Where should I start for InfoSec

I am 3 years experienced in network security ie worked with proxy(bluecoat) and firewall(palo alto).I have only completed ccna routing and switching and ccna security. And my company started working with nessus vulnerability scanning.
I understood I am working with perimeter security and moving to infosec.

I like to be a security auditing or consultant in future.Please help me to where to start with.
I am not in a hurry to do complete any certificate or jump jobs. Need a guidance for my career.

I have seen few posts which is related to mine but I am confused state only. Because people are not less experienced like me.

with regards,
Balaji

Find more posts tagged with

Comments

adrenaline19

you start by actually reading this forum.

A good thread might be "Security certification - where to start?"

jamesleecoleman

Sounds like you've already started. Continue to build on your experience and use/do more things related to security.

beads

Let's be more verbose.

http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

First get a generic degree in anything but music, preferably computer science or MIS but something technical. Get several years of good, measurable administrative experience in administration while learning some BA skills along the way. Find a one year gig as a contract auditor and learn why security reduces the risk and why we do what do in security is IT business rather than IT technical. Then go into risk reduction (aka security).

- b/eads

636-555-3226

beads wrote: »

Let's be more verbose.

http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

First get a generic degree in anything but music, preferably computer science or MIS but something technical. Get several years of good, measurable administrative experience in administration while learning some BA skills along the way. Find a one year gig as a contract auditor and learn why security reduces the risk and why we do what do in security is IT business rather than IT technical. Then go into risk reduction (aka security).

- b/eads

Not to thread-jack, but I hear a degree in music can actually lead in some circles to being a CISO one day!

Privacy

Don't forget to try and gain some real world business experience too many people in security are pure technical or think the business is just there to be secure and not run and make money.

E Double U

636-555-3226 wrote: »

Not to thread-jack, but I hear a degree in music can actually lead in some circles to being a CISO one day!

Then I wonder can all of my security certifications lead to me becoming head of a record company some day. Things that make you go hmmm.