Post CISSP advice

abnmiabnmi Member Posts: 66 ■■■□□□□□□□
Good afternoon all, recently passed the CISSP and now want to become more technical oriented. I am a former military intelligence guy now work as a US Govy INFOSEC Specialist. What certs or learning would complement the CISSP and provide better depth to it. Thanks in advance.

Comments

  • DarxtarDarxtar Member Posts: 30 ■□□□□□□□□□
    For government InfoSec work, CAP or ISSEP
    Ph.D. in Information Systems Security
  • Chivalry1Chivalry1 Member Posts: 569
    Many of the GIAC certification offer great technical disciplines. The courses are expensive but if you can get your employer to pay that will be worth the investments.
    "The recipe for perpetual ignorance is: be satisfied with your opinions and
    content with your knowledge. " Elbert Hubbard (1856 - 1915)
  • broli720broli720 Member Posts: 394 ■■■■□□□□□□
    I suggest figuring out what you actually want to focus on. If it's networking go Cisco, if it's servers then Microsoft. Figure out what you want to do then focus on learning the technologies.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    I feel like there's way too much fun stuff going on in military infosec to stick to admin'ing networks and servers - Security analysis is where it's at in my (biased) opinion...Personally I'd be trying to find a secor of military infosec which deals with cybercrime and incident handling.

    Cert-wise, I think SANS and Offensive Security have the best technical training available.
  • LarryDaManLarryDaMan Member Posts: 797
    YFZblu wrote: »
    Cert-wise, I think SANS and Offensive Security have the best technical training available.

    You mean training-wise, I think SANS and Offensive Security have the best technical training available.

    Cert-wise, the GIAC/SANS stuff is not well marketed and reads like the alphabet-soup of certifications.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    LarryDaMan wrote: »
    You mean training-wise, I think SANS and Offensive Security have the best technical training available.

    Cert-wise, the GIAC/SANS stuff is not well marketed and reads like the alphabet-soup of certifications.

    The reality is, if a security person doing interviews doesn't recognize and understand the value of GIAC certification; that person should probably not be doing interviews.

    It is also that same person's job to communicate this to HR who does the initial screening. No excuses. The training is that good.
  • dou2bledou2ble Member Posts: 160
    I don't think that's the reailty of the real infosec world. I would always recommend CISSP first, then GIAC/SANS. I agree with LarryDaMan that GIAC/SANS have great training material but no hiring manager that I know of primarily asks for these certs. We do recognize the value of them but the industry perfers ISC2 and ISACA. It is what it is. And because GIAC exams are open book the perception is that it's easier/watered down. Our clients don't say we want someone with experience and no certs, they don't ask for experience with GIAC/SANS, but what they do ask for is at least one Sr on the project with experience plus CISSP, CISM or CISA. HR is filling a spot based on the requirements, arguing with them over what cert is best doesn't help the applicant. Even in DOD circles I've heard of managers that have GSLC, which meets the IAM3 requirement, being told they must get their CISSP too.
    YFZblu wrote: »
    The reality is, if a security person doing interviews doesn't recognize and understand the value of GIAC certification; that person should probably not be doing interviews.

    It is also that same person's job to communicate this to HR who does the initial screening. No excuses. The training is that good.
    2015 Goals: Masters in Cyber Security
  • dou2bledou2ble Member Posts: 160
    abnmi wrote: »
    Good afternoon all, recently passed the CISSP and now want to become more technical oriented. I am a former military intelligence guy now work as a US Govy INFOSEC Specialist. What certs or learning would complement the CISSP and provide better depth to it. Thanks in advance.

    CISSP concentrations ISSEP and ISSAP fill the 8570 IASAEIII requirement. ISSMP is CND-SP Manager. I'm looking at taking the ISSEP or GSLC next year. If you have a technical background it'll def help to get some Microsoft, Linux or VMC too.
    2015 Goals: Masters in Cyber Security
  • tprice5tprice5 Member Posts: 770
    dou2ble wrote: »
    If you have a technical background it'll def help to get some Microsoft, Linux or VMC too.

    What is this VMC you speak of?

    Edit: Abdmi, your LinkedIn profile is not accessible from the link you listed on your page.
    Certification To-Do: CEH [ ], CHFI [ ], NCSA [ ], E10-001 [ ], 70-413 [ ], 70-414 [ ]
    WGU MSISA
    Start Date: 10/01/2014 | Complete Date: ASAP
    All Courses: LOT2, LYT2 , UVC2, ORA1, VUT2, VLT2 , FNV2 , TFT2 , JIT2 , FMV2, FXT2 , LQT2
Sign In or Register to comment.