Solved

Network Security Certification

Posted on 2004-09-16
4
384 Views
Last Modified: 2013-11-16
My career is going nowhere. I've worked in Desktop Support for 6 years.  I make a low salary with no opportunities for advancement. I'd like some feedback about getting a Network Security Certification.  Here are my questions:
Is this a good field to get into?  
What level of pay can I expect?
Which is the best certification to do?
Will  the Cisco Cert. Security professional help me get a good job that pays well?
0
Comment
Question by:romansoldier
4 Comments
 
LVL 1

Expert Comment

by:dommurray
Comment Utility
I can only answer this from personal experience so it's not a definitive answer.

 1. Yes it is, the way I see it not only is it a facinating aspect of it but even as technology change, there will always be a need for security practitioners.

 2. Depends, being a DTS person I have to assume that you higher level experience is limited, it would help to get a broader field of experience in networking, infrastructures etc rather that just desktop, easier said than done I know, I personally would advide going to a 3rd line support level first to get a better overall knowledge which you will need, you wont need to become an expert in everything (nobody is an expert, anyone that says different is wrong! they just know more and have had more experience). There's nothing to stop you hitting the books or the web either, there's a world of info out there.

 3. Like everything pay depends on experience and capabilities and usualy cames as part of a track record. From what I have seen (and I guess this depends on where your from) a professional security persona earns about the same or more as a thrid line manager, but less that someone like a CCIE.

4. The qualifications get you through the door, they do, like any qual, show a certain level of knowledge but don't always prove understanding or experience. However it's better to have them than not of course...anything that gets you the interview. The trouble is, with a lack of experience security exams are not straight forward, you may be able to get it from a book and learn "parrot fashion" but you'll trip up on your fuirst job when you don't know what you are talking about.

I realise my comments are not uplifting but I think they are realisitc. If you enjoy IT half of the fun is the learning and exploration of new things.

I don't think you can do it overnight but then again it shouldn;t take forever, move up the scale to third line for a couple of years and then you'll be more prepared.

However, like anything this is just my opinion, I will be curious to see the comments of those who disagree :)

Best Wishes and good luck......it is worth the pursuit

DJM
0
 

Expert Comment

by:usrhlp
Comment Utility
This has happened to me.

What i have done is as follows.
I took my own personal time out to read books. I kept my DTS jobs running in the back ground (wishing every day i could leave and do something interesting and worthwhile) and i read books about CCNA networking (its going to be hard to become a network security specialist if you dont know the difference between layer 3 routing and layer 2 switching. Programming, learning new os's. etc etc.
While going at work i looked at other things. Then one day i was offered the chance to do both DTS and programming/implementations.
I took it. I am now on the way to becoming CCNA certified, MCSE, .NET compliant and lots more.

My advice is, learn in your own time, there are not many jobs out there that will train you up from scratch, but there are chances to learn on base knowledge you already have. I could already do programming and had a basic networking background before i embarked on the CCNA and later on a networking job. While at the job i have the chance to expand my programming (diverging into .NET) and also doing system builds, and also being given some after hours work to earn some extra money.

But waffle aside, learn in your own time (read CCNA then do Cisco security, cos if you cant configure a router you sure as hell aint going to secure one down to a multitude of possible attacks) maybe ask your boss if there is a chance to get some extra qualifications during quiet periods. learn programming so you can code your own overflows, pen test suites that sort of thing. There are not many good security testers out there who cant code. Those that cant code and call themselves security experts are just fooling themselves. Gain MCSE in NT and start to use Linux. All this will help to get you out of a boring rut known as DTS (damn tedious sh1t (can we say that here??)) I should know, it is exactly what i did.
THe field of security is good, but almot every man and his dog are doing it now. The world is starting to get flooded with "security experts". Check Bugtraq and all the people who post to that. Only the best will get the good money. Those, most probably like myself, will stay getting better but never shining out above the rest. Id expect you to be able to get at least 25K in uk for security work, possibly more the bigger the array of things you can audit. In the us id guess at least 35K but it does depend who you are working for and what they need securing.

But learn your CCNA, Some programming, Windows Certs and go for the Cisco Security modules. Good luck!

I know you can do it. Just give it time and determination. Afterall, you have nothing to lose, just everything to gain!
0
 
LVL 1

Expert Comment

by:AbstractAnger
Comment Utility
Check out Comptia Security+ to get your foot in the door.
The best way to find out is to dabble in it and see if you like it.
0
 

Accepted Solution

by:
megalodonsec earned 125 total points
Comment Utility
While not very popular, my perspective is quite different regarding certifications. I have achieved many of them and most are worthless.
Here is a list of the ones I have achieved over the past 9 years:
A+, MCSE(x2), MCT, CCNP, CCDP, CCSP, ISSP, CISSP, and the written CCIE Security.
Only twice have any of them had an effect on getting a better job which were the CCIE written and CISSP, both of which require a great deal of dedication. The CISSP requires 4 years of Security experience and the CCIE can be a nightmare to achieve.
Having recently been looking in the job market it has become clear that the most sought after credentials you can have if you want to be in Security are a degree and of course experience.
In my opinion you should look at what you really want to be doing 5 and even 10 years from now and focus strictly on that vs. chasing a bunch of worthless certs which you'll never use anyway. Make your next job choice move you closer to that goal.
The CCSP would be great if you want to be a "Cisco Security Professional" but only because of the knowledge you would gain, don't expect it to land you in a Network engineers seat.
The last point I want to make is to clarify the current Security market, I am now making $20k less than I was two years ago and it's only getting worse. The only real money left in security is management, coding, or compliance auditing (consulting).
I don't want to discourage anyone from studying or getting certified but just be aware of what it's really worth. Any arguments are welcome and appreciated :)
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now