Security Implementation/Architecture Path

mikey88 · April 2019

So I recently acquired CISSP certification just because it's highly sought after, but I'm not really interested in management track right now. My other certs are CompTIA (CySA+, Sec+ etc) My current duties right now are mostly administration of existing cybersecurity tools as well as server management etc.

What I'm looking to do is move into more of an Implementation Engineer/Architect role. So what skills should I be learning? What about certifications?

CASP - How valuable is it actually outside of DoD?
CCNP Security - Cisco proprietary, how valuable is the knowledge to deploy non cisco gear?
MCSE - No security track for MCSE currently?
RHCA - We deploy some red hat servers but I don't know how common they are in enterprise environments?
VCP/Citrix/AWS/Azure - Not sure how valuable these are

Anything else I'm missing? Thanks for reading.

stryder144 · April 2019

How about one of the CISSP concentrations or the TOGAF?

JDMurray · April 2019

Security architecture and security engineering (implementation) are two different career paths that are alternatives to working in security operations. When deciding on certs for any of these career paths, you should look at many job postings and note which certs are asked for in the jobs that appeal to you. Also, note what non-cert qualifications are asked for. You will find that there is rarely an "entry-level security architect" position advertised and that many architects were security (or network) engineers and even started in security operations. Engineers need to be more technical than architects, but architects that have a good technical background are usually better than those that don't.

Also, keep in mind:

Most enterprise networks are based on Microsoft Active Directory.
Most servers and midpoint boxes are running UNIX or Linux.
Most user interfaces use Web-based technologies.
Organizations that are growing are moving to the Cloud and AWS is the big dog in that area.
Security is about defending against active and malicious attackers. You must always be aware of this in your architectural or engineering mindset. Anything else (accidents, incompetence, negligence, etc.) is just safety issues.

mikey88 · April 2019

Good points @JDMurray. So basically know everything haha. If only I had unlimited time

JDMurray · April 2019

mikey88 said:

So basically know everything haha. If only I had unlimited time

This is why you need to look at job postings to see what employers are looking for. No one can be a hands-on SME in everything. An AD architect must be very experienced in AD networks, but many orgs won't care that their engineers are UNIX/Linux experts if you know how to get around on the command line. You need to find what is in demand and what you enjoy and that will indicate your most successful career path until the market, or your desire, changes.

No matter how much you may not like it, finding a new job--and a new career--is work.

Pmorgan2 · June 2019

I am doing security engineering now. Here's what I would recommend:

Experience 6+ years in system, network, and/or sysops administration. This is called system support services, infrastructure, or SAN experience at various places.
Get your CCNA, MCSA, Linux+, and VCP-DCV to demonstrate solid fundamental understanding of systems infrastructure.
Get Security+, SSCP, GSEC, CASP, CISM, CISSP, or GSE to demonstrate a fundamental understanding of a wide array of security topics. Skip straight to CISM, CISSP, or GSE if you're capable, or build your way up.
Get CRISC, GSNA, GCCC, GMON, or CISA to demonstrate security compliance knowledge.
Select a focused security area of expertise and get advanced certifications in that area. I.E. - JNCIE / CCIE Security / PCNSE for network security engineering. GAWN / OSCP / OSCE for system testing. GICSP / GRID / GCIP for industrial control system security architecture. Project+ / CAPM / GCPM / PMP for project management if you're going into a large organization.
As you prepare to move from security engineer to security architect, learn and certify advanced knowledge in multiple focus areas.

If starting from scratch, I would recommend:

Get a Junior SysAdmin or help desk job.
Security+ or SSCP
MCSA
CCNA
Linux+ and/or RHCSA
Move to SysAdmin or SysOps if you haven't already.
VCP-DCV
GSEC or CASP
Move to Risk Compliance or Security Management
CISM, CISSP, and/or GSE
One or two of: CCNP Sec, GMON, GCCC, GCIH, GCFE, CISA, GCWN, GPEN, GAWN, OSCP, OSCE, GREM, CFIP, GRID, ENSA, ect.
Move to Security Engineering
CISSP or GSE if you haven't already. CISSP-ISSEP, CISSP-ISSMP, or OSCP if you have.
Move to Security Architecture
Get GSLC, CISM, and a master's degree
Move to CISO / CIO / CEO

UnixGuy · June 2019

I wrote about SABSA, check it out https://community.infosecinstitute.com/discussion/135591/sabsa-foundation-training-review

Reading the book might be sufficient from a knowledge perspective, if you are interested in Enterprise Security Architecture.

Security Implementation/Architecture Path

Comments