What Certs would you recommend for getting work in the Security Sector?

Discussion in 'Employment & Jobs' started by Xinapse, Feb 19, 2012.

  1. Xinapse

    Xinapse Bit Poster

    21
    0
    6
    After Security+?
     
  2. Adam Banner

    Adam Banner Poster Galore

     
  3. jk2447

    jk2447 Petabyte Poster Moderator

    4,888
    200
    249
    I suppose it depends on where specifically you want to be. CEH might be able to get your foot into the door of a junior testers role, maybe. CISSP is the defacto security cert if there is such a thing as most disciplines hold it in high regard. There are a lot of hoops to jump through before you can qualify to take either of those certs. You could do an MCSE: Security or CCNA: Security if you wanted to be a technical specialist.

    My advice would be to go onto a job site and see what they are asking for and also look into the various roles in the field as in my experience they vary massively from extremely technical, to all paperwork and iso's.
     
    Certifications: BSc (Hons), HND IT, HND Computing, ITIL-F, MBCS CITP, MCP (270,290,291,293,294,298,299,410,411,412) MCTS (401,620,624,652) MCSA:Security, MCSE: Security, Security+, CPTS, VCP4, CCA (XenApp6.5), MCSA 2012, VCP5
    WIP: 70-246
  4. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    10,781
    346
    341
    Are you looking for certs or certs and education? And also what part of security?

    JK has already listed a few and there are also:

    1. The associate of SSCP or CAP from ISC2 as you don't have the experience (based on your post, but I could be mistaken)
    2. M889 Computer Forensics and Investigation and M886 Information security management from the OU
    3. Various "Responding to computer misuse" courses
    4. Security5 from the EC-Council
    5. GSEC from GIAC

    If you already work in IT, possibly getting your professional registration (eg ICTTech from the ECUK) may assist.
     
    Certifications: CITP, PGCert, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: MCE and PM Cert
  5. Xinapse

    Xinapse Bit Poster

    21
    0
    6
    Thanks for your reply, it will be in addition to a Computer Science degree.
     
  6. Xinapse

    Xinapse Bit Poster

    21
    0
    6
    I eventually want to work in penetration testing.
     
  7. jk2447

    jk2447 Petabyte Poster Moderator

    4,888
    200
    249
    A very tough nut to crack. Make sure you master a language or two on that degree and have good *nix skills.
     
    Certifications: BSc (Hons), HND IT, HND Computing, ITIL-F, MBCS CITP, MCP (270,290,291,293,294,298,299,410,411,412) MCTS (401,620,624,652) MCSA:Security, MCSE: Security, Security+, CPTS, VCP4, CCA (XenApp6.5), MCSA 2012, VCP5
    WIP: 70-246
  8. Monkeychops

    Monkeychops Byte Poster

    244
    7
    15
    If it's a pen tester you're aiming towards then you probably want to go for the more technical/hands on certs rather than the infosec management ones.

    That said a CISSP is not usually a bad thing to have, the ISEB CISMP is a good starter-ish cert in that kind of area as is the SSCP (the mini CISSP :) ).

    CeH is very much seen as an entry level cert in the world of testing, it will probably help with a foot in the door though.

    The target certs for testers are the Check Team equiv which are harder to get, you've got the choice of Tigerscheme or CREST which have Check equiv certs if you're not working for a Check company.

    The SANS certs are also pretty good, and I believe the Offensive Security stuff is decent as well.

    Not as tough as people may think, and certainly don't need to be a master of any languages to get into the field ;) You do need to be a little proficiant with Linux though.

    Yes it's a pretty technical role, but there's a lot of people skills involved as well if you want to progress above just a standard tester.

    There's all the pre and post engagement stuff to think about which requires a lot of communication with various people, also a fair amount of diplomacy involved :)

    If you are not in an IT role yet then that's your first point of call, ideally you need to have some understanding of how things work in the world of corporate IT.

    I was a tester for a while and whist not specifically a tester now am still heavily involved in the area, any questions just fire away.
     
    Last edited: Feb 21, 2012
    jk2447 likes this.
  9. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    10,781
    346
    341
    Just adding for the CISSP, SSCP, CAP you do need the experience otherwise you only gain the "Associate of..." ISC2 credential.
     
    Certifications: CITP, PGCert, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: MCE and PM Cert
  10. Monkeychops

    Monkeychops Byte Poster

    244
    7
    15
    Yup, the ISEB CISMP whilst a pre req is advised that you have experience it's not a hard pre req as it is for those above.

    As said anythng specific you want to ask fire a pm my way.
     
    Last edited: Feb 21, 2012