Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 507
  • Last Modified:

how to start my Security career ?

i know repeated question .. but i need your help guys

im working as network / system administrator in IT Dept .. and i have arround 7 years experience in that field and Bachelor degree not in IT field, in some engineering
also im certified MCITP EA 2k8 server - CCNA - IBM AIX os Admin
and i realized that i need to take the security direction to increase my CV value and gain more knowledge & experience

what certification i should start with ? this is the question

should directly take CISSP ?? or should i start with CEH ... or ...etc

so guys help me
0
F_A_H_D
Asked:
F_A_H_D
1 Solution
 
cjordan323Commented:


CISSP is the most recognized. That is where I would start.

Also this organization is very good for the IT security professional to get involved with. You won't find a lot of technical resources here but you should be able to really do some networking within this organization:  http://www.infragard.net
0
 
Fadi SODAH (aka madunix)Chief Information Security Officer, CISA, CISSP, CFR, ICATE, MCSE, CCNA, CCNP, CCIP, SCSC and SCECommented:
0
 
Dave HoweSoftware and Hardware EngineerCommented:
CISSP is probably the best known. However, here is a quote from an actual employer:

"In terms with joining an pentest company we have have all CV's from
recruiters (or HR) sent to the team leader, who then decides on who they
interview, then once in the interview they are accessed on technical
abilities and if they will be suitable to the team, then if we like them
during said interview we put them on a Vmware based assult course and
ask them to demonstrate said abilities. Sorts the men from the boys.

We dont look for people with CISSP (its nice if you have it, but your
more of a security consultant (sorry!!) than a pen-test consultant; we
dont actively push people to CISSP or CCNA - we want people with CREST
or CHECK or in a position to be able to easily pass it."

This is taken from the pentest mailling list at securityfocus btw - the question comes up quite regularly, so searching the archives at http://www.securityfocus.com/archive/101 (or joining the list) may pay dividends.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Fadi SODAH (aka madunix)Chief Information Security Officer, CISA, CISSP, CFR, ICATE, MCSE, CCNA, CCNP, CCIP, SCSC and SCECommented:
keep yourself updated about : Information Security, Process Security, Internet Technology Security, Communications Security, Wireless Security, Physical Security ..etc. Learn Linux/Unix and Networking and DB.

Look @  
http://packetstormsecurity.org/
http://hakin9.org/
http://www.linuxjournal.com/ 
http://www.linux-magazine.com/
http://www.linux-magazine.com/Issues/2010/121

Use opensource tools ), maybe you could use BackTrack, a nice distro with a lot of security tools to ethical hacking....
http://www.backtrack-linux.org/
http://en.wikipedia.org/wiki/BackTrack
http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
0
 
Fadi SODAH (aka madunix)Chief Information Security Officer, CISA, CISSP, CFR, ICATE, MCSE, CCNA, CCNP, CCIP, SCSC and SCECommented:
0
 
Giovanni HewardCommented:
If I had to pick one it would be the CISSP.

What I'd actually recommend is following the DoD Approved 8570 Baseline Certifications track to achieve IAT Level I, II, and III.

IAT Level I: A+, Network+, SSCP
IAT Level II: GSEC, Security+, SSCP
IAT Level III: CISA, CISSP, CASP, GCIH, GCED

In addition to the CEH, I'd consider other SANS training/GIAC certifications of interest (e.g. GPEN, etc.)

While this question is dated, my advice is not and I provide this information for future search results.

Additionally, WGU offers excellent (and inexpensive) online BS and MS degrees programs.  The latter being based on the CISSP domains and CEH.  They will gladly waive credits based on current certifications and other relevant course work completed in the past.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now