Hello everybody,I hope to learn from others experiences.
I have read other posts with situations similar to mine which have helped me a great deal. I would like to get more personal advice though so here I go:
A little about myself(I have tried to keep it abbreviated to keep you guys from stopping reading my post till the end):
+10 years in IT, most of them in Portugal, some abroad.- Most of my experience has been as a programmer in different platforms/languages
- A lot of experience as a Database Admin & programmer
- Some years of experience as a freelance internet consultant, touching different areas, such as web development and integration, hosting services, web scraping programming in Java & Javascript(having had to deal with extensive use of proxies and anonimization)
- Some work experience with Linux & Windows boxes administration
- I don´t have a College Degree. I started working in IT in the 90´s after some very specialized training given by a big IT comany to cover booming demand.
- My knowledge of Networks & Security is very limited.
Right now I am at a turning point because internet consultancy at the freelance level is not working for me any more. I have allways been very attracted to Internet Security in general and to IT Forensics specifically since I started knowing about it for some years.
So I have decided to completely recycle myself and I want to devote some time full-time to get training aimed at gaining high quality knowledge and some certifications of that knowledge to be marketable and fit to work in the IT Security sector and maybe eventually in Computer Forensics area. I want to do this as quick and as effectively as possible, but establishing a good knowledge base that allows me to succeed both personally and professionally in this new career path turn.
So after a lot of digging I have my eyes specifically into the SANS OnDemand training, and this is what I have decided to do so far(and here is where your experiences and opinions might help me validate my decisions). In the following order:
1) Take the
SANS “SEC401: Security Essentials Bootcamp Style” OnDemand course
2) Prepare and sit for the GSEC Cetification exam
3) Take the
SANS “SEC560: Network Penetration Testing and Ethical Hacking” OnDemand course
4) Prepare and sit for the GPEN Certification exam
5) Take the
SANS “FOR408: Computer Forensic Investigations - Windows In-Depth” OnDemand course
6) Prepare and sit for the GCFE Certification exam
7) At this point in time, ideally, be in a position to be higly marketable for the booming IT Security sector and get a job. In my country, Portugal, we are about 2 years behind in comparison to more highly advanced countries in this field.
Once I would hopefully be working in IT Security and having a broader and more experienced perspective, (and ideally having my employer pay for some training) maybe get a very advanced course, depending on the direction taken by my career, like:
-
SANS “FOR508: Advanced Computer Forensic Analysis and Incident Response”
or
-
SANS “SEC660: Advanced Penetration Testing, Exploits, and Ethical Hacking”
I am ready to hear any opinion on my situation and plans, its logic, feasability, etc...
I am also very interested in hearing about anybody that has taken any of the mentioned courses and prepared the corresponding certification to have an idea on how much time I should plan to devote for each of them, considering that I will be dedicating full-time to the training and exam preparation.
Thank you very much in advance!
Joao:)
