Advice on possible security career
Madmd5
Member Posts: 83 ■■■□□□□□□□
Hello, all! I am new to this thread although i have been reading many posts for the past month or so about various certs and career paths. I am currently a full-time student about to get an associate's degree at community college, then I plan to pursue a bachelor's degree in cyber forensics & information security at a 4 year college. In the meantime, I have been reading numerous threads here and obviously came to the conclusion that certs are also very important to have in the IT world. My interest is in security, specifically in network security. I have also read articles online that says network security is a declining career, do you all agree? I do want to get involved in network security, but if the job market in a few years isn't that great, I may pursue another area of infosec. I currently have no certs at the moment, but i am planning on getting compTIA A+ within few months from now, along with N+ (accomplished through course at my school), and security+. What do you guys think would be the best route after I study and hopefully receive those three certs? Now i have read many posts and i realize nobody starts out in security career, you start from the bottom up, and that's why I'm planning on getting my A+ to hopefully land me a help-desk position fairly soon. I just want to have a general route to follow during my college career and was wondering what do you guys think is the best cart path for someone that wants to get involved in network security someday.
Thank you in advance for your advice!
Thank you in advance for your advice!
Comments
As it stands now, once you gain sufficient years at the ground level doing systems / network admin work, you'll have the fundamental core knowledge to do network security but there are still many specializations. You could be a network security generalist or possibly something much more specific like intrusion detection analyst, incident handler, web app pentester, etc.. The field is evolving quite rapidly and what's normal or complicated today may be dated and simple in the future.
After Security+, many people do the CISSP. For network security in general, I'd also recommend the CCNA, GSEC, and certs related to the vendor equipment you may use to be effective on the specific job you're hired for. I'd also recommend vendor-neutral certs such as the ones from GIAC - the GCFW and GCIA are such examples. That's more related to traditional network infrastructure. If "network security" for you involves server-side, then the Windows and Unix related pursuits are advisable.
Now that said, currently in the infosec field many of us don't really give much credibility to certifications. They help, but after a while it's more about what you can deliver rather than the letters after your name. That means you'll be evaluated on your attitude, mindset, and general aptitude rather than the framed pieces of paper hanging on your wall. Some places may have HR-based requirements as checkboxes for certain certifications (and HR often doesn't understand any of it and the associated real context), but doing the job itself will come down to your real-world abilities more than anything else.
I can't speak for other areas of the IT industry from a career perspective, but being in security requires a lot of upkeep. You have to stay on top of your game, read industry news every day, be sensitive to the changing threat landscape, be critical and scrutinizing in your evaluations of vendors and their products / services, and adopt a constant vigilant attitude. This all comes with a price of updating your training, time spent reading up on the latest issues, and managing a lot of details.
It can be fun, but only if you're ready for the workload and the constant uphill battles you'll face with selling ideas to management, justifying budget, and helping ensure compliance.
But that said, I also believe that infosec careers as a whole is likely to increase as the Internet access continues to globally become more ubiquitous.
I strongly echo docrice's sentiment that in the infosec field, little credibility is given to certifications. I work in information security management. And while most of my peers do hold some certifications, mostly ISACA and ISC2 certs. The certs that I hold, I have obtained as an after-thought. I didn't actually hold a single cert until after about 23 years in IT. My recent interest in certs is primarily driven by my discovery that certs offer a structured and easy approach to continued learning with a knowledge challenge as part of the exam.
I find that to be successful in information security, having a good foundational knowledge of various technologies helps very much. Technical knowledge isn't the only way into an infosec career; it takes a very broad set of skillsets to make up a large enterprise risk and infosec organization. For example, I work with people from a variety of backgrounds including law enforcement, legal, project management, audit, etc. The more successful individuals have a combination of broad expertise.
Like paul78 mentioned having a good foundational knowledge helps. Certs? not sure I think it helps but if you are pursuing certs and you don't have experience in systems administration I really don't see how earning a degree in Information Security will even help. I think some companies that don't know any better might give somebody a shot if they see certs and an Infosec degree but I know for myself I would get destroyed in interviews. Well destroyed if I interviewed in front of somebody that knew anything.
Last couple of jobs I interviewed for I always get asked scenario questions and anybody with half a brain can tell when somebody is giving a book answer and somebody that keeps up to date on security practices, current events and has a sys admin background.
The scenario questions are where they determine what your experience level is and how much of a creative thinker you are. I am able to give dozens of examples where I can show I had experience in different areas and where I am not that experienced in but can figure it out eventually.
I am not that big on schools creating Infosec degree programs at the bachelor level or even Masters (yeah I know I am getting one soon but it was 12 years after I started in IT) I think as a minor with an emphasis on systems administration and some courses in ethics, legal, administrative security would be a better choice.
As all the previous posters have stated, the best way to get in to security is to start off as an administrator (i.e. systems administrator, network administrator, etc...). When you've mastered being an administrator, then you'll be able to successfully move in to security. The best way to think of it is this: you need to know how something works before you can tell where security holes are.
a some of the areas are:
Btw - if you have not seen the list provided by @pinky before - do spend some time at www.isc2.org. The domains listed are the requirements to earn a CISSP designation.
There is also good reading at SANS Information, Network, Computer Security Training, Research, Resources. The whitepapers are a good introduction.
Anyways, welcome to TE. I hope you enjoy your trip.
Well how can you trust someone to secure your network when the guy havent worked in one.
Pinky has a lot fo areas where you can focus in security.
You should focus in gain experience in different areas, in desktop if you wanna to system sec or related
or get in a NOC for example if you want to end up in network security related fields
Before or while you do that, get your basic certs and knowledge, like A+, Net+, CCNA, MS ones, Sec+
Then while gaining experience study for your security certs and about security subjects
You got a lot of info in this thread
Infosec quick?
----
To OP
NOC = networking operating center
Yes its possible to land it without previous experience. But a good Net+ and A+ would help you a lot.
But in the one I work for we have people from 1-2 years of college to made professionals
currently: no certs or relative IT experience
Spring 2013: pursue compTIA A+
Spring 2013: receive my associates degree
Spring 2014: pursue compTIA Network+ (offered as course in my degree program)
Spring 2015: pursue compTIA Security+
Spring 2015: receive bachelor's degree in Cyber Forensics & Information security
I also plan on taking Cisco certs down the road at some point
i would work in a CCNA prior to graduation. in fact, you should do that right after your net+ because there is overlap in the material. Then do the security+ and then the ccna security(again, overlap). between those and your Bachelors you should be in good shape with strong foundational knowledge and hopefully some experience during those 2 years as well.
Good luck!
Take network intrusion detection as an example. If your IDS alerts that a machine inside your network received a specific exploit, to better measure potential impact you need to factor in whether the attack only affects Windows, Linux, or other. Other items such as patch levels, server configuration, client share permission settings at the time of attack, etc. all need to be considered to reduce the chance you go on a wild goose chase on a false positive event. Knowing how the auditing logs are recorded / tainted is also something one needs to think about.
And so on...