Where do i go? What to do? IT security / administration

Hello techexams-forum,

i'm looking for your opinions regarding my way of training/certifications towards IT security:

I am 27 years old now, working in IT since 2007. Started with a 3-year apprenticeship and became an IT specialist for system integration (that's basically a sysadmin). After that i worked for about 7 month in an helpdesk-position, then i moved, changed the company and worked for around 3.5 years in an IT system house providing all kind of support for Windows/Linux, VMWare, Sonicwall, sometimes even OS X stuff. Basically everything that had something to do with computers.
I learned TONS of stuff there

The company provided support for everything. From the normal user: "My Outlook doesn't work anymore" to bigger network/server installations, also telephone installations.

One year ago i changed the company again and now i'm "the IT-guy". That's where i am now and i don't plan to change that. I really like the company where i work now. I just feel like i need to know more!

My certifications right now:
During my apprenticeship i earned the ITIL v2 foundation certificate, during the time in the IT system house i earned three certifications from the telecommunication system company Auerswald, tons of Dell certificates for PCs, Server and so on and became a Sonicwall Certified Security Administrator.
The company where i am now paid for my MCSA Windows Server 2012 and i finished MCSA Windows 8 on my own (studied for myself, finishing with 936 and 850 points).

My "plan" for the future (will take 4,5 years): Studying for B.Sc in IT-Security after work.

What else can i do? CEH? OSCP? Where do i start? The company where i work does pay for "everything that is good for the company".
Btw: I'm located in Germany

Find more posts tagged with

Comments

markulous

VMWARE certs would make a lot of sense here with the cert path you are on. After that getting your MCSE in 2012 would be a nice resume builder too.

Edit: Just realized you wanted to head into security. The above certs would still be great for that as more base knowledge would help but CEH would make sense.

Smilymarco

Thanks for your answer

I just switched off the last vm on the esxi-server. I converted everything into a Hyper-V cluster...

For base knowledge i was thinking about LPIC 1 and 2 or RHCSA, maybe Security+ instead of CEH? Or ENSA? Wireshark Network Analyst?
So much stuff what you can do... everything sounds good...

I don't even know how much time i will have beside the studies for the B.Sc...

Chinook

There are multiple types of "Security" jobs in IT. At the most basic level there is the defensive & offensive security posture. A large firm will have a team of individuals who focus on security. The positions will range from people doing network sweeps & reading logs right up to senior management ala the CISO. Offensive security are pen-tester types who work on projects & travel place to place.

To be a good security practitioner I would recommend being a good generalist in IT. Understand VMware, understand Windows, understand networking/CISCO, SQL, and of course be functional in Linux with scripting. You may not secure a Linux network, but the majority of hacker tools are Linux based. A lot of the basic duties will be checking logs, doing vulnerability tests (SQL injection for example). From there you'll learn and work your way up.

Wireshark makes a great deal of sense. Network auditing is common & wireshark should be a skill every networking person has. As for Security+ and CEH. I have mentioned this previously but I will say it again

Security+. Build a solid foundation in computer security. In my opinion, it's a great certification for anyone in the world of IT. Something as simple as understanding what certificates do is extremely important in security. This is a Comptia exam that is worth it, even for more senior fellows

C|EH. The building blocks of offensive vulnerability testing & penetration testing. This is a generalist exam so you'll learn a little about a lot. You won't graduate & be Kevin Mitnick, but provided you actually lab, you could comfortably sit down in a larger firm in a junior security job. They're not overly exciting gigs but they make for a good foundation.

One thing about security. This isn't a job of the movies ala you will not be Hathaway from the movie Blackhat. You will not be attacking foreign terrorists and shouting tango down with your Lulzsec shirt on. The job is very routine most of the time.

My recommendation is to build security into your generalist portfolio and go from there. As time passes you'll be able to identify issues on standard networks (very common). More importantly, you will think like a hacker and your learning at all levels will be security focused. When you bring a router online, it will be a secure router. When you bring a server online, it will be a secure server.

Last point. Security is a new field and you'll find most of the work in public services, schools, hospitals and the military. Some major firms are very security. Others, surprisingly, take security lightly. You can also inquire into working in a civilian capacity with a police force. Police are now realizing the importance of security & it's an easy sell. If you can hack the network, so can organized criminals.

Mike-Mike

Chinook wrote: »

Wireshark makes a great deal of sense. Network auditing is common & wireshark should be a skill every networking person has.

This is my next step

Smilymarco

Thanks a lot Chinook! That's the information i was looking for!

Any thoughts on the EC Council Network Security Admin?