32 and Trying to back into IT

Hi all, first post.

I've read a lot of posts about older (is it bad I already consider myself older?) people trying to start a fresh career in IT and they have inspired me. I have a bachelor's degree in Computer Information Systems from a good university but got frustrated with my career (3 years primarily in testing) and went way off the reservation to Law school. That got me some debt (OK maybe a lot of debt) and a job I'm even more unhappy with.

I really want to get back into IT and make a career of it, and it seems like given my background that's the best chance I have for a career change. I imagine my experience is pretty useless at this point and I'm hoping some certifications will make me marketable. I feel like I could skip the basic stuff (A+, Network+, etc) based on what I remember from school and kept up with.

Two questions:
1. Does it make sense to skip those certifications and if so, what would be more difficult ones I could check out to gauge whether I should make an attempt?
2. Is there any IT field that would allow me to leverage my legal experience (criminal litigation) in any way?

Thanks, looking forward to some great advice.

Find more posts tagged with

Comments

danstar

To answer the first obvious question, you're not OLD to pave your way into IT.. unless you consider yourself to be. There was this other time I saw some post on techexams, he was 55 and he just got his first job in IT.

And to answer to your listed questions
1. Yes, it makes sense to skip A+ and Network+ only if you plan to go for CCENT/CCNA. Most of the A+, Network+ (I think) are covered in the CCNA which makes it a bit tough than A+ and Network+.
2. No, I don't think so. Criminal litigation ? I doubt that.. this is IT. It's a different world entirely

Hope this helps!

shodown

With a law degree and some IT background you could actually get a pretty good job with the FBI investigating computer crime if your US based. Other than that find out what you want to do and go after it. A word of caution don't put your law degree down on your resume. It will appear that you are all over the place and a lot of people won't call you. (i personally wouldn't). If you want to do cisco I suggest skipping A+, N+ and going right after CCNA and trying to get a NOC job. If M$ or linux is your thing I would go after those certs build a decent lab and try to find something with MSP or small IT shop.

wes allen

Look into forensics and e-discovery, you can skip n+ and a+, and do sec+ as a security overview before moving to one of the specific forensics certs. Your law degree will be a bonus with those types of jobs for sure.

ajs1976

CIS degree and Law degree along with experience in each? Could be a lot of $$$. there is a lot of government regulation on businesses that effect IT, but very few people with legal and technical knowledge to work through interpreting and implementing it. Take a look at CISSP and some of the domains it covers.

If you are interested in InfoSec, do what you need to get the Sec+ (if you don't have the foundation, take A+/Net+. If you have that knowledge already, skip them) and then contact some recruiters. CISSP requires experience but you can be an "associate of ISC2" or start with the SSCP which requires less. You may also want to look into MCSA 2008 and CCNA:Security (CCENT --> CCNA --> CCNA:security) since they will give you a stronger foundation in systems and networks. Others may recommand CEH as an intermediate security cert, but I am not sold on it.

Good luck

BrashL

Thanks for all the advice.

My first thought is I can't really run from my legal experience as it's occupied 7 years of my life; kinda leaves a big hole in my resume. I think the suggestions of e-discovery and forensics are great for that reason. A brief look around the internet suggests that forensic computing is still pretty niche, but e-discovery is a growing field and probably a better fit.

It seems like specific e-discovery certifications are all over the map and not well established. Are they even worth looking into? Would I be better served with a certification in a particular piece of software, or still start with a general Network or Sercurity+ cert?

ptilsen

I would definitely look hard at security-related areas, e-discovery and forensics being good examples. There are a lot of areas where your existing experience could prove useful.

It's really a matter of what you want to do and how technical you want to be. If you want to go back into really being a technical person doing technical systems/networking work, then you're going to go through more of the basics and see less value from your existing experience. If you're okay being in a more managerial or hybrid role, I think you could easily leverage your legal experience. SOX or HIPAA compliance are areas where people who can marry legal and IT are needed, but keep in mind a lot of roles might only be high-level technical. Which, again, might be fine. It all depends on what you want to do.

BrashL

Thanks for the quick reply. The main barrier I see here is that both forensic computing and eDiscovery are so new and ill-defined that they can be difficult to get into without experience and difficult to get experience in period. To your question, I would like to be in a more technically inclined career anyway, I just thought these might ease the transition.

My wife's salary gives me some flexibility and I'm a prosecutor for the government so my salary wouldn't have far to drop. I'm not looking so much to leverage my legal experience, but to not be held back by it (as the previous poster suggested I would be). Ideally I'd like to be able to take an IT job at a large company with opportunities to grow my career. My feeling is that a job involving network security would be close enough in subject matter to legal compliance or eDiscovery type jobs that it wouldn't raise eyebrows at an interview if I said I was simply looking to expand my technical skills for a future in those fields.

Does that make sense or should I just wipe the slate clean? I imagine finding a job is hard enough these days without this kind of baggage. And if I do intend to look for a job based only on technical skill, does it make sense to study and get the most impressive certifications while I still have a job, or should I just try to get working immediately to gain experience?

ptilsen

I would be careful about what you say at the interviews. Some hiring managers might like that you're actively seeking to improve your skills for any reason, but others might question hiring you if your long-term goal is to be out of there.

If you want to get into network security, I would say shoot for something along the lines of Security+ and CCNA, then see where things lie from there. If you're comfortable with your basic hardware/software networking, A+/Net+ can definitely be skipped.

paul78

I'm not sure that I entirely agree with the rush towards certifications like A+ or CCNA. A

s a lawyer, you defintely have some very transferable skills - especially in information security management. Besides forensics as already mentioned, there is also privacy and intellectual property protection. IT auditing and compliance have also be a fit.

Have you started your job search? Perhaps focus on law firms that provide legal counsel on privacy matters. Or try consulting companies that provide IT audit and regulatory compliance (especially GLBA and HIPPA).

draught

I was a little curious and looked it up Technology Jobs for Legal Professionals I'd think a law degree would go nicely with some kind of consulting position.

wes allen

Paul has some good advice - unless you really want to start at the bottom and do the network NOC type work your way up, you should take a hard look at some of the IT security fields. You have a CIS and a law degree, that is a great base to build from. Maybe Sec+, SSCP, Assoc of CISSP, etc and you will have some options. If you are set on being very hands on, then you probably need to start way lower on the ladder with CCNA, etc.

antielvis

To the OP

I don't think you are too old to start a new career. I started my career at age 30 in computers. Now it did require a change in lifestyle (I made pennies on the hour back then) and I suffered financially for a few years.

You need to look at the positive aspects of being "older". Life experiences come into play as you've probably chaired meetings, did project work and you understand the bigger picture. At 32 you can also put forth a convincing argument that you WANT to change careers because it's your passion. Any HR rep isn't going to question a 32 year old dude walking away from a good paying gig to restart their career.

A few folks have mentioned pursuing security based certifications. I think that's fair but I believe to be a good security analyst you need to have a decent understanding of a network. Forensic stuff generally uses specific software like EnCase to find stuff. The software and training is expensive and still requires you to have some understanding of the basics of a network.

bobloblaw

I'm going with Paul here. An attorney with Infosec credentials and an IS degree could make a pretty penny. Now if you want to do straight tech, then that's probably not the route for you. It is technical, but your job won't be 100% tech if that's what you're looking for.

There's a couple ways to step-by-step this route, but you really need to find out what YOU want to do.

As far as your resume gap is concerned - Dude... I'm assuming you passed the bar and practiced law. No one is going to think you're a worthless layabout for that.

paul78 wrote: »

I'm not sure that I entirely agree with the rush towards certifications like A+ or CCNA. A

s a lawyer, you defintely have some very transferable skills - especially in information security management. Besides forensics as already mentioned, there is also privacy and intellectual property protection. IT auditing and compliance have also be a fit.

Have you started your job search? Perhaps focus on law firms that provide legal counsel on privacy matters. Or try consulting companies that provide IT audit and regulatory compliance (especially GLBA and HIPPA).

BrashL

Wanted to check back in and first of all give a big thanks to everyone who chimed in. I've taken some time to digest this advice along with some other input I've gotten from old contacts in the IT industry, and I really think InfoSec is the way to go. I've been listening to lectures on the subject from an online class to get a feel for what it actually involves and it sounds perfect; definitely set in the IT world, but not so technical that it would require starting from scratch in a new career.

I've found some job listings with titles like Information Security Analyst or Information Risk Management Associate that all seem to describe a person that is able to be a high level bridge between management, IT, and vendors. I think my experience dovetails nicely with this kind of work, but I'm still unsure about getting my foot in the door based on my dated tech credentials.

One of the postings lists various certification desired: [FONT=Helvetica, Arial, Droid Sans, sans-serif] CIA, CISSP, CISA, GSEC. I know what CISSP is and that it's not a beginners certification. What are your thoughts on the others (and what are they). Are any worth getting? Do they require experience prerequisites? Are they widely in demand?
[/FONT]
Also any thoughts on how to go about finding similar jobs or any kind of advice is very much appreciated.

paul78

I think you have the right idea. Those are exactly the type of job titles and roles that would probably be a good fit based on your experience. I would also suggest trying IT audit management and IT vendor management roles. I am not sure if you would be interested - but try privacy roles as well. Take a look at typical job descriptions at https://www.privacyassociation.org/resource_center/career_center

As for the certifications, I believe that all ISACA certifications do require some experience. The ISC2 certifications do have versions that do not require experience but as you indicated. All the certifications that you mentioned as well-known (except I've never heard of CIA).

If you are interested in the privacy side of IT - the IAPP CIPP may be a certification which you may find attainable (especially with your background)

GoodBishop

BrashL wrote: »

Hi all, first post.

I've read a lot of posts about older (is it bad I already consider myself older?) people trying to start a fresh career in IT and they have inspired me. I have a bachelor's degree in Computer Information Systems from a good university but got frustrated with my career (3 years primarily in testing) and went way off the reservation to Law school. That got me some debt (OK maybe a lot of debt) and a job I'm even more unhappy with.

I really want to get back into IT and make a career of it, and it seems like given my background that's the best chance I have for a career change. I imagine my experience is pretty useless at this point and I'm hoping some certifications will make me marketable. I feel like I could skip the basic stuff (A+, Network+, etc) based on what I remember from school and kept up with.

Two questions:
1. Does it make sense to skip those certifications and if so, what would be more difficult ones I could check out to gauge whether I should make an attempt?
2. Is there any IT field that would allow me to leverage my legal experience (criminal litigation) in any way?

Thanks, looking forward to some great advice.

I know a attorney with a JD and the CISSP, and he specializes in technical law and information security law - he makes bookoo bucks.

I would recommend going for the CISSP, CISA, and CIPP/IT certifications. You would do exceeding well if you have those. I know another JD who has a few certifications, and he's the CIO of a fortune 500 company. So it's possible for you to do very well.

I'd also recommend the following for specific IT fields: IT security, IT audit, IT contracts, vendor management... most of the folks I know in vendor management and contract management have JDs, and they do quite well for themselves.