Link to home
Start Free TrialLog in
Avatar of Syed Ahmed
Syed AhmedFlag for Saudi Arabia

asked on

New Cyber Security Position

Hi all, I have been a System administrator for around 10 years now and have recently moved into Cyber Security department internally. I am not so good at Networks and Network security. Would need your suggestions on where to start in order to get myself good at Networks and Network Security. Please note that I have completed Network+ and Security+ already. 
Avatar of Wesley Miller
Wesley Miller
Flag of United States of America image

Go to the site where the software your company is using and see if they offer Free training of the software you will be using. As an Example: Tenable Education , You can also get a Free copy of the software for personal Lab use to get more familiar with configuring and using it.
Avatar of btan
btan

Good that you have completed the foundation. I think what would be useful is to be able to risk assess and understand the threat faced in securing the network and one means is even go into network penetration testing (watch this). Of course there are other aspects which really depends on the security device that your org used and you should take further steps to get trained. Architecture is another but I think it can be a leap if you are still concern with the basics which you can beef up and apply first more project engagement - On job training.

Cyber Network Security – covering core knowledge, necessary network applications, network design, protection components, firewall, etc.
Network Security – for beginner covering the basics of TCP/IP, port scanning, sniffing, firewall, honeypot, network design, etc.
Security blogs by CISCO have plenty to offer. Many influencers and security experts share their knowledge so you can keep your knowledge up-to-date.
The best way to stay up-to-date to follow SANS for the latest curriculum announcements, tips, and resources.
sans.org/cloud-security
sans.org/blue-team
digital-forensics.sans.org
ics.sans.org
sans.org/cybersecurity-leadership
sans.org/offensive-operations 
You can start studying for the CISSP exam (I strongly suggest CISSP certification). The CISSP is not an entry-level certification; earning the CISSP enables many professionals – not just management and senior leadership – to help demonstrate their expertise.
https://www.isc2.org/Training/Self-Study-Resources
https://wentzwu.com/2020/08/07/10-tips-for-passing-cissp-a-madunix-note/
https://thorteaches.com/cissp-process-guide-fadi-sodah-madunix/
https://www.experts-exchange.com/articles/34791/Passing-CISSP.html

ASKER CERTIFIED SOLUTION
Avatar of Binh Win
Binh Win
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I would recommend this book which covers security audit checklists and areas you will need to focus on in your new role:

https://www.oreilly.com/library/view/it-auditing-using/9781260453232/ 

It will reference many security tools to make your life easier, improve visibility on risks etc.

CIS Top 20 is another insight into the various sub-sections of cyber security, and best practices to implement. You could assess your current compliance to these generally accepted best practices and identify weak spots and areas for improvement to increase cyber security efforts in your company, which is what your employers will want from you:

https://www.cisecurity.org/controls/cis-controls-list/