Options

What certification path should I go for landing an entry level Cyber Security job?

Cyb0rgdillyCyb0rgdilly Member Posts: 55 ■■■□□□□□□□
edited December 2021 in General Certification
Hello,

I recently decided to pursue a career with Computers. I did assessments and explored careers and concluded that Cyber Security, Network Administration, and Network Engineering would be the best suitable fields for me.

About one decade ago I got several Microsoft Certifications while pursuing the MCSE/MCSA, but I did not complete their entire set of about 6 certs to gain the MCSE/MCSA credentials. During the same time I also gained the CompTIA Security + certification. After gaining those certifications I was unable to land a job! So that discouraged me for years, and I tried other career paths instead. Today, ten years later, my Microsoft certs are no longer valid but my Security + is valid, and here I am looking to re-up some certifications and try again!

As of today I believe all of my Microsoft certs have expired, but my CompTIA Security+ is good-for-life.

With that said, I am confused about what certifications to get next. Some say CompTIA Network +. Others say try a Cisco certification. Others say Linux +. Others say Python and Azure. Sooo what exactly am I supposed to pursue for certifications that can land me a job?

I do not want to go through the time and energy of gaining new certifications that will not be needed for my first job. Also I do not want to get a bunch of certifications and then wind up not getting hired any places! Like last time!

Any information is appreciated. Thank you.

I have a few library books for studying Network+ and also a dummies guide to CISSP.

Thanks
· Share on FacebookShare on Twitter

Comments

  • Options
    E Double UE Double U Member Posts: 2,232 ■■■■■■■■■■
    A certification path should be chosen based on one (or both) of the following:

    - Personal interests
    - Job requirements

    I get the impression you do not have a specific interest so I suggest that you look at job postings in your area to see what is in demand. Since you are looking to break into cybersecurity and already have the Security+, I do not see the point of Network+. I do not believe certifications alone will land anyone a job, but credentials in combination with experience listed on a resume can land you an interview. 

    Regarding the certs you mentioned, I only went the Cisco and Azure route because I had employers that used those technologies. I think CISSP is the most valuable, but of course there are experience requirements you must meet in order to become certified. 

    Disclaimer: I have a preference for vendor agnostic credentials (GIAC, ISACA, ISC2, etc).

    Good luck!
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
    · Share on FacebookShare on Twitter
  • Options
    kaijukaiju Member Posts: 453 ■■■■■■■□□□
    Good for life Security+ SY0301 has been superseded. The latest version is Sec+ SY0-601.

    You can also do professional certificates and micro bachelor degrees on Edx.org to build your knowledge and resume. Even if your certs are expired it might help to list them, especially if you are seeking an entry-level position. Most organizations want people that they can mold to their specific needs for entry-level positions.

    Like E Double U, I prefer the vendors other than Comptia and EC Council.
    Work smarter NOT harder! Semper Gumby!
    · Share on FacebookShare on Twitter
  • Options
    yparkypark Member Posts: 120 ■■■□□□□□□□
    Cyb0rgdilly said:

    I recently decided to pursue a career with Computers. I did assessments and explored careers and concluded that Cyber Security, Network Administration, and Network Engineering would be the best suitable fields for me.

    None of those fields are entry level positions but you can definitely work toward them. You can leverage your Security+ on your resume and also list the MS certs that expired (and note them as expired) but employers will prefer a more recent certification or achievement. Not sure what your last job entailed but you can definitely spin it to include some IT related responsibilities. I do not endorse lying on your resume but you can tailor it to the requirements listed by the job posting.

    Do you still remember all the previous stuff you've studied a decade ago? IT interviews will include a technical portion so just "padding" your resume alone won't land you the job. You will still need to put in some time an effort to brush up on the fundamentals. Start by looking at the job postings for the positions you are interested in and make note of the "requirements" and "preferred qualifications" section. You don't necessarily have to get the certs (although they couldn't hurt) but you can find tons of study material on Youtube alone.

    As far as your old Security+ certification goes, it's still valid but it most likely can't be used to fulfill specific requirements (commonly, government jobs) as those often list specific versions of the tests.
    2022 Goals: [PCNSE] [JNCIS-SP] [JNCIS-SEC] [JNCIS-DevOps]
    · Share on FacebookShare on Twitter
  • Options
    UnixGuyUnixGuy Mod Posts: 4,566 Mod
    I created a whole YouTube channel centred around this very question, link in my signature.


    There are so many paths and there is so much demand. There is no one right answer
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

    · Share on FacebookShare on Twitter
  • Options
    kaijukaiju Member Posts: 453 ■■■■■■■□□□
    edited December 2021
    Cyb0rgdilly said:
    kaiju said:
    Good for life Security+ SY0301 has been superseded. The latest version is Sec+ SY0-601.
    If the old version of Sec+ has been superseded what does that mean exactly? Is my older version useless now?

    Many moons ago, DoD decided that the GFL (good for life) Sec+, Net+, Server+ certs would not meet the standards of compliance for their networks so CompTia released the Security+ CE certification. Your current GFL might be OK to land a position but once you are hired you will most likely be told to update to the current version of Sec+. To be honest, if you were interviewed based off questions from the new Sec+ CE SY0-601 you would not do well without doing a SY0-601 cram session. There is a huge difference in the material that is covered by the GFL and CE certifications. The most current version has material that is seen in higher level certs like CYSA+, CASP+, CISSP and CISM plus network/systems related material.

    If a particular job required DoD 8570/8140 compliance, you would only be hired with the condition that you updated cert within the allotted time frame (usually 6 months). Non-DoD orgs might not care as long as pass the interview and show a desire to further your education/certification on the required topics. 
    Work smarter NOT harder! Semper Gumby!
    · Share on FacebookShare on Twitter
  • Options
    JDMurrayJDMurray Admin Posts: 13,045 Admin
    The "good for life" certs were actually killed by ISO/IEC 17024, with which a cert vendor needs to be in compliance for its certs to be acceptable by the US Federal government.

    Forum Admin at www.techexams.net
    --
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    · Share on FacebookShare on Twitter
  • Options
    E Double UE Double U Member Posts: 2,232 ■■■■■■■■■■
    edited December 2021
    Cyb0rgdilly said:
    E Double U said:

    Disclaimer: I have a preference for vendor agnostic credentials (GIAC, ISACA, ISC2, etc).

    Good luck!
    Hi can you elaborate what is vendor agnostic credentials?

    But I digress to ask another question: How would a person like me get a higher paying job in Cyber Security with just a Sec+ cert and super flimsy work history? Maybe my confidence levels are low but at this juncture I would be surprised to get hired into a low wage help desk type job - because my experience is really just from certifications and not much real world experience...
    Vendor agnostic credentials are not tied to the product of a specific supplier. Using the topic of cloud as an example, each cloud vendor (Microsoft, Amazon, Google) has certifications for their respective platforms (Azure, AWS, Google Cloud). While preparing for those exams you will learn about that vendor's products and perform labs that teach you how to operate within those environments. Those are vendor specific credentials. An example of a vendor agnostic (or vendor neutral) cloud credential would be CCSP by (ISC)2 as the owner of that credential does not have its own product. It is more conceptual learning instead of practical. Your Security+ certification is vendor agnostic/neutral. 

    I hate to be so harsh, but I do not believe people with low confidence levels can accomplish much of anything. I have seen you say "not being smart enough" about yourself. If you really believe that then I am not sure you will find the help you are looking for on these message boards.


    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
    · Share on FacebookShare on Twitter
  • Options
    TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    edited December 2021
    Cyb0rgdilly said:
    I recently decided to pursue a career with Computers. I did assessments and explored careers and concluded that Cyber Security, Network Administration, and Network Engineering would be the best suitable fields for me. If the old version of Sec+ has been superseded what does that mean exactly? Is my older version useless now? I have had a help desk job before and then I got 6 Microsoft certifications for software plus a CompTIA certification and when I went into work I still could barely answer a lot of simple computer questions! Today my guess is you see tons of people who just get certifications and have no solid experience in a real life paid IT job.
    If you just recently decide to pursue a career in Cyber Security, why did you get those certs 10 years ago? What sort of work are you preforming now? I think part of the problem is too many people get focused on the end goal, but not how to get there. "I want a job in Cyber Security, I will accept nothing less!" The simple fact is often you have to get a help desk job in IT and work your way into a Cyber Security Role. No one joins the military and is promoted to General immediately, they have to work there way though the ranks. If your struggling to answer simple computer questions, your probably not suited for a career in IT.

    Is my older version useless now?

    Think it as having a certification in Windows XP, it not completely useless since a lot of same same concepts for XP apply to newer Windows versions. But the knowledge is dated. 

     I can't say for certain how many people get certifications and are not in the IT field, I can only say I have a few certifications and I have experience in IT. None of which I need to keep my current position, but they are good insurance policy in case I need them. I may have to cash them in soon, due to shake up at my employer. :(
    Still searching for the corner in a round room.
    · Share on FacebookShare on Twitter
  • Options
    E Double UE Double U Member Posts: 2,232 ■■■■■■■■■■
    Cyb0rgdilly said:
    E Double U said:

    I hate to be so harsh, but I do not believe people with low confidence levels can accomplish much of anything. I have seen you say "not being smart enough" about yourself. If you really believe that then I am not sure you will find the help you are looking for on these message boards.


    Where did I say I was not smart enough?

    You want to know what it is? I am realistic. I have had a help desk job before and then I got 6 Microsoft certifications for software plus a CompTIA certification and when I went into work I still could barely answer a lot of simple computer questions!

    You have to be realistic. Today my guess is you see tons of people who just get certifications and have no solid experience in a real life paid IT job. I really am not that bright about computers, and I grew up using them. It takes a long time. I suppose my modesty shines brightly.

    Someone that I would consider very bright about computers is a highly skilled hacker that has learned on their own and eventually outperformed even the smartest paid IT guys like you and busted down your security systems. Those people are smart.
    On this very thread:  I may barely even be smart enough with computers to get a help desk job. 

    If telling yourself that you are being realistic is a coping mechanism for low self-confidence then who I am to tell you to do otherwise. I just believe that people are capable of conquering a lot of their obstacles with the right mindset. I am not a genius and attribute my success to working very hard. Many highly skilled people have acquired those skills with lots of practice. Someone smarter may learn the information quicker, but persistent people like myself get there eventually even when outperformed by those very bright hackers that you speak      B)

    Being able to answer those simple (or difficult) technical questions comes with repetition. Whenever I encountered an issue on the job that I did not understand, I began seeking information to help me understand. Situations like that on the job have been a major part of my learning process. Getting the certification doesn't mean that you have committed every bit of the information to memory. If that was the case then every vendor should just change the passing score to 100% lol. 

    Now with that being said, I wish you luck with your goals and hope that you can get out of your own way because I do believe your mentality might be your largest hurdle. 

    Just my $0.02
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
    · Share on FacebookShare on Twitter
Sign In or Register to comment.