Solved

Network Security Certification

Posted on 2004-09-16
4
396 Views
Last Modified: 2013-11-16
My career is going nowhere. I've worked in Desktop Support for 6 years.  I make a low salary with no opportunities for advancement. I'd like some feedback about getting a Network Security Certification.  Here are my questions:
Is this a good field to get into?  
What level of pay can I expect?
Which is the best certification to do?
Will  the Cisco Cert. Security professional help me get a good job that pays well?
0
Comment
Question by:romansoldier
4 Comments
 
LVL 1

Expert Comment

by:dommurray
ID: 12085247
I can only answer this from personal experience so it's not a definitive answer.

 1. Yes it is, the way I see it not only is it a facinating aspect of it but even as technology change, there will always be a need for security practitioners.

 2. Depends, being a DTS person I have to assume that you higher level experience is limited, it would help to get a broader field of experience in networking, infrastructures etc rather that just desktop, easier said than done I know, I personally would advide going to a 3rd line support level first to get a better overall knowledge which you will need, you wont need to become an expert in everything (nobody is an expert, anyone that says different is wrong! they just know more and have had more experience). There's nothing to stop you hitting the books or the web either, there's a world of info out there.

 3. Like everything pay depends on experience and capabilities and usualy cames as part of a track record. From what I have seen (and I guess this depends on where your from) a professional security persona earns about the same or more as a thrid line manager, but less that someone like a CCIE.

4. The qualifications get you through the door, they do, like any qual, show a certain level of knowledge but don't always prove understanding or experience. However it's better to have them than not of course...anything that gets you the interview. The trouble is, with a lack of experience security exams are not straight forward, you may be able to get it from a book and learn "parrot fashion" but you'll trip up on your fuirst job when you don't know what you are talking about.

I realise my comments are not uplifting but I think they are realisitc. If you enjoy IT half of the fun is the learning and exploration of new things.

I don't think you can do it overnight but then again it shouldn;t take forever, move up the scale to third line for a couple of years and then you'll be more prepared.

However, like anything this is just my opinion, I will be curious to see the comments of those who disagree :)

Best Wishes and good luck......it is worth the pursuit

DJM
0
 

Expert Comment

by:usrhlp
ID: 12085877
This has happened to me.

What i have done is as follows.
I took my own personal time out to read books. I kept my DTS jobs running in the back ground (wishing every day i could leave and do something interesting and worthwhile) and i read books about CCNA networking (its going to be hard to become a network security specialist if you dont know the difference between layer 3 routing and layer 2 switching. Programming, learning new os's. etc etc.
While going at work i looked at other things. Then one day i was offered the chance to do both DTS and programming/implementations.
I took it. I am now on the way to becoming CCNA certified, MCSE, .NET compliant and lots more.

My advice is, learn in your own time, there are not many jobs out there that will train you up from scratch, but there are chances to learn on base knowledge you already have. I could already do programming and had a basic networking background before i embarked on the CCNA and later on a networking job. While at the job i have the chance to expand my programming (diverging into .NET) and also doing system builds, and also being given some after hours work to earn some extra money.

But waffle aside, learn in your own time (read CCNA then do Cisco security, cos if you cant configure a router you sure as hell aint going to secure one down to a multitude of possible attacks) maybe ask your boss if there is a chance to get some extra qualifications during quiet periods. learn programming so you can code your own overflows, pen test suites that sort of thing. There are not many good security testers out there who cant code. Those that cant code and call themselves security experts are just fooling themselves. Gain MCSE in NT and start to use Linux. All this will help to get you out of a boring rut known as DTS (damn tedious sh1t (can we say that here??)) I should know, it is exactly what i did.
THe field of security is good, but almot every man and his dog are doing it now. The world is starting to get flooded with "security experts". Check Bugtraq and all the people who post to that. Only the best will get the good money. Those, most probably like myself, will stay getting better but never shining out above the rest. Id expect you to be able to get at least 25K in uk for security work, possibly more the bigger the array of things you can audit. In the us id guess at least 35K but it does depend who you are working for and what they need securing.

But learn your CCNA, Some programming, Windows Certs and go for the Cisco Security modules. Good luck!

I know you can do it. Just give it time and determination. Afterall, you have nothing to lose, just everything to gain!
0
 
LVL 1

Expert Comment

by:AbstractAnger
ID: 12147076
Check out Comptia Security+ to get your foot in the door.
The best way to find out is to dabble in it and see if you like it.
0
 

Accepted Solution

by:
megalodonsec earned 125 total points
ID: 12254520
While not very popular, my perspective is quite different regarding certifications. I have achieved many of them and most are worthless.
Here is a list of the ones I have achieved over the past 9 years:
A+, MCSE(x2), MCT, CCNP, CCDP, CCSP, ISSP, CISSP, and the written CCIE Security.
Only twice have any of them had an effect on getting a better job which were the CCIE written and CISSP, both of which require a great deal of dedication. The CISSP requires 4 years of Security experience and the CCIE can be a nightmare to achieve.
Having recently been looking in the job market it has become clear that the most sought after credentials you can have if you want to be in Security are a degree and of course experience.
In my opinion you should look at what you really want to be doing 5 and even 10 years from now and focus strictly on that vs. chasing a bunch of worthless certs which you'll never use anyway. Make your next job choice move you closer to that goal.
The CCSP would be great if you want to be a "Cisco Security Professional" but only because of the knowledge you would gain, don't expect it to land you in a Network engineers seat.
The last point I want to make is to clarify the current Security market, I am now making $20k less than I was two years ago and it's only getting worse. The only real money left in security is management, coding, or compliance auditing (consulting).
I don't want to discourage anyone from studying or getting certified but just be aware of what it's really worth. Any arguments are welcome and appreciated :)
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ip igmp join-group 8 43
Hit router interface limit 7 42
Cisco ASA VPN Client Routing 8 43
Well known ports and optimal ports scanning range 12 72
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question