ICS Security engineer - career path advice
aizzaac
Registered Users Posts: 6 ■□□□□□□□□□
Hi to all of you.:D
My main goal is to become an Industrial Control Systems security engineer.
I like all types of networks: wireline, wireless, cellular and industrial. In critical infrastructures all of these can be found.
Currently I posses a CCNA, ODBA and MCITP. But i definitely prefer networks over systems and databases.
I was considering getting a security certification. I thought of CEH, OSCP and later CSSA. I definitely want to work in security (designing secure infrastructures and from time to time developing applications using embedded software).
But after reading many posts in this forum I am confused. I read that CEH uses outdated applications and has a lot of theory, that OSCP is not for networks but for applications. And also that there are many "institutions" that offer their own certification.
There are many people in this forum that has lots of certifications and experience, so please, which certification would you recommend that has a good reputation, and that it is for networks?
Thank you for your advice.
My main goal is to become an Industrial Control Systems security engineer.
I like all types of networks: wireline, wireless, cellular and industrial. In critical infrastructures all of these can be found.
Currently I posses a CCNA, ODBA and MCITP. But i definitely prefer networks over systems and databases.
I was considering getting a security certification. I thought of CEH, OSCP and later CSSA. I definitely want to work in security (designing secure infrastructures and from time to time developing applications using embedded software).
But after reading many posts in this forum I am confused. I read that CEH uses outdated applications and has a lot of theory, that OSCP is not for networks but for applications. And also that there are many "institutions" that offer their own certification.
There are many people in this forum that has lots of certifications and experience, so please, which certification would you recommend that has a good reputation, and that it is for networks?
Thank you for your advice.
Comments
-
the_hutch Banned Posts: 827Hi to all of you.:D
My main goal is to become an Industrial Control Systems security engineer.
I like all types of networks: wireline, wireless, cellular and industrial. In critical infrastructures all of these can be found.
Currently I posses a CCNA, ODBA and MCITP. But i definitely prefer networks over systems and databases.
I was considering getting a security certification. I thought of CEH, OSCP and later CSSA. I definitely want to work in security (designing secure infrastructures and from time to time developing applications using embedded software).
But after reading many posts in this forum I am confused. I read that CEH uses outdated applications and has a lot of theory, that OSCP is not for networks but for applications. And also that there are many "institutions" that offer their own certification.
There are many people in this forum that has lots of certifications and experience, so please, which certification would you recommend that has a good reputation, and that it is for networks?
Thank you for your advice.
Most of what you said is accurate. CEH is a vendor-neutral certification and it is the best choice if you are looking for a DOD job, as it is now an 8570 certification. OSCP only uses Backtrack (a pentesting linux distro) and is a better choice if you are looking for a more hands-on learning experience. And yes...OSCP focuses primarily on web-app attacks. Hope that helps. -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■I'm no expert in this, but I believe your focus should be to begin working an an IT person in an industrial industry. Once you're in, you could then see what certs/experience/knowledge you would need to obtain to move into the security aspect of that job. I think you will be hard pressed to come from the outside of the industry and start securing those systems. Building up the knowledge of how those systems work is what will be needed to then begin securing them. Good luck!WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
aizzaac Registered Users Posts: 6 ■□□□□□□□□□Thank you for your answers.
I wish some day design applications like those in backtrack, and maybe improve those that come with the EcCouncil course. What programming language should I start learning? Right now I am proficient in assembler.
Bye -
afcyung Member Posts: 212CEH is a vendor-neutral certification and it is the best choice if you are looking for a DOD job, as it is now an 8570 certification.
Going to have to disagree. It is only good for CND coded spots. If its a generic Sys admin position the best cert to get would be Sec +. Since it covers IAT1-2 and IAM 1 positions.