1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Management

Discussion in 'Training & Development' started by oush, Aug 14, 2010.

  1. oush

    oush Byte Poster

    103
    0
    21
    Hi Lads,

    As some of you know i'm looking to get into security management but not quite sure where to start. I'll be doing my Msc in Security Management in October. But I would like to plan my certification track at the same time. I have been working in IT for the past 5 years in various engineer roles from sys engineers to voice networks etc. I also currently hold a fair bit of certs: MCSE, MCDBA, MCITP: EA, CCNA, CCDA, CompTIA Linux+

    These are the sec management certs which i have found after some research:

    CISSP
    GIAC Security Leadership Certification (GSLC)
    Certified Information Security Manager (CISM)
    Certified Authorization Professional (CAP)
    GIAC Legal Issues (GLEG)
    Prince2

    You may notice the PRINCE2 and the CISSP in there ;) belive me their needed :) Project management work pays well :P


    Now the stepping stone for me would be CompTIA Security+ or GSEC (GIAC Security Essentials Certification). Not sure which one to go with.

    Can someone advice me if my plan is any good? I know the basic concepts of security but i sitll think i need to start at the bottom as with everything and work my way up.

    Do you think the cert track which i have chosen is feasable or have i missed some excellent management certs??

    Thanks
     
    Certifications: MCITP: EA, Linux+, CCNA, CCDA
    WIP: CCIP
  2. Beerbaron

    Beerbaron Megabyte Poster

    545
    9
    76
    I've seen a few people on here with prince2, what is the purpose of it?
     
    Certifications: BSc (Hons), MSc, ITIL v3F, MCP, MCDST, MCITP: edst7, MCTS, MCSA: Server 2003, MCSA: Windows 7, N+, NVQ IT lvl 3, MCSA Windows 7, VCP5, CCENT, CEH
    WIP: CISSP
  3. Bri1981

    Bri1981 Byte Poster

    207
    21
    27
    Prince2 is a project management methodology.
     
    Certifications: See signature
    WIP: MBA entry diploma
  4. Mecha

    Mecha Bit Poster

    41
    0
    16
    I'm intruiged as to how worthy some of these GIAC qualifications are worthwhile, outside of GSEC/GISF. They seem to have so many!!

    Anyway, depending what field you are I guess they get quite specific. My plan is:

    -Security+ (waiting on the 2011 exam)
    -GSEC
    -GISF

    These two will complement each other, but the GSEC is harder and much deeper than the Security+. I have been looking into getting some revision material and it's damn near sparse. On Amazon, one book is from 2009, the others are from 2003! So maybe it's only training courses?

    Anyway, in 2011 when those are done, work will be sending me on:

    -ISO27001 Implementor
    -Certified Security Management Principles

    This is for the internal work, so I have no idea what this will entail but it looks good. Again it's branching away from the technical work which is good for me. I tend to get bored with the technical stuff after a while, but I hope this will stay true!

    When those are done, I'm looking at:

    -CISSP (This is for uni, they are partners and will give us the training course and exam for free. I'll just be an associate until I get an extra 3 years of experience)
    -CISA (This is the route I'll like to lead down. Since I am already in the financial industry I can easily adapt a lot of the principles from my line of work, to a financial auditing role which is my ultimate role)

    The other two I'll be looking into are again more specific to financial institutes like Sarbanes–Oxley and COBIT. Which I suggest you look into also.

    Have you started to think about your thesis yet?! I have been thinking about mine but I am not too sure if it's too technical for my ultimate job roles! I've been on MSN too, I was sleeping last night though :(

    *edit* This is over 3 years, also I'll be doing my MSc in Information Security too, so busy times ahead!
     
    Last edited: Aug 15, 2010
    Certifications: BSc Networking, A+ (601)
    WIP: MSc InfoSec, S+, CISMP, IA ISO27001
  5. Beerbaron

    Beerbaron Megabyte Poster

    545
    9
    76
    So this can be used by anyone, not just people in IT?
     
    Certifications: BSc (Hons), MSc, ITIL v3F, MCP, MCDST, MCITP: edst7, MCTS, MCSA: Server 2003, MCSA: Windows 7, N+, NVQ IT lvl 3, MCSA Windows 7, VCP5, CCENT, CEH
    WIP: CISSP
  6. UKDarkstar
    Honorary Member

    UKDarkstar Terabyte Poster

    3,477
    121
    184
    Last edited: Aug 15, 2010
    Certifications: BA (Hons), MBCS, CITP, MInstLM, ITIL v3 Fdn, PTLLS, CELTA
    WIP: CMALT (about to submit), DTLLS (on hold until 2012)
  7. Beerbaron

    Beerbaron Megabyte Poster

    545
    9
    76
    Reading that makes me think thank god i dont have to manage projects :ohmy
     
    Certifications: BSc (Hons), MSc, ITIL v3F, MCP, MCDST, MCITP: edst7, MCTS, MCSA: Server 2003, MCSA: Windows 7, N+, NVQ IT lvl 3, MCSA Windows 7, VCP5, CCENT, CEH
    WIP: CISSP
  8. dmarsh

    dmarsh Terabyte Poster

    3,782
    302
    184
    From what I understand financial auditing is a quite different kettle of fish, better to study accounting or finance.

    These are related to regulatory compliance, incredibly dull and for the clipboard hugging pen pushers amongst us.

    Good project management requires a lot more than just a PRINCE2 cert. It's not 'their', its 'they're', a contraction of 'they are'.
     
    Last edited: Aug 16, 2010
    Certifications: CITP, BSc, HND, SCJP, SCJD, SCWCD, SCBCD, SCEA, N+, Sec+, Proj+, Server+, Linux+, MCTS, MCPD, MCSA, MCITP, CCDH
  9. Mecha

    Mecha Bit Poster

    41
    0
    16
    Sorry I meant I am in the IT industry for the finanicial sector
     
    Certifications: BSc Networking, A+ (601)
    WIP: MSc InfoSec, S+, CISMP, IA ISO27001

Share This Page

Loading...