Information Security Officer

Hello All,

I have done this before many times, and again I need you guy's expert advice on something. As some of guys might know that I am still in start of my career, been in it for 6 months or so. I work in an information security office of a bank. Lately I have been going through transitions of planning for future, I am planning to stay in InfoSec as my career. Now, this is a field that requires you to know little bit of everything.

For last few months, since I started the job, I have been working on learning the technical parts, went through the CCNA coursework, and then lately attended the IPS training, also started MCSE coursework but had to stop cause of other things.

Now, I haven't taken any exams for what I have studied in last few months, mostly for the reason that I want to build an InfoSec guy profile than of a Network Security guy profile. I have told by experts around me that there is no use of earning all these tech certs, because you are more in advisory side than the typical technical side. I have been told that I need to know this stuff to stay in the field but don't necessarily have to get certified for it.

On the other hand, people around me have recommended going for certs like CISA, CISM and CISSP, off course a little late in career when I have some more experience. Personally, I don't want to be a Network security guy and just want to be an Information Security guy.

What is you guys' take on this, keeping my profile in mind, would you suggest that I get a cert for everything I am studying? (CCNA, MCSE and stuff). I definitely do plan to take CEH and, if possible, GCIH next year.

Reason I ask this is if I had to move to a new job, what would the employer expect of an InfoSec guy.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

networker050184

If you are taking courses and learning the material then why not take the exam? I can't think of any reason you shouldn't except for money, but the exams are not that expensive.

These certifications may not be a requirement in your current role, but you never know what a future employer will require.

LarryDaMan

I think it is important to be diversified. Information Security is such a broad category. I still think it is important to learn the underlying technologies. What are you securing? How are you securing it? What tools are you using?

Grab your CCNA and MCSE along with the CISSP and CISA if they all interest you. It will just make you more well rounded and much more valuable.

Also, don't neglect the soft skills. Make sure your writing skills are up to par. Take a public speaking course. Strengthen your presentation skills, master powerpoint and excel. You may have to bridge the gap between the technical world and upper management. Many managers can't tell a router from a whole in the wall... and many techies can't spell their way out of a paper bag. The people who can wear both hats become the CIOs and CSOs in this world.