[Total Newbie] Most Useful Certification Path FAST

There are a BOATLOAD of security certifications. Here are some:

CompTIA Security+
CISSP

[h=1]SANS CERTIFICATIONS[/h]

[h=2]GIAC Certified ISO-27000 Specialist (G2700)[/h]Skill Level: Foundation Status: Active
For individuals who understand the ISO-27000 standard and are able to put it into practice. This audit certification is designed for information security officers or other management professionals who wish to demonstrate the knowledge to implementing the ISO-27000 series of standards including an Information Security Management System (ISMS) based on ISO 27002 security controls and ISO 27005 Risk Management methods.
Note: The G2700 certification was renamed on 2/1/2011 from G7799.

[h=2]GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)[/h]Skill Level: Foundation Status: Active
For security personnel whose job duties involve assessing target networks, systems and applications to find vulnerabilities. The GXPN certifies that candidates have the knowledge, skills, and ability to conduct advanced penetration tests, how to model the abilities of an advanced attacker to find significant security flaws in systems, and demonstrate the business risk associated with these flaws.

[h=2]GIAC Information Security Fundamentals (GISF)[/h]Skill Level: Foundation Status: Active
For Managers, Information Security Officers, and System Administrators who need an overview of risk management and defense in depth techniques. This track is for anyone who writes, implements, or must adhere to, disaster recovery or business continuity policies.

[h=2]GIAC Security Essentials Certification (GSEC)[/h]Skill Level: Foundation Status: Active
For individuals who are qualified for IT systems hands-on roles with respect to security tasks. You must demonstrate an understanding of information security beyond simple terminology and concepts.

[h=2]GIAC Assessing Wireless Networks (GAWN)[/h]Skill Level: Intermediate Status: Active
For technologists (auditors, network administrators and penetration-testers) who are responsible for assessing the security of wireless networks. GAWN certification focuses on the different security mechanisms for wireless networks, the tools and techniques used to evaluate and exploit weaknesses, and techniques used to analyze wireless networks.

[h=2]GIAC Certified Enterprise Defender (GCED)[/h]Skill Level: Intermediate Status: Active
For individuals who have more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. Knowledge, skills and abilities assessed are taken from the areas of Defensive Network Infrastructure, Packet Analysis, Penetration Testing, Incident Handling, and Malware Removal. The GCED builds on the security skills measured by the GSEC (no overlap).

[h=2]GIAC Certified Firewall Analyst (GCFW)[/h]Skill Level: Intermediate Status: Active
For Individuals responsible for designing, implementing, configuring, and monitoring a secure perimeter for any organization; including routers, firewalls, VPNs/remote access, and overall network design.

[h=2]GIAC Certified Forensic Analyst (GCFA)[/h]Skill Level: Intermediate Status: Active
For individuals who are responsible for forensic investigation/analysis, advanced incident handling, or formal incident investigation. This certification focuses on core skills required to collect and analyze data from Windows and Linux computer systems.

[h=2]GIAC Certified Forensics Examiner (GCFE)[/h]Skill Level: Intermediate Status: Active
For individuals who collect and analyze data from Windows computer systems. GCFEs have the knowledge, skills, and ability to conduct typical incident investigations including e-Discovery, forensic analysis and reporting, evidence acquisition, browser forensics and tracing user and application activities on Windows systems.

[h=2]GIAC Certified Incident Handler (GCIH)[/h]Skill Level: Intermediate Status: Active
For individuals who are responsible for incident handling/incident response;and individuals who require an understanding of the current threats to systems and networks, along with effective countermeasures.

[h=2]GIAC Certified Intrusion Analyst (GCIA)[/h]Skill Level: Intermediate Status: Active
For individuals who configure and monitor intrusion detection systems, and read, interpret, and analyze network traffic and related log files.

[h=2]GIAC Certified Penetration Tester (GPEN)[/h]Skill Level: Intermediate Status: Active
For individuals responsible for assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.

[h=2]GIAC Certified Project Manager Certification (GCPM)[/h]Skill Level: Intermediate Status: Active
For individuals who participate in or lead project teams and wish to demonstrate an understanding of technical project management methodology and implementation. This certification affirms the critical skill sets associated with making projects successful, including effective communication, time, cost, quality, procurement and risk management of IT projects and application development.

[h=2]GIAC Certified Unix Security Administrator (GCUX)[/h]Skill Level: Intermediate Status: Active
For individuals responsible for installing, configuring, and monitoring UNIX and/or Linux systems. GIAC Certified UNIX System Administrators (GCUXs) have the knowledge, skills and abilities to secure and audit UNIX and Linux systems.

[h=2]GIAC Certified Web Application Defender (GWEB)[/h]Skill Level: Intermediate Status: Active
Developers, Web Application Security Analysts, Auditors, Penetration Testers, Security Professionals responsible for web application security.

[h=2]GIAC Certified Windows Security Administrator (GCWN)[/h]Skill Level: Intermediate Status: Active
For individuals responsible for installing, configuring, and securing Microsoft systems and Active Directory networks. GIAC Certified Windows System Administrators (GCWNs) have the knowledge, skills and abilities to secure and audit Windows systems, including services such as Group Policy, Active Directory, DNS, Internet Information Server (IIS), IPSec, RADIUS, VPNs, BitLocker/EFS, and Certificate Services. Candidates should be familiar with Windows XP/Server 2003 through Windows 7/Server 2008 R2.

[h=2]GIAC Information Security Professional (GISP)[/h]Skill Level: Intermediate Status: Active
For individuals who want to understand information security beyond simple terminology and concepts and the pragmatic applications of the Common Body of Knowledge. This certification will fill the gaps in your understanding of technical information security.

[h=2]GIAC Legal Issues (GLEG)[/h]Skill Level: Intermediate Status: Active
For individuals interested in the law of business, contracts, fraud, crime, IT security, IT liability and IT policy with a focus on electronically stored and transmitted records.

[h=2]GIAC Reverse Engineering Malware (GREM)[/h]Skill Level: Intermediate Status: Active
For individuals responsible for protecting the organization from malicious code. GREM focuses on tools and techniques for analyzing malicious software such as viruses, worms, and trojans. You must be familiar with using Windows and Linux operating environments, and understand programming concepts such as stacks and function calls.

[h=2]GIAC Secure Software Programmer (GSSP)[/h]Skill Level: Intermediate Status: Active
For individuals who wish to demonstrate mastery of the security knowledge and skills needed to deal with common programming errors that lead to most security problems. GIAC Certified secure software programmers (GSSP) have the knowledge, skills, and abilities to write secure code and recognize security shortcomings in existing code.

[h=2]GIAC Security Leadership Certificate (GSLC)[/h]Skill Level: Intermediate Status: Active
For individuals with managerial or supervisory responsibility for information security staff.

[h=2]GIAC Systems and Network Auditor (GSNA)[/h]Skill Level: Intermediate Status: Active
For auditors who wish to demonstrate technical knowledge of the systems they are responsible for auditing. GIAC Systems and Network Auditors (GSNAs) have the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems.

[h=2]GIAC Web Application Penetration Tester (GWAPT)[/h]Skill Level: Intermediate Status: Active
For individuals who have an understanding of web application exploits and penetration testing methodology.

ZombieNo7 · December 2012

Thank you. That is a whole ton of great info. I think I'm going to focus on development and security for Linux. Starting with Linux + sounds like one of the best routes seeing as I could probably pass it now with little studying. From there I think I'll move on to the Red Hat stuff and the LPI 2 along with some security. I've been working with C++ and Java, so I'm going to keep that up and eventually go for the Oracle cert in Java programming. With that kind of diversification, I think I could basically go for any job.

paul78 · December 2012

If your goal is to be a software developer, I personally would not have advised going for any of those certs. Most of those certs are typically geared towards system administrators.

Just bear in mind that hiring managers for developers typically are not going to care as much about those certs.

ZombieNo7 · December 2012

I'm aware that those are mostly geared toward system admins. That's okay right now. I just need a job. Eventually I will be focusing on more development aspects, but this will be the first step on the road there. Even still, I may find that I really enjoy security or admin anyway. Since I'm not an expert programmer or anything right yet, I seriously doubt anyone would hire me to develop anything right yet.

j23evan · December 2012

Fantastic information filkenjitsu. Thanks for grabbing that info! (I might get off my butt and go after that Linux+ after reading this)

[Total Newbie] Most Useful Certification Path FAST

Comments