?
Solved

how to start my Security career ?

Posted on 2010-11-23
6
Medium Priority
?
501 Views
Last Modified: 2013-12-12
i know repeated question .. but i need your help guys

im working as network / system administrator in IT Dept .. and i have arround 7 years experience in that field and Bachelor degree not in IT field, in some engineering
also im certified MCITP EA 2k8 server - CCNA - IBM AIX os Admin
and i realized that i need to take the security direction to increase my CV value and gain more knowledge & experience

what certification i should start with ? this is the question

should directly take CISSP ?? or should i start with CEH ... or ...etc

so guys help me
0
Comment
Question by:F_A_H_D
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 5

Expert Comment

by:cjordan323
ID: 34202651


CISSP is the most recognized. That is where I would start.

Also this organization is very good for the IT security professional to get involved with. You won't find a lot of technical resources here but you should be able to really do some networking within this organization:  http://www.infragard.net
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 2000 total points
ID: 34205615
CISSP is probably the best known. However, here is a quote from an actual employer:

"In terms with joining an pentest company we have have all CV's from
recruiters (or HR) sent to the team leader, who then decides on who they
interview, then once in the interview they are accessed on technical
abilities and if they will be suitable to the team, then if we like them
during said interview we put them on a Vmware based assult course and
ask them to demonstrate said abilities. Sorts the men from the boys.

We dont look for people with CISSP (its nice if you have it, but your
more of a security consultant (sorry!!) than a pen-test consultant; we
dont actively push people to CISSP or CCNA - we want people with CREST
or CHECK or in a position to be able to easily pass it."

This is taken from the pentest mailling list at securityfocus btw - the question comes up quite regularly, so searching the archives at http://www.securityfocus.com/archive/101 (or joining the list) may pay dividends.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 25

Expert Comment

by:madunix
ID: 34273069
keep yourself updated about : Information Security, Process Security, Internet Technology Security, Communications Security, Wireless Security, Physical Security ..etc. Learn Linux/Unix and Networking and DB.

Look @  
http://packetstormsecurity.org/
http://hakin9.org/
http://www.linuxjournal.com/ 
http://www.linux-magazine.com/
http://www.linux-magazine.com/Issues/2010/121

Use opensource tools ), maybe you could use BackTrack, a nice distro with a lot of security tools to ethical hacking....
http://www.backtrack-linux.org/
http://en.wikipedia.org/wiki/BackTrack
http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39715532
If I had to pick one it would be the CISSP.

What I'd actually recommend is following the DoD Approved 8570 Baseline Certifications track to achieve IAT Level I, II, and III.

IAT Level I: A+, Network+, SSCP
IAT Level II: GSEC, Security+, SSCP
IAT Level III: CISA, CISSP, CASP, GCIH, GCED

In addition to the CEH, I'd consider other SANS training/GIAC certifications of interest (e.g. GPEN, etc.)

While this question is dated, my advice is not and I provide this information for future search results.

Additionally, WGU offers excellent (and inexpensive) online BS and MS degrees programs.  The latter being based on the CISSP domains and CEH.  They will gladly waive credits based on current certifications and other relevant course work completed in the past.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question