Advice: Transitioning from Systems Admin to Info Sec Career

dstock7337dstock7337 Member Posts: 95 ■■■□□□□□□□
Hello all,

I have worked about 10 years in systems administration, in multiple industries. In those 10 years, I have made security the forefront of all of my job-related activities. However, working in operational support has limited my time that I would be spending on security related work (e.g. hardening, vulnerability assessments, etc).

I decided that I want to change job roles into information security and started work on a Master's degree in Cyber-Security. However, I am uncertain as to what my next step is after I complete my degree. Moreover, I worry about having to take a big pay cut when I will have to be paying back student loans.

I would greatly appreciate any advice and insight into how to go about that big leap.

Thank you.
"The only true wisdom is in knowing you know nothing." - Socrates

Comments

  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    I'm similar to you but I didn't take a pay cut, actually got a pay raise but I might take a pay cut it's fine (for me anyway).


    I move to an operational role that's within a security department (doing operations stuff on security appliances...in a SOC)...

    honestly, all I did was just to apply to jobs...they wanted linux skills (they call it Unix lol)....and they want scripting skills.

    I'd say pass the CISSP or any other good security cert and maybe get a position better than mine
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube channel: https://youtu.be/DRJic8vCodE 


  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    So what's the question here? What kind of skills do you need to work on for a security career? If that's it, I'll throw some generic ideas out there:

    Download Nessus & learn how to use it. It's free.

    Download Splunk & learn how to use it. It's free. Bonus points if you learn how to pull Nessus logs into Splunk and create usable dashboards & reports by hand

    InfoSec is a big field nowadays. Lots of opportunities for specialization. What are you interested in? Defending the castle (blue teaming)? Attacking the castle (red teaming, much easier)? Auditing? SCADA? Forensics? Application security? Incident handling? Management? Research? What are your existing skills? Want to leverage those skillsets or start fresh?
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    I did the exact same move myself, long time generalist / sysadmin to security. Like you I had done "security tasks" for a long time, but I never had a 100% security role and that was a sticking point for a few companies I interviewed with. I eventually found a really good recruiter who knew the hiring manager, I talked to the recruiter, he realized that even though I didn't have security analyst/engineer/whatever titles on my resume I could do a fair bit of the work already. He introduced me to the hiring manager and the rest is history if you can sell yourself.

    I had finished my BS @ WGU in security before that so I had a number of certs which I doubt hurt the matter. I don't know that an MS is required by any means just make sure your resume really focuses on the security aspects of your job. I can't tell you if you'll go down in pay or not, it depends on what you make and how well you sell yourself. I started out with my standard sysadmin type resume and was getting nowhere at all. As soon as I started highlighting the fact that I've done most of the things they required already it became a lot easier.
  • kiki162kiki162 Member Posts: 635 ■■■■■□□□□□
    Get your CISSP first, and then an additional cert. Yes, DL a free copy of Nessus, Splunk, Kali, and get yourself familiar with it.

    When I got my CISSP, I got a raise. I'm working on my Masters in CS just like you, and the best thing is to get with a company that will help pay for it so you don't have massive loans to pay off.

    Just sent you a PM.
  • dstock7337dstock7337 Member Posts: 95 ■■■□□□□□□□
    Thank you all for your responses and advice.

    What do I want to do? I like finding flaws, fixing them, and educating people on how to avoid such in the future. I can see myself doing vulnerability assessments but I want to go beyond that. I like taking those results and doing a risk analysis. I would also like responding to security incidents, including investigative work and reporting. I'm not exactly certain what job title/role that translates to.

    I'm not sure what job title that would relate to but I certainly want to gain the necessary skills to make the jump.
    I've worked with a bit with Kali, NMAP, OpenVAS, and Nessus.

    I'm studying for CISSP. Are any of the other security certs, e.g. CEH, Sec+, OSCP, worth the effort and the expense? I don't see a lot of jobs requiring them. A lot of these certs are expensive and I may only be able to afford 1 or 2 to start.
    "The only true wisdom is in knowing you know nothing." - Socrates
  • SweeceSweece Member Posts: 15 ■□□□□□□□□□
    Sounds like you should look into Security Analyst positions. Sure, you might take a pay cut, but it'll definitely be your doorway into the Security world. Then from there you can always move up to Engineer or Architect. You also said that you like finding vulnerabilities, so I think you might actually enjoy an analyst position. Something that I've found as well is that whether it's CISSP or Sec+ or CCNA Sec, it doesn't matter between the certs. Personally, I'd shoot for the Sec+ just to show your specialization, rather than spending the time and the money on the CISSP which might not be entirely necessary.
  • RoyalRavenRoyalRaven Member Posts: 142 ■■■□□□□□□□
    My advice is different. I've been down this path. Think really hard about what you want to do EVERY SINGLE DAY. I have had two two-year stints in security and after the shine of doing full-time security work wears off, I pretty much start to hate it. I LOVE technology and IT is my career path (nothing else even comes close), however, I have been significantly happier working with systems more than people, even though I don't have any real issues working with people. IT security work has so much more of the people components involved.

    I don't regret those moves - always seemed like the right one, however, I also realized I need to do exactly what I have a passion for doing every single day or it gets hard to continue enjoying the work. I think the best projects have been when I get to do real deep technical work with security components involved, but not running security outright.

    I have fought giving up the technical background for many years. Operational skills will likely fade in security. I've almost abandoned the old sysadmin track, but go back to it every single time. I also realized I need to stop trying to just climb the ladder or advance for the sake of it. Sometimes we have jobs that are a fantastic fit, however we're too busy chasing other adventures to really appreciate it. There's nothing wrong with being in a stable position as long as you enjoy it and are learning.

    btw, I have over 10 years in sysadmin/hardware and have completed a masters in InfoSec (that'll always be worth it). If it wasn't mistaken, I would have thought I wrote your post a few years ago :) If I could tell myself then what I know now...getting a full-time security job doesn't fix everything you might be complaining about with sysadmin work. It's different. Different set of challenges. Less hands-on. Usually more business-related than technical roles.
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    dstock7337 wrote: »
    Thank you all for your responses and advice.

    What do I want to do? I like finding flaws, fixing them, and educating people on how to avoid such in the future. I can see myself doing vulnerability assessments but I want to go beyond that. I like taking those results and doing a risk analysis. I would also like responding to security incidents, including investigative work and reporting. I'm not exactly certain what job title/role that translates to.

    I'm not sure what job title that would relate to but I certainly want to gain the necessary skills to make the jump.
    I've worked with a bit with Kali, NMAP, OpenVAS, and Nessus.

    I'm studying for CISSP. Are any of the other security certs, e.g. CEH, Sec+, OSCP, worth the effort and the expense? I don't see a lot of jobs requiring them. A lot of these certs are expensive and I may only be able to afford 1 or 2 to start.


    Sounds like you you want to be a compliance engineer. I'd recommend getting Security+ first. 99% of it will apply to higher end certs. It's cheap and with all your IT background you could ace it within a month.
  • SweeceSweece Member Posts: 15 ■□□□□□□□□□
    RoyalRaven wrote: »
    My advice is different. I've been down this path. Think really hard about what you want to do EVERY SINGLE DAY. I have had two two-year stints in security and after the shine of doing full-time security work wears off, I pretty much start to hate it. I LOVE technology and IT is my career path (nothing else even comes close), however, I have been significantly happier working with systems more than people, even though I don't have any real issues working with people. IT security work has so much more of the people components involved.

    I don't regret those moves - always seemed like the right one, however, I also realized I need to do exactly what I have a passion for doing every single day or it gets hard to continue enjoying the work. I think the best projects have been when I get to do real deep technical work with security components involved, but not running security outright.

    I have fought giving up the technical background for many years. Operational skills will likely fade in security. I've almost abandoned the old sysadmin track, but go back to it every single time. I also realized I need to stop trying to just climb the ladder or advance for the sake of it. Sometimes we have jobs that are a fantastic fit, however we're too busy chasing other adventures to really appreciate it. There's nothing wrong with being in a stable position as long as you enjoy it and are learning.

    btw, I have over 10 years in sysadmin/hardware and have completed a masters in InfoSec (that'll always be worth it). If it wasn't mistaken, I would have thought I wrote your post a few years ago :) If I could tell myself then what I know now...getting a full-time security job doesn't fix everything you might be complaining about with sysadmin work. It's different. Different set of challenges. Less hands-on. Usually more business-related than technical roles.

    Words of wisdom. Thank you for sharing your experience!
  • DatabaseHeadDatabaseHead Member Posts: 2,753 ■■■■■■■■■■
    @RoyalRaven Wisdom ooooooooooozes from your post.

    I made the transition from IT to Data a few years back and it comes with it's own challenges, not harder just different. Just like IT you have to have the mind of it, if you don't you'll hit the ceiling very fast. I mean very fast! Lucky for me it worked out, but man it could of be a really bad move if I didn't have the mind of it. Most people don't.....

    Thanks for posting appreciate it!
Sign In or Register to comment.