Solved

how to start my Security career ?

Posted on 2010-11-23
6
494 Views
Last Modified: 2013-12-12
i know repeated question .. but i need your help guys

im working as network / system administrator in IT Dept .. and i have arround 7 years experience in that field and Bachelor degree not in IT field, in some engineering
also im certified MCITP EA 2k8 server - CCNA - IBM AIX os Admin
and i realized that i need to take the security direction to increase my CV value and gain more knowledge & experience

what certification i should start with ? this is the question

should directly take CISSP ?? or should i start with CEH ... or ...etc

so guys help me
0
Comment
Question by:F_A_H_D
6 Comments
 
LVL 5

Expert Comment

by:cjordan323
ID: 34202651


CISSP is the most recognized. That is where I would start.

Also this organization is very good for the IT security professional to get involved with. You won't find a lot of technical resources here but you should be able to really do some networking within this organization:  http://www.infragard.net
0
 
LVL 25

Expert Comment

by:madunix
ID: 34202796
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 34205615
CISSP is probably the best known. However, here is a quote from an actual employer:

"In terms with joining an pentest company we have have all CV's from
recruiters (or HR) sent to the team leader, who then decides on who they
interview, then once in the interview they are accessed on technical
abilities and if they will be suitable to the team, then if we like them
during said interview we put them on a Vmware based assult course and
ask them to demonstrate said abilities. Sorts the men from the boys.

We dont look for people with CISSP (its nice if you have it, but your
more of a security consultant (sorry!!) than a pen-test consultant; we
dont actively push people to CISSP or CCNA - we want people with CREST
or CHECK or in a position to be able to easily pass it."

This is taken from the pentest mailling list at securityfocus btw - the question comes up quite regularly, so searching the archives at http://www.securityfocus.com/archive/101 (or joining the list) may pay dividends.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 25

Expert Comment

by:madunix
ID: 34273069
keep yourself updated about : Information Security, Process Security, Internet Technology Security, Communications Security, Wireless Security, Physical Security ..etc. Learn Linux/Unix and Networking and DB.

Look @  
http://packetstormsecurity.org/
http://hakin9.org/
http://www.linuxjournal.com/
http://www.linux-magazine.com/
http://www.linux-magazine.com/Issues/2010/121

Use opensource tools ), maybe you could use BackTrack, a nice distro with a lot of security tools to ethical hacking....
http://www.backtrack-linux.org/
http://en.wikipedia.org/wiki/BackTrack
http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
0
 
LVL 25

Expert Comment

by:madunix
ID: 34273415
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39715532
If I had to pick one it would be the CISSP.

What I'd actually recommend is following the DoD Approved 8570 Baseline Certifications track to achieve IAT Level I, II, and III.

IAT Level I: A+, Network+, SSCP
IAT Level II: GSEC, Security+, SSCP
IAT Level III: CISA, CISSP, CASP, GCIH, GCED

In addition to the CEH, I'd consider other SANS training/GIAC certifications of interest (e.g. GPEN, etc.)

While this question is dated, my advice is not and I provide this information for future search results.

Additionally, WGU offers excellent (and inexpensive) online BS and MS degrees programs.  The latter being based on the CISSP domains and CEH.  They will gladly waive credits based on current certifications and other relevant course work completed in the past.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now