Certifications for Salespeople

I'm looking into pursuing a software sales role within the security industry. Very interested in helping entities solve the types of problems that this industry confronts. I'm currently selling advertising software that is fairly complex and have been in a sales role since 2007. That said, I have zero IT and security experience.

Info I'm looking for

Best certification to start with (been considering Security+)
Best 2nd certification
Any additional info from people who are in a sales role or know someone in such a role would be greatly appreciated

Find more posts tagged with

Comments

Plantwiz

For a basic certification, look at the CompTIA certs. Sec+ is obviously one such cert.

What sort of IT are you looking for? You state 'security', but that is pretty broad. Do you want to consult? Likely a good place for someone with sales experience. Or are you looking to settle into a single corporation and work as part of a team?

Net+, Sec+ and maybe/maybe not the A+ will be the first steps most likely. These will provide a general foundation and from there you will branch out into more specific IT areas, either MS or Cisco. What about picking up a degree? You'll fair a bit better with a degree than a few certs with limited experience.

Setup a lab and practice, but lab scenarios will only take you so far, you will need to get your hands dirty...and that may come by way of volunteering to gain the experience and exposure to technologies as well as networking with IT people in your area.

Protector

Good question. Admittedly, I haven't figured that out. If you look at what RSA (by way of EMC) offer products-wise that's how I'm looking at it: http://www.emc.com/security/index.htm. Advanced threats are interesting.

With a grad degree, I'd need a bunch of prerequisite knowledge, no? Like general Cosi.

Should I be learning a language (C)?

Protector

Also a separate question - should I continue to use a Mac or should I become more familiar with PC in terms of operating devices for all things-IT Security?

stryder144

To Mac or not to Mac, that is the question. You could download VirtualBox and load Windows 7 on that, assuming you have enough RAM and a processor that supports hardware virtualization. That way, you can still use what you are familiar with while also being able to lab using the Windows VM.

NovaHax

As a security consultant that works with a lot of vendors and security sales folks...I can tell you that you will have a difficult time being successful or even getting a job selling security products without a background in security or at least IT. They aren't the most technical people...but most of the successful one's are still knowledgeable about the underlying security principles. They just don't know how to connect a serial cable to a server or what those crazy 32-bit and 48-bit addressing flying around mean.

docrice

Generally you're going to fall into either the sales representative/account manager or sales engineer role.

If you were a sales rep for security product/service xyz, I'd be the type of person you'd be selling to since I'm currently responsible for researching, evaluating, and recommending the purchase of security solutions as well as ultimately deploying them in my organization. To be blunt, you can either be the sales guy who helps me realize the potential of what you're selling and make the meeting time valuable, or you can be the sales guy that rambles on about Gartner's Magic Quadrant while forwarding to the slide listing the logos of your customers and inserting the trendy buzzwords after every other sentence ... and then handing it off to the sales engineer. I get very irritated at the latter because I have little time to waste. I usually make it clear up-front at the beginning of the meeting that I'm more than likely familiar with the general technology being sold and I don't need the long-winded introduction.

So more often than not, I'm spending the majority of the meeting hour asking questions to the sales engineer who is typically the tag-along point-of-contact for these types of engagements. I ask very direct questions and if I don't perceive a sufficient level of competency, I'll get impatient and I'm not afraid to let it show. Security offerings are generally complex products which address complex problems, but there's a rather steep learning curve to these things and without a strong background in IT, it will show. People who aren't very technical but try to pass themselves off as such are always noticeable. Standing in front of customers who scrutinize claims for a living will be a hard audience in general.

I'm not trying to be high-horse about this, but infosec professionals are a busy bunch and the last thing we want is an unproductive meeting. I've met my share of sales folks who work well with me, and then I've also met my share (particularly with some vendors) who I will barely communicate with after the sale because I've discovered I get more value reading the admin guides than getting another pep talk about some new appliance. You won't tempt me with the vendor lunch. If I want a quote, I'll reach out.

So with that warning in mind, there are plenty of opportunities in the security industry. If the various security conferences are any indicator with the growing list of vendor booths, the sector is growing. The intertwining of the problems and cross-hatching of solutions and integrations are growing constantly. This means you have to be ready to keep up with the pace. It sounds like you can handle complexity, so now it's a matter of ramping up to speed.

There are some certifications that I often see on business cards. Security+ isn't going to grab my attention (as a matter of fact, it might cheapen your image depending on your potential customers), but learning the material is a good start. The CISSP is sort of de facto, but it's one of those things many people get because it's recognized (for good or bad). Other cert recommendations will depend on the type of product or service you'd be selling. For example, if you were in the networking side of the world, a CCNA would be a solid start. There are plenty of other areas like identity management, cryptographic solutions, etc. that one wouldn't necessarily associate with the certification alphabet, but having the background knowledge on it is key.

Many sales folks in the security industry use Macs from what I've seen. This is mostly dictated by their business' corporate culture more than anything else, but you should understand Windows as well since so many products cater to problems in the Microsoft world. In a lot of cases, you'll need to demo solutions within a Windows VM. If you don't know your way around Windows, it'll be quite embarrassing.

In any case, you have your work cut out for you. The goal of a sales organization is ultimately to win the contract, so I'd suspect if your soft skills are strong and your delivery is top-notch, then being able to recognize the problems, how businesses struggle to deal with them, and what IT's fundamental operating principles are, then learning the technology shouldn't be impossible to do.

Protector

Thanks very much for all this information. I understand there is a steep learning curve here. End of the day, I'll likely need to take a step back career-wise in the mid-term if I do in fact pursue this. Is what it is. Nights and weekends.

On selling style - those who beat around the bush don't know what they're selling or understand their prospective partner's pain points. And on your reaching out to companies v. not entertaining their calls: cold calling doesn't work. In my business my qualified leads come from someone's outreach generally via a response from the thought leadership my company publishes into market or from our biggest partner (i.e. our ad inventory source).

If this isn't too forward, I'd be greatly appreciative in grabbing 20 minutes of your time with a specified agenda. Admittedly, unsure what I can offer you in return, but would be more than willing to demo our software if it was all at of interest to you. We are Facebook's largest partner worldwide.

Andrew

Protector

How are the IT Security products RSA sells?