Non-specialized Security: Where do I go next?

Good Afternoon TE,

So I've been doing a lot of thinking in the last ~19 hours since passing my ISSEP, and although most of that time was spent celebratory-drunk, asleep, or celebratory-hung over, I've really feel like I just crossed the finish line in my security progression. The ISSEP was my big goal; I expected to fail and didn't really have a plan for if I passed. Where is "up" from the CISSP-ISSEP?

Do I step back and get certs I previously ignored (CISM, C|EH)?
Do I shift my focus to agnostic non-security certifications (PMP, ITIL-Intermediate)?
Do I get technology-specific security certs (CCNA: Sec)?
Do I get technology-specific non-security certs (VCP, MCSE: Private Cloud)?
Do I go for the other two concentrations (ISSAP, ISSMP)?

Do I stop being a whiny little brat about college and just man up and go? But what do I want to go to college for, even? Business? Am I really going to learn $(college tuition) amount of information from a BS in Information Security? Is it a good use of my time if my goal is learning as opposed to career progression? I don't want to do it just for a piece of paper that says "great job little buddy, you're a winner", I want to learn.

My education is purely self-funded, so certifications with course requirements (PMI/vmware/GIAC) are pretty much out of the question until I get an adult job with things like educational benefits and PTO.

I don't really know what I want to be when I grow up, which is why I've stayed very agnostic in certifications to this point. Even after the depth of time and study I've put into Security, I don't even know if I want it to be the primary focus of my career.

Any thoughts or advice?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

ptilsen

A graduate degree, either MBA or MS in security/assurance, sure wouldn't hurt.

If you want to go more technical, GIAC would be the way to do it. Vendor-specific wouldn't hurt either, but only if it really makes sense to your career goals. I will say I don't think associate-level will do anything for you. CCNP Security would be the thing to go for if you wanted to go down that road.

I'm certainly in no position to point you in any particular direction, but I do think you should do what you want to do, more or less. I think you'll be making good money regardless of which direction you take.

Nutsacjac

My education is purely self-funded, so certifications with course requirements (PMI/vmware/GIAC) are pretty much out of the question until I get an adult job with things like educational benefits and PTO.

If you wanted to, there is a thread in the Virtualization forum for Stanly CC. I took the class for ICM 5.0 a while back, it was only ~220 dollars.

paul78

@redz - congratulations on passing the ISSEP. I think that having the mindset to continually learn is great. Just my 2 cents, depending on your career goals perhaps now is the time to apply what you have learned - be the best at your job and employer and advance your career. Once you have reached that zenith then do it again and learn new skills and develop new talents.

redz

Paul - I'm actually pretty content with what I have coming up, and I'm really not in it for more money. To be perfectly frank, I make enough. I wanted to challenge myself and accomplish something that not a lot of people have done. Now I did and I'm bored.

Nutsacjac - I will be looking into that... I do like vmware....

ptilsen - I think my problem is I still just don't know where I want to be when I grow up. It all makes sense to me at some level, because I don't have a plan for 2-3 years down the road. Do I technical? Do I non-technical? I don't know.

asadzz

redz wrote: »

Good Afternoon TE,

So I've been doing a lot of thinking in the last ~19 hours since passing my ISSEP, and although most of that time was spent celebratory-drunk, asleep, or celebratory-hung over, I've really feel like I just crossed the finish line in my security progression. The ISSEP was my big goal; I expected to fail and didn't really have a plan for if I passed. Where is "up" from the CISSP-ISSEP?

Do I step back and get certs I previously ignored (CISM, C|EH)?
Do I shift my focus to agnostic non-security certifications (PMP, ITIL-Intermediate)?
Do I get technology-specific security certs (CCNA: Sec)?
Do I get technology-specific non-security certs (VCP, MCSE: Private Cloud)?
Do I go for the other two concentrations (ISSAP, ISSMP)?

Do I stop being a whiny little brat about college and just man up and go? But what do I want to go to college for, even? Business? Am I really going to learn $(college tuition) amount of information from a BS in Information Security? Is it a good use of my time if my goal is learning as opposed to career progression? I don't want to do it just for a piece of paper that says "great job little buddy, you're a winner", I want to learn.

My education is purely self-funded, so certifications with course requirements (PMI/vmware/GIAC) are pretty much out of the question until I get an adult job with things like educational benefits and PTO.

I don't really know what I want to be when I grow up, which is why I've stayed very agnostic in certifications to this point. Even after the depth of time and study I've put into Security, I don't even know if I want it to be the primary focus of my career.

Any thoughts or advice?

Not to hijack this thread but wow you passed the monster ISSEP. How? I'm big fan of persons who achieve such important certification. Did you share your experience in blog or site. I plan to appear in two weeks.

Also do you work for DoD?