Solved

Network Security Certification

Posted on 2004-09-16
4
399 Views
Last Modified: 2013-11-16
My career is going nowhere. I've worked in Desktop Support for 6 years.  I make a low salary with no opportunities for advancement. I'd like some feedback about getting a Network Security Certification.  Here are my questions:
Is this a good field to get into?  
What level of pay can I expect?
Which is the best certification to do?
Will  the Cisco Cert. Security professional help me get a good job that pays well?
0
Comment
Question by:romansoldier
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 1

Expert Comment

by:dommurray
ID: 12085247
I can only answer this from personal experience so it's not a definitive answer.

 1. Yes it is, the way I see it not only is it a facinating aspect of it but even as technology change, there will always be a need for security practitioners.

 2. Depends, being a DTS person I have to assume that you higher level experience is limited, it would help to get a broader field of experience in networking, infrastructures etc rather that just desktop, easier said than done I know, I personally would advide going to a 3rd line support level first to get a better overall knowledge which you will need, you wont need to become an expert in everything (nobody is an expert, anyone that says different is wrong! they just know more and have had more experience). There's nothing to stop you hitting the books or the web either, there's a world of info out there.

 3. Like everything pay depends on experience and capabilities and usualy cames as part of a track record. From what I have seen (and I guess this depends on where your from) a professional security persona earns about the same or more as a thrid line manager, but less that someone like a CCIE.

4. The qualifications get you through the door, they do, like any qual, show a certain level of knowledge but don't always prove understanding or experience. However it's better to have them than not of course...anything that gets you the interview. The trouble is, with a lack of experience security exams are not straight forward, you may be able to get it from a book and learn "parrot fashion" but you'll trip up on your fuirst job when you don't know what you are talking about.

I realise my comments are not uplifting but I think they are realisitc. If you enjoy IT half of the fun is the learning and exploration of new things.

I don't think you can do it overnight but then again it shouldn;t take forever, move up the scale to third line for a couple of years and then you'll be more prepared.

However, like anything this is just my opinion, I will be curious to see the comments of those who disagree :)

Best Wishes and good luck......it is worth the pursuit

DJM
0
 

Expert Comment

by:usrhlp
ID: 12085877
This has happened to me.

What i have done is as follows.
I took my own personal time out to read books. I kept my DTS jobs running in the back ground (wishing every day i could leave and do something interesting and worthwhile) and i read books about CCNA networking (its going to be hard to become a network security specialist if you dont know the difference between layer 3 routing and layer 2 switching. Programming, learning new os's. etc etc.
While going at work i looked at other things. Then one day i was offered the chance to do both DTS and programming/implementations.
I took it. I am now on the way to becoming CCNA certified, MCSE, .NET compliant and lots more.

My advice is, learn in your own time, there are not many jobs out there that will train you up from scratch, but there are chances to learn on base knowledge you already have. I could already do programming and had a basic networking background before i embarked on the CCNA and later on a networking job. While at the job i have the chance to expand my programming (diverging into .NET) and also doing system builds, and also being given some after hours work to earn some extra money.

But waffle aside, learn in your own time (read CCNA then do Cisco security, cos if you cant configure a router you sure as hell aint going to secure one down to a multitude of possible attacks) maybe ask your boss if there is a chance to get some extra qualifications during quiet periods. learn programming so you can code your own overflows, pen test suites that sort of thing. There are not many good security testers out there who cant code. Those that cant code and call themselves security experts are just fooling themselves. Gain MCSE in NT and start to use Linux. All this will help to get you out of a boring rut known as DTS (damn tedious sh1t (can we say that here??)) I should know, it is exactly what i did.
THe field of security is good, but almot every man and his dog are doing it now. The world is starting to get flooded with "security experts". Check Bugtraq and all the people who post to that. Only the best will get the good money. Those, most probably like myself, will stay getting better but never shining out above the rest. Id expect you to be able to get at least 25K in uk for security work, possibly more the bigger the array of things you can audit. In the us id guess at least 35K but it does depend who you are working for and what they need securing.

But learn your CCNA, Some programming, Windows Certs and go for the Cisco Security modules. Good luck!

I know you can do it. Just give it time and determination. Afterall, you have nothing to lose, just everything to gain!
0
 
LVL 1

Expert Comment

by:AbstractAnger
ID: 12147076
Check out Comptia Security+ to get your foot in the door.
The best way to find out is to dabble in it and see if you like it.
0
 

Accepted Solution

by:
megalodonsec earned 125 total points
ID: 12254520
While not very popular, my perspective is quite different regarding certifications. I have achieved many of them and most are worthless.
Here is a list of the ones I have achieved over the past 9 years:
A+, MCSE(x2), MCT, CCNP, CCDP, CCSP, ISSP, CISSP, and the written CCIE Security.
Only twice have any of them had an effect on getting a better job which were the CCIE written and CISSP, both of which require a great deal of dedication. The CISSP requires 4 years of Security experience and the CCIE can be a nightmare to achieve.
Having recently been looking in the job market it has become clear that the most sought after credentials you can have if you want to be in Security are a degree and of course experience.
In my opinion you should look at what you really want to be doing 5 and even 10 years from now and focus strictly on that vs. chasing a bunch of worthless certs which you'll never use anyway. Make your next job choice move you closer to that goal.
The CCSP would be great if you want to be a "Cisco Security Professional" but only because of the knowledge you would gain, don't expect it to land you in a Network engineers seat.
The last point I want to make is to clarify the current Security market, I am now making $20k less than I was two years ago and it's only getting worse. The only real money left in security is management, coding, or compliance auditing (consulting).
I don't want to discourage anyone from studying or getting certified but just be aware of what it's really worth. Any arguments are welcome and appreciated :)
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question