What Certs would you recommend for getting work in the Security Sector?

Discussion in 'Employment & Jobs' started by Xinapse, Feb 19, 2012.

  1. Xinapse

    Xinapse Bit Poster

    21
    0
    6
    Feb 19, 2012 #1
    Remove Advertisement - Premium Membership
    After Security+?
     
  2. JK2447
    Highly Decorated Member Award 500 Likes Award

    JK2447 Petabyte Poster Administrator Premium Member

    7,200
    951
    318
    Feb 19, 2012 #2
    Remove Advertisement - Premium Membership
    I suppose it depends on where specifically you want to be. CEH might be able to get your foot into the door of a junior testers role, maybe. CISSP is the defacto security cert if there is such a thing as most disciplines hold it in high regard. There are a lot of hoops to jump through before you can qualify to take either of those certs. You could do an MCSE: Security or CCNA: Security if you wanted to be a technical specialist.

    My advice would be to go onto a job site and see what they are asking for and also look into the various roles in the field as in my experience they vary massively from extremely technical, to all paperwork and iso's.
     
    Certifications: VCP4, 5, 6, 6.5, 6.7, 7, 8, VCAP DCV Design, VMConAWS Skill, Google Cloud Digital Leader, BSc (Hons), HND IT, HND Computing, ITIL-F, MBCS CITP, MCP (270,290,291,293,294,298,299,410,411,412) MCTS (401,620,624,652) MCSA:Security, MCSE: Security, Security+, CPTS, CCA (XenApp6.5), MCSA 2012, VSP, VTSP
    WIP: Google Cloud Certs
  3. Kitkatninja
    Highly Decorated Member Award 500 Likes Award

    Kitkatninja aka me, myself & I Moderator

    11,143
    559
    383
    Feb 19, 2012 #3
    Are you looking for certs or certs and education? And also what part of security?

    JK has already listed a few and there are also:

    1. The associate of SSCP or CAP from ISC2 as you don't have the experience (based on your post, but I could be mistaken)
    2. M889 Computer Forensics and Investigation and M886 Information security management from the OU
    3. Various "Responding to computer misuse" courses
    4. Security5 from the EC-Council
    5. GSEC from GIAC

    If you already work in IT, possibly getting your professional registration (eg ICTTech from the ECUK) may assist.
     
    Certifications: MSc, PGDip, PGCert, BSc, HNC, LCGI, MBCS CITP, MCP, MCSA, MCSE, MCE, A+, N+, S+, Server+
    WIP: MSc Cyber Security
  4. Xinapse

    Xinapse Bit Poster

    21
    0
    6
    Feb 19, 2012 #4
    Thanks for your reply, it will be in addition to a Computer Science degree.
     
  5. Xinapse

    Xinapse Bit Poster

    21
    0
    6
    Feb 19, 2012 #5
    I eventually want to work in penetration testing.
     
  6. JK2447
    Highly Decorated Member Award 500 Likes Award

    JK2447 Petabyte Poster Administrator Premium Member

    7,200
    951
    318
    Feb 19, 2012 #6
    A very tough nut to crack. Make sure you master a language or two on that degree and have good *nix skills.
     
    Certifications: VCP4, 5, 6, 6.5, 6.7, 7, 8, VCAP DCV Design, VMConAWS Skill, Google Cloud Digital Leader, BSc (Hons), HND IT, HND Computing, ITIL-F, MBCS CITP, MCP (270,290,291,293,294,298,299,410,411,412) MCTS (401,620,624,652) MCSA:Security, MCSE: Security, Security+, CPTS, CCA (XenApp6.5), MCSA 2012, VSP, VTSP
    WIP: Google Cloud Certs
  7. Monkeychops

    Monkeychops Kilobyte Poster

    301
    22
    25
    Feb 21, 2012 #7
    If it's a pen tester you're aiming towards then you probably want to go for the more technical/hands on certs rather than the infosec management ones.

    That said a CISSP is not usually a bad thing to have, the ISEB CISMP is a good starter-ish cert in that kind of area as is the SSCP (the mini CISSP :) ).

    CeH is very much seen as an entry level cert in the world of testing, it will probably help with a foot in the door though.

    The target certs for testers are the Check Team equiv which are harder to get, you've got the choice of Tigerscheme or CREST which have Check equiv certs if you're not working for a Check company.

    The SANS certs are also pretty good, and I believe the Offensive Security stuff is decent as well.

    Not as tough as people may think, and certainly don't need to be a master of any languages to get into the field ;) You do need to be a little proficiant with Linux though.

    Yes it's a pretty technical role, but there's a lot of people skills involved as well if you want to progress above just a standard tester.

    There's all the pre and post engagement stuff to think about which requires a lot of communication with various people, also a fair amount of diplomacy involved :)

    If you are not in an IT role yet then that's your first point of call, ideally you need to have some understanding of how things work in the world of corporate IT.

    I was a tester for a while and whist not specifically a tester now am still heavily involved in the area, any questions just fire away.
     
    Last edited: Feb 21, 2012
    jk2447 likes this.
  8. Kitkatninja
    Highly Decorated Member Award 500 Likes Award

    Kitkatninja aka me, myself & I Moderator

    11,143
    559
    383
    Feb 21, 2012 #8
    Just adding for the CISSP, SSCP, CAP you do need the experience otherwise you only gain the "Associate of..." ISC2 credential.
     
    Certifications: MSc, PGDip, PGCert, BSc, HNC, LCGI, MBCS CITP, MCP, MCSA, MCSE, MCE, A+, N+, S+, Server+
    WIP: MSc Cyber Security
  9. Monkeychops

    Monkeychops Kilobyte Poster

    301
    22
    25
    Feb 21, 2012 #9
    Yup, the ISEB CISMP whilst a pre req is advised that you have experience it's not a hard pre req as it is for those above.

    As said anythng specific you want to ask fire a pm my way.
     
    Last edited: Feb 21, 2012

Share This Page

Loading...
Remove Advertisement - Premium Membership
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...