it might be something to the effect of technical -> management -> technical > management focus.

What am I leaning towards? Right now... Linux since my knowledge is fairly (but not completely) limited. Different paradigm coming from Windows.

Again, I'm interested in all of them, but I am looking for help in 'prioritizing.'

Thanks a lot!

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

paul78

I imagine that being a Microsoft TAM exposes you to lots of aspects of the business side and more importantly gives you access to customer perception. That's probably one of the most valuable experiences towards getting to your goal of being a senior management role.

With the type of experience and background that you have - I would say that there really isn't any order - at this stage in your career - it's probably more about continuing education.

Given your goal - having ITIL knowledge would be practical. You mentioned security - what about ISACA certs like CISM - not sure that you would qualify without actual infosec management experience but you may want to check it out.

You may also find this thread on TE interesting - http://www.techexams.net/forums/general-certification/73538-certs-cio-ciso.html

erpadmin

With that kind of background, I would just focus on ITIL and PMP/CAPM. (If you feel that PM experience is light, then CAPM is fine.) I would also consider going back to school for a MS since a lot of shops would definitely consider you for supervisory/management positions. Since you have a CISSP, then I would focus on jobs that will give you some IT security management experience.

You got a nice background...but you need to better focus on what you want to do...I would personally not bother with the other certs you are looking for, since your experience AND degree should carry you into more of a management realm.

Here is the million dollar question though...are you willing to move to another area if it meant working toward your career?

paul007ex

Paul/Erpadmin - Thanks for the insightful responses! Based on what I am hearing, and based on some additional thinking, ITIL & RHCA/RHCE bubble to the top. Right now, I'll focus on Linux at least for a a few weeks/couple of months just to get deeper into it, even if I don't actually end up going for the cert. Our products do run on Linux and we have a growing list of customers that run Linux platforms. I'd like to be able to rely less on some of our in-house Linux guys for Linux issues. The main cert focus will then become ITIL.

As to moving, the answer is YES, YES and YES! I've been in Seattle for about 20 years, and with the exception of August, it's cloudy, ugly and cloudy 11/12 mos out of the year. Hate the weather. Not everyone feels that way, but I do... I'm looking to move to anywhere that is sunny and has at or below the same cost of living. Shouldn't be hard to do the latter. High on my list are San Diego CA & Austin TX. Suggestions?

Thanks!
-Paul

networker050184

Honestly when you get up to that many years of experience the certifications are probably not going to give you much in the way of a pay raise unless you are currently severely under paid. I would say the greatest jump in pay with certifications would be going from mid to senior level work. From the sound of your post you are already at the senior level. At that point certifications will probably not be a very big factor in your pay though they will definitely still help in getting your resume pulled.

ptilsen

I don't see much value in product certifications at this point. I mean, the standard MS, Linux, and Cisco certs still apply, but I think you'll do better focusing on security, PM, or business/management/process areas.

CAPM and ITL would both make sense, as would the CISSP specialization, some of the GIAC certs, or maybe something from Offensive Security.

If you're really serious about going into the management side, forget about certs and start working on a Master's degree, probably an MBA or at least MS in Information Assurance.

If you want to stick with technical and just branch out into other technologies, the product certs are fine. RHCE or CCNA would be good.