My IT Career so far

whatarethey

I'd like to get some input on the direction I should take my career. I'll provide my background a bit... I've been in IT for... almost three little years now, lol.

Dec 2009 - Jan 2010.....: PC Tech. 30k/yr. Hardware Repair, Installations, Data Destruction, Database and some Programming. I got my A+ right before this and listed "10+ years experience" with computer troubleshooting and repair, none of it professional. Job was okay, but worked in a warehouse environment. Developed an inventory management and accounting system for them... in access (yes by the time I was halfway done I was wishing I had started in some .Net language)

Jan 2010 - August 2011.: Sys. Admin. 40k/yr. Worked with Cisco switches, set up VLANs, PBX/VOiP systems, managing systems in a call center as well as a few satellite locations. Worked a lot of Open Source/Linux and Virtualized Servers/Converted 500+ seat call center to a customized version of Puppy Linux that booted via PXE from an Ubuntu server (this was cool). Got Firewall and IPSec/VPN experience as well traveling and setting up satellite locations. I got my Security+ and Network+ Certificates while working here. Exposed to TONS of technology with this job. Performed some help-desk type stuff as well.

August 2011 - Present...: Network Admin. 65k/yr. Tons of access-control type stuff for banking systems/software/shares. I do a lot of AD/GPO security stuff, scripting, software deployment [bi-coastal], IDS/IPS monitoring (it's a vendor so not that involved). Basic Exchange/Communicator. I received by CCNA while working here. Job is kind of boring, but the scripting keeps me occupied. If I see something that would take someone 30 days to do (like adding 500 accounts), I'll offer to write a script that will perform the drudgery in about an hour. People here are inept and there is way too much red tape. I keep being put on help desk way more than I want to because the help desk staff they bring in doesn't know what they are doing and they keep changing them. Supposed to move toward more Networking type stuff, but we use a lot of vendors and don't even have write access to our routers and switches! I've never even SEEN the firewall interface here.

I'm almost done with my B.S in Computer Science as well. It'll be about another year and a half, maybe two years.

I'm trying to figure out my next cert, and it's driving me nuts. I'm not sure which path to take from here. I THINK i want to get into network security.. locking down networks/pen testing and stuff like that... probably for DoD.

I've looked at the CISSP which isn't technical but seems more valuable than it's more technical little brother. The 5 years of experience is more than I have. I don't even have four years if I waive one year with the Security+.

I've looked at the CEH. It seems interesting. I have a book for it. I can probably scrounge together the two years of experience with this one. The stuff to keep it current seems like a scam tho.

How about CCNP at this point? I don't really get ANY experience at all on cisco equipment here, so I guess I would have to build a lab or find some good simulation software/labs.

Anyway, gotta go! Be back later to check on responses. I greatly appreciate any responses that any of you long time IT folks can give me regarding my current path.

smoothdude11

You are kind a little ahead of where I am in my career, and I am also wondering which way I should go. I really wanted to go the CISSP route, however, I have found that I have a love for virtualization and databases. I just finished getting MS SQL 2008 certification, and I just finished working as a DBA for nearly a year. The other thing that you may find interesting and has a big need (in NC anyway) is Linux Red Hat administrators.

Let us know what you decide, as I am in a similar dilemma.

matt333

Microsoft is a safe choice IMO.. It would definitely add to your current cert list MCITP:EA or SA have a good value.

the_hutch

whatarethey wrote: »

I've looked at the CEH. ...The stuff to keep it current seems like a scam tho.

I'm curious what you mean by this? How does it seem like a scam? EC-Council is one of the few certification bodies that doesn't actually make you pay money to keep your cert current. Once you get one of their certifications, you just register for the ECE program and you're in. No annual dues. Other than that, the program is very similar to any other continuing education program. I consider it far less of a "scam" than all these other companies that charge you $50-$100 a year in fees. Or make you pay to retake the test every 3-4 years.

healthyboy

looks like you have being in i.t for 2 years and a half

you have done well at earning 65k and you have done alot of things.

Raisin

You can still take the CISSP exam and be an associate until you meet the requirements to be fully certified. It sounds like you'd only have to spend about a year or so as an associate before you meet the experience requirements.

Iristheangel

@OP - Sounds like you're really interested in security which is great. The CCNP is fun. If you concentrated it in security, it definitely would get you a lot of attention and you would learn a LOT from it. As far as getting a lab together, you could use GNS3 and/or buy a lab off ebay. I ended up getting myself a nice little lab with four routers, four switches and a mini-rack for about $500 off there with warrenty and the IOS images.

If you're a techie, then the CISSP and CEH might be a little dry to you but they will look good on paper and you will learn a lot of the framework that you can later build upon.

One certification track you might want to thing about is the Offensive Security certifications. They are hardcore certifications and I have to admit that I'm impressed by the exam method: Instead of answering dry multiple choice questions, they give you a virtual network, a certain amount of time, and tell you to hack it. You have X amount of hours to get it done and document everything. One of my goals is to one day get through that track just for the fun of it, but I'm weird like that

whatarethey

the_hutch wrote: »

I'm curious what you mean by this? How does it seem like a scam? EC-Council is one of the few certification bodies that doesn't actually make you pay money to keep your cert current. Once you get one of their certifications, you just register for the ECE program and you're in. No annual dues. Other than that, the program is very similar to any other continuing education program. I consider it far less of a "scam" than all these other companies that charge you $50-$100 a year in fees. Or make you pay to retake the test every 3-4 years.

I mean a scam as it seems as if you can submit and "claim" whatever floats your boat. Seems like if they will allow you to submit watched you tube videos or magazine articles than why even have the process at all? Perhaps I am wrong about this though. I'll admit I haven't read into it that much. A little bit more explanation of the process is welcome however

whatarethey

Raisin wrote: »

You can still take the CISSP exam and be an associate until you meet the requirements to be fully certified. It sounds like you'd only have to spend about a year or so as an associate before you meet the experience requirements.

Oh, that sounds interesting. I was not aware of that being an option - but I imagine I could put it on my resume.

whatarethey

matt333 wrote: »

Microsoft is a safe choice IMO.. It would definitely add to your current cert list MCITP:EA or SA have a good value.

I was doing some research on the MS certs, but the general outlook I got from them was pretty dim. As a matter of fact, every time I go to figure what what my next cert is going to be, I come across all of these "IT is dead" type articles that drive me insane. Perhaps I'll check some job posting boards and search for cert names to get a more realistic outlook.

ChooseLife

whatarethey wrote: »

Seems like if they will allow you to submit watched you tube videos or magazine articles than why even have the process at all?

Perhaps to be compliant with a certain ISO certification program (for their certification itself)? I know there is a requirement for periodic recertification, which forced some vendors to cancel previous "lifelong" certs.