from IT business to IT technician??

I have a 10+year background in law, contracts, IT finance, etc., and am moving into the technical realm with a Cyber Security specialist position, primarily writing and reviewing information security documentation, but I want to work in Computer Forensics eventually. I thought that my current role would be more hands-on in the sense that I would be shoring up vulnerabilities and doing pen testing one day, but I think because of my legal background, it was thought that I'd be ideal at working with the documentation and assisting with audits. That is fine since I'm using this is an opportunity to learn about ports and services, vulnerability assessments, and the like and be one step closer to the technical realm... I want to get my Network+ and Security+ certs and I've even been told that my job would pay for CISSP training, but I still don't feel like I understand the absolute basics of how to monitor a network. I'm also getting my master's online P/T in Information Assurance and CyberSecurity after transferring out of the MIS program and was warned that I might need an understanding of programming and calculus to do well in some of the courses. Uh oh! For that, I'm planning on going to the library later to read up on basic programming but I really learn best by doing. Any suggestions on how I can best get a legup on this material? Do I need to create my own "lab" at home and if so, how? I'm middle-age at this point so I don't have another 20 years to build my career (at least I don't think!) Thanks much for any recommendations...

Plus, my resume is so heavy on software compliance, asset management, and license management from a contractual perspective, no one even believes me when I say that I want to gain technical expertise! My manager roles his eyes because he wants me to follow the management track and I keep saying that I want to be hands-on with computers!!

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

pinkydapimp

How long are you willing to put in? I mean, you could take some free online programming classes. I believe stanford offers some. Then, i would say get a ccna. That should cover some of the basics of programming and networks. Then, maybe take an ethical hacking class or grab a Sec+ or CCNA Security. Then grab your CISSP. that would be a good path. but that may take about two years. In the meantime it sounds like you will be learning the high level stuff.

Being Middle age, with the experience you have, there is tons of stuff you could do that is technical, but that utilizes your background so that you dont need to learn all the technical stuff. CyberSecurity is a huge field. Keep in mind most of the real technical folks in cybersec have been studying it for a while. But if thats really what you want, the above would be a great start.

Good luck and let us know how it goes.

wes allen

I thing the common thought is to skip N+ and just go with CCNA. Sec+ is a good to help with basics, and depending on your experience you may might the requirement for CISSP as well.

There are a lot of areas within infosec, some maybe seem more exciting from the outside then actually doing them though. Forensics and Pen testing are two that are mentioned as having a bit of a disconnect between what people think you do, and what you actual do. I would highly recommend just spending a couple hours reading through the threads in the infosec area here - just right click and open anything that seems interesting until you have 20+ tabs open, then read those and repeat. Click on links to blogs, more info, etc. Just try to get a feel for where you want to go.

pinkydapimp

here are all the CISSP domains. This gives you an idea of the many areas of Information Security. If you do study for the CISSP you will gain a better idea of which domain you may want to work in and you will gain a pretty broad range of knowledge in the field.

Access Control – a collection of mechanisms that work together to create security architecture to protect the assets of the information system.
- Concepts/methodologies/techniques
- Effectiveness
- Attacks
Telecommunications and Network Security – discusses network structures, transmission methods, transport formats and security measures used to provide availability, integrity and confidentiality.
- Network architecture and design
- Communication channels
- Network components
- Network attacks
Information Security Governance and Risk Management – the identification of an organization’s information assets and the development, documentation and implementation of policies, standards, procedures and guidelines.
- Security governance and policy
- Information classification/ownership
- Contractual agreements and procurement processes
- Risk management concepts
- Personnel security
- Security education, training and awareness
- Certification and accreditation
Software Development Security – refers to the controls that are included within systems and applications software and the steps used in their development.
- Systems development life cycle (SDLC)
- Application environment and security controls
- Effectiveness of application security
Cryptography – the principles, means and methods of disguising information to ensure its integrity, confidentiality and authenticity.
- Encryption concepts
- Digital signatures
- Cryptanalytic attacks
- Public Key Infrastructure (PKI)
- Information hiding alternatives
Security Architecture and Design – contains the concepts, principles, structures and standards used to design, implement, monitor, and secure, operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity and availability.
- Fundamental concepts of security models
- Capabilities of information systems (e.g. memory protection, virtualization)
- Countermeasure principles
- Vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)
Security Operations – used to identify the controls over hardware, media and the operators with access privileges to any of these resources.
- Resource protection
- Incident response
- Attack prevention and response
- Patch and vulnerability management
Business Continuity and Disaster Recovery Planning – addresses the preservation of the business in the face of major disruptions to normal business operations.
- Business impact analysis
- Recovery strategy
- Disaster recovery process
- Provide training
Legal, Regulations, Investigations and Compliance – addresses computer crime laws and regulations; the investigative measures and techniques which can be used to determine if a crime has been committed and methods to gather evidence.
- Legal issues
- Investigations
- Forensic procedures
- Compliance requirements/procedures
Physical (Environmental) Security – addresses the threats, vulnerabilities and countermeasures that can be utilized to physically protect an enterprise’s resources and sensitive information.
- Site/facility design considerations
- Perimeter security
- Internal security
- Facilities security

paul78

Having a lab to work on stuff hands-on will certainly be helpful. I am kinda curious, why do you want to be hands-on?

SwitchingGears

Hmmm, I can relate, I am a PI by trade and have a superb grip on anything and everything related to civil litigation. I worry that like you, I might get hired on some place due to the many hats I can wear, and that the technical position I seek will go by the wayside. That's why I am trying to steer clear of eDiscovery since I'm so closely related to the field.

I'm currently half way thru a computer forensics program which will lead me to EnCe certification. The class is not vendor specific and we are learning open-source Linux tools, EnCase, and FTK. Most importantly, we are being taught the processes being performed by the tools, and not just the fact you can click a mouse and get results. Also, the skills you mention will actually serve you well in the computer forensics world since a large part of it is understanding the legal process and scientific methods which must be followed. Technical skills - I am in class with several CISSP's and everything has been pretty new to them too, except for some of the newtork monitoring portions. No math yet, but I'm not sure that any will be required beyond understanding binary and hexadecimal numbers.

Like you, I need to get some formal network training. I was trying to enroll in the Cisco Networking Academy with the goal of a CCNA, but my registration was too late for this term. Rookie mistake for thinking classes would actually be open, lol. Not easy getting back into the game after 20 years! Keep that in mind if enrolling with schools in your local area.

razz2525

Thanks to all for your replies, especially pinkydapimp, for the breakdown of all the knowledge areas - I should add that I used to be a federal probation officer and cybercrime fascinated me so based on this listing, access control, attack prevention and forensics appeal to me the most. I will definitely do more research on forensics because I'm getting the impression that it's not as investigative as I think.

I want to stay as far away from the "legal" element of it, since I used to be an attorney (contracts/transactions) many, many years ago and want nothing to do with that. Like SwitchingGears, I am always being drawn into contractual review somehow because of my law degree which is why I want to go hands-on. As long as I'm in the documentation/regulation realm, I'm separated from the technical folks and the message is "We don't really need to know how to works, just the standards that cover it," and I always hated that about supporting IT departments from a legal standpoint. I always wanted to know what the software or hardware did, why it was needed, the platform it ran on, and what the IT security pitfalls were, just for my own education, and the IT depts were very miserly with that info: frankly, I didn't need to know about it in their opinion because I was the contract/procurement agent. If I am hands-on, I will be firmly categorized as technical, and that drive to keep getting me back to the legal/document world will stop (hopefully!). I know such legal or regulatory knowledge is a plus and I am enjoying learning about it, I just want people at my job and other potential employers to not weigh that so heavily going forward. I think that once I have some programming and certs on my resume, I will be viewed with a different eye...

SwitchingGears

Razz2525 - one of our forensics instructors is an FBI guy/Director of the Regional FBI Crime Lab...and a lawyer too

razz2525

I've been researching CCNA - it seems that you need a good background in Cisco iOS which I don't have. Should I start out with A+, Network+ and then move onto Security+ before I embark upon the CCNA? My co-worker is going to a boot camp to get his CCNA cert and he's been working with Cisco on and off for 10 years.

I also spoke to someone who is a CEH and he said that the InfoSec boot camp was a great course but I'm not ready for that yet!!