+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 28
  1. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #1

    Default (picking certifications) No experience. taking 3 months off to study

    Im a recent business grad that is looking to go into infosec. After not getting accepted to the only job that would consider hiring someone with no technical experience, I have decided to take 3 months off (no work, just studying) to teach myself python and get some certifications under my belt before looking again.
    With that in mind, what certificates would be the best use of my time.
    These are the ones i had in mind, in order but obviously im open to suggestions
    1. Comp TIA A+
    2. GSEC: SANS GIAC Security Essentials
    3. Comp TIA Network +
    4. Comp TIA security +
    5. CEH
    6. CISSP


    Not sure what I will be able to crank out in 3 months. I was hoping at least 2 as well as becoming proficient in python.
    Any other advice in the info sec career path is also much appreciated.
    Thanks
    Reply With Quote Quote  

  2. SS -->
  3. Passion For IT
    Join Date
    Mar 2008
    Posts
    569

    Certifications
    MCTS, MCITP, MCP, A+, Server+, Security+, Project+, CCENT, CCNA-Sec, CEH, CHFI
    #2
    No technical experience? Take the entry level ones: CompTIA A+/Net+/Sec+. The trifecta. It's obtainable in 3 months (lots of studying with no experience).

    Remember, though: you're starting from the bottom. It'll take a bit before you hit that infosec job. Look into helpdesk or something as a start. From there, it's fairly easy to move up to jr. sys admin and up if you have the determination and the will to succeed.

    The others, especially the CISSP, would need some experience. The CISSP requires 5 years of infosec experience within 3 domains. CEH is easy, but I had experience and several other certs before I took it. I still feel it's an entry level infosec (but not entry level IT) cert.

    Start from the bottom. Then work up. A+, Network+, Security+ will be a great foundation. Couple that with a year or two of helpdesk and you'll be ready to tackle the harder stuff.
    A few certs here and there and everywhere...
    AAS: Computer Security
    BS: Information Technology - Security (WGU)
    MS: Information Security & Assurance (WGU)
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #3
    Thank you for your comments, i really appreciate it.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Aug 2015
    Posts
    313

    Certifications
    A+, Six Sigma White Belt, CNA, MCSE (Win2K)
    #4
    If you want to jump into InfoSec , Certs are not only going to get you a job. Get the A+ and get a helpdesk/desktop job. Do the Trifecta while trying to get a job
    Reply With Quote Quote  

  6. IOCs? What IOCs???!! jcundiff's Avatar
    Join Date
    Jan 2016
    Location
    Morehead, KY
    Posts
    407

    Certifications
    CISSP, CRISC, ITILFv3, PCIP, RSA Archer, MSCE Win2000, A+, N+, Server+, Proj+, eBiz+,iNet+
    #5
    Definitely agree, A+>Net+>Sec+> GSEC and then the higher certs the CompTIA hat trick will build a solid base for the advanced certs
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    May 2013
    Posts
    1,111

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #6
    Getting into InfoSec without any experience or at least a degree in the subject is going to be quite challenging. Honestly, I would not take time off, I would try to get a help desk job or any IT job you can....that way you are at least in technology....and get certifications while working and try to branch out. Nobody is going to want somebody securing their networks that has no time behind the wheel...it's just too much of a liability. Get the CompTIA trifecta (A+, Network+, Security+) and then reevaluate....probably C|EH or GSEC would be two good options to get you more into the Security mindset. More than likely the trifecta will take you at least 3 months but without work experience you are likely to be in the same boat you are in now.

    Python is great to know....but it will not help you break into InfoSec because it is good for scripting/automating stuff you should know prior.

    I repeat....get a job in IT...any job...work on certifications while gaining experience....and keep applying to InfoSec roles (possibly even wait until you complete the trifecta).
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #7
    What type if entry level jobs could I get with no experience? Help desk, anything else?
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    May 2013
    Posts
    1,111

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #8
    Help Desk....maybe a junior system administrator. Without debate your first job probably will not be amazing but you have to start somewhere. I would probably avoid something like Geek Squad unless you had to because they aren't really doing any enterprise stuff and that is what you need.
    Reply With Quote Quote  

  10. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #9
    Thanks, ill have to see if my university will help me find some entry level IT job. It sucks most dont want to touch you with a 10ft poll unless you have a CS or MIS degree. I know im on the bottom of the totem poll which i feel makes it even more important that i dedicate my time in the proper direction if possible.
    Reply With Quote Quote  

  11. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    348

    Certifications
    GCIH, eJPT, CCNA R&S, CAPM, Sec+, Net+, A+
    #10
    I agree with TechGuru80. Definitely get a job in IT, even if it is less pay, not infosec, and not a dream job. Entry level help desk or something similar. It's not about the pay yet and it will be temporary anyways. Work experience will give you a taste of what you might not realize you like (or dislike). Technically on paper you'll have less study time towards certs. However, employees are often okay with studying on the job if you can pull it off gracefully--and this often complements progress towards certs instead of inhibiting progress.

    The soft skill practice of landing the first entry IT jobs is valuable too. You'll only get better and better at interviewing, resume tweaking, landing the job, phone interviews, the feeling of getting a salary locked in without negotiating, etc., so get good in these skills using the entry level jobs you care less about as practice dummies so to speak, so when a dream job comes along you'll nail it and get a salary you want as well.

    You're guaranteed to have zero gains in job-landing soft skills practice during those three months if you never try.

    As far as not landing the so-called only job that would hire without experience--well-- if you don't have a spreadsheet or similar to keep track of all the jobs you are applying for you're not applying for enough jobs. And if you are really really not getting hired I'd suggest an A+ to get in the door.
    Reply With Quote Quote  

  12. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #11
    Thanks, im surprised so many people value help desk jobs.I would have thought that would have been a waste of time / effort. I will definitely get the A+, network+, sec+ certs, they seems to be a overwhelming favorite to start out with
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Apr 2013
    Posts
    1,889
    #12
    It's not that we value helpdesk all that much but you need a foundation, and you can't get that without work experience. It's highly unlikely anyone is going to hire you without an IT related education, certs or work experience so you have to start somewhere.

    Why a business degree if you wanted to go into infosec? What is it about security that interests you? Have you done anything on your own? Virtual machines, building your own computers, etc?
    Reply With Quote Quote  

  14. Member
    Join Date
    Nov 2016
    Posts
    52

    Certifications
    CISSP,MBA,CASP,CEH,ITIL v3 found
    #13
    I can honestly say that working my way up to helpdesk manager has worked well for me. I am not sure I would even be in the InfoSec field much less have CISSP if I didn't start from the bottom of level 1 helpdesk.

    Don't write off helpdesk... start there and work your well up. Learn how to deal with people and problems as they come up and make a name for yourself.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Jan 2016
    Location
    King City, CA
    Posts
    380

    Certifications
    A+, Network+, Security+ce, Server+, Project+, MCSA Server 2008, CCENT, CCNA R&S, CEHv8, CHFIv8, CCNA Security
    #14
    I've never had a helpdesk job, but I have held a few customer-facing positions. CompUSA as a bench-tech WAY back in the day (late 90s), RadioShack for 7 years, Geek Squad for a few months... that experience taught me how to work with (and for) people that had varying levels of knowledge in computers. I hope I never have to go back to that, but I am infinitely grateful I went through those experiences.
    Reply With Quote Quote  

  16. Member
    Join Date
    Sep 2013
    Posts
    93
    #15
    Quote Originally Posted by hellar View Post
    Thanks, im surprised so many people value help desk jobs.I would have thought that would have been a waste of time / effort. I will definitely get the A+, network+, sec+ certs, they seems to be a overwhelming favorite to start out with
    Regarding Helpdesk remember one thing - It is a job NOT a career. I made this huge blunder and am paid the price. My suggestion would be to go for MCSA and CCNA quickly. A+/N+ is too basic IMHO. Sec+ is doable in 3 months but get ccna security so as to not put all eggs in one basket. Get the certs, get a simple networking job, if not get helpdesk. After 6 months take another month or two off and study for cissp 15/16 hours a day - Yepp you read it right. Get the Associate of ISC and jump full time into infosec. if you want to stay on networking side don't waste time on security.
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #16
    Quote Originally Posted by Danielm7 View Post
    It's not that we value helpdesk all that much but you need a foundation, and you can't get that without work experience. It's highly unlikely anyone is going to hire you without an IT related education, certs or work experience so you have to start somewhere.

    Why a business degree if you wanted to go into infosec? What is it about security that interests you? Have you done anything on your own? Virtual machines, building your own computers, etc?
    Its the classic get 3 1/2 years into a degree take a required MIS class and fall in love with info sec but it being too late to get another degree. Ive been building computers for years, basic trouble shooting for everyone. Playing around with wireshark, SSL Shell on websites like overthewire.org, reading books on social engineering, stuxnet and staying up to date on article from kerbs, tripwire, ars technica. Any time i see a article on any type of breach and research more into it, just to get a better understanding. Have done non formal intro so cyber security courses giving me a general understanding of cryptography , malware, networking and communications, but all very basic stuff. But in the end, nothing of hard value to put on a resume.
    Reply With Quote Quote  

  18. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #17
    I do appreciate all the advice yall have given, and look forward to more.
    Reply With Quote Quote  

  19. There is no spoon. p@r0tuXus's Avatar
    Join Date
    Nov 2016
    Location
    KCMO
    Posts
    515

    Certifications
    ITIL-F, A+, S+, CCNA
    #18
    Quote Originally Posted by kabooter View Post
    Regarding Helpdesk remember one thing - It is a job NOT a career. I made this huge blunder and am paid the price. My suggestion would be to go for MCSA and CCNA quickly. A+/N+ is too basic IMHO. Sec+ is doable in 3 months but get ccna security so as to not put all eggs in one basket. Get the certs, get a simple networking job, if not get helpdesk. After 6 months take another month or two off and study for cissp 15/16 hours a day - Yepp you read it right. Get the Associate of ISC and jump full time into infosec. if you want to stay on networking side don't waste time on security.
    I partially agree. I did the same thing with working one tech support call center job after another. Mobile Customer Support, ISP Residential Support, Various Tech Sales Gigs and Laptop Repair. All over the place but never the exact same job. Always expanding that broad knowledge-set. Eventually, without certs or a degree, I got onto a NOC. From there I started knocking out some certs. The hours overnight helped with access and learning materials. People to bounce things off of. Etc. It sounds like you're really into the field, just not formally - and I feel you there. I think CCNA R&S/-S would help you from a networking standpoint. MCSA for SysAdmin Experience. A+/N+ would help get onto a helpdesk and give you resume experience while you work on those things. If you interview well, you could probably get something basic in security with a Sec+ (depending on where you live). Best advice: Buy books & work on it with a solid game-plan in your own time. Stay on it. From my experience, falling away from the game makes it that much harder to catch up.
    Reply With Quote Quote  

  20. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Galloway, NJ
    Posts
    1,271

    Certifications
    A+, Network +, GSEC, GCIH, Lunatic+
    #19
    Quote Originally Posted by jcundiff View Post
    Definitely agree, A+>Net+>Sec+> GSEC
    You can pick up the first three of these certs about $1,200 for books, practice tests and exams costs, but the GSEC is a $6,650 investment, even if you obtain study material from other sources (Ebay, borrow, steal) you still looking at $1,000 for the exam alone. SANS certs are great, but they are something you should try to get your employer to pay for. For most people they are out of reach financially, my two GIAC certs cost my company around 20k when you consider course cost, exam voucher, hotel, meals and travel.
    Last edited by TechGromit; 12-30-2016 at 04:12 PM.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  21. R's child has far to go thatguy67's Avatar
    Join Date
    Jan 2014
    Location
    Ann Arbor, MI
    Posts
    332

    Certifications
    CCNA:R&S, Linux+/LPIC-1/CLA, MCSA:Server 2012, SCS:DLP 12, Security+, VCP5-DCV
    #20
    Somewhat agree with kabooter, but the MCSA and CCNA can't be done in 3 months.

    I had that exact plan in September 2014 (my thread: Would this be a realistic/valuabe/focused cert path?). I ended up getting those certs more than a year later.

    If you have a 3 month timeline the CompTIA trifecta is the most ambitious combo you should attempt. For practicality I would focus just on Security+ because it's the most widely known jr. infosec cert, with the SSCP being a semi-distant second IMO. The CISSP can't be done because you need 5 years experience. The GSEC is brutally expensive and doesn't have too many benefits over the Security+ (the SANS certs for Pentesting and Malware Analysis are world-class however but that's not entry-level) and the CEH doesn't seem to be highly regarded. Any comments I said about name recognition should be read under the consideration that I'm in Southern California and those are the experiences/conversations I've had in regards to certs and what's in demand.
    Last edited by thatguy67; 12-30-2016 at 04:19 PM.
    2017 Goals: []PCNSE7 []CCNP:Security []CCNP:R&S []LCDE []WCNA
    Reply With Quote Quote  

  22. Member ypark's Avatar
    Join Date
    Feb 2014
    Location
    Northern VA
    Posts
    99

    Certifications
    CCNA R&S, CCENT, Linux+, Security+, Network+, A+
    #21
    Given OP's hands on experience (building computers and etc), I would recommend skipping A+ and going for Net+ and Sec+. By the time these two are completed, and couple of months on the job, OP should have more of an idea of where to go from there. Long term goals are nice but when you are just starting out, plans change. Frequently.

    I think the most important thing is to land an entry level position ASAP. Do not delay getting a job as certs cannot replace experience.
    Reply With Quote Quote  

  23. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #22
    Thanks, Im having trouble even finding a helpdesk job with no experience, but I have a interview the a head hunter tuseday and i will see if the universities career center can find me something. maybe some tech work at the university.
    Reply With Quote Quote  

  24. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Location
    Colorado
    Posts
    258

    Certifications
    BSCS, CCNA, Sec+, Net+
    #23
    Hope you don't mind me jumping in on your thread. So, where would you recommend looking for an entry level job? Temp agencies, head hunters, LinkedIn, any other suggestions? I have 13 yrs in networking but have been out of industry 10+ years.

    ps @hellar the university is a great place to work. I worked at one in IT department for years.
    Last edited by GeekyChick; 01-01-2017 at 03:46 PM.
    Reply With Quote Quote  

  25. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,251

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #24
    If you are serious about IT, then you need to prove it before anyone is going to take a chance on you. If you have the time and resources to take three months off you will need to prove to a future employer that you weren't just slacking off. To that end, find a charitable organization that you can volunteer your time to and repair some computers, troubleshoot their network, etc. Depending on the charity, you could make some great contacts that may eventually land you an interview and a job.

    While volunteering, make sure you are studying and labbing for a certification or three (the CompTIA trifecta would be a good foundational start). As you study and lab, make sure you document your progress. Get a free blogging account and put your progress on there. Then link to it on LinkedIn, Facebook, Twitter, etc. Be sure to refer to it in your resume and during interviews. That will give future employers a feel for who you are and what you know. Just be cautious, though. Too many people put together blogs that look childish or have far too many grammatical or spelling errors to be taken seriously. If your English skills need some help, consider using Grammarly.

    Lastly, branding. Make sure your LinkedIn profile looks good. Get a professional looking photograph and post it. Do not, under any circumstances, post anything on LinkedIn that falls within the three deadly social sins: sex, politics, and religion...unless you happen to be targeting jobs within those three areas. Make sure that the message on your blog matches reality (nothing worse than seeing blog postings that are positive and uplifting then meeting the author who is nothing but negative). If you have a social media presence, make sure that you are not posting about how wasted you got last night...employers do conduct their due-diligence through open source intelligence gathering and you will be eliminated before the first contact from them.

    Good luck and keep us posted as to your progress...we are here for you and want you to be successful.

    *Iceweasel jacked up the formatting, had to correct it.
    Last edited by stryder144; 01-01-2017 at 04:53 PM.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  26. Junior Member
    Join Date
    Dec 2016
    Posts
    12
    #25
    Quote Originally Posted by stryder144 View Post
    If you are serious about IT, then you need to prove it before anyone is going to take a chance on you. If you have the time and resources to take three months off you will need to prove to a future employer that you weren't just slacking off. To that end, find a charitable organization that you can volunteer your time to and repair some computers, troubleshoot their network, etc. Depending on the charity, you could make some great contacts that may eventually land you an interview and a job.

    While volunteering, make sure you are studying and labbing for a certification or three (the CompTIA trifecta would be a good foundational start). As you study and lab, make sure you document your progress. Get a free blogging account and put your progress on there. Then link to it on LinkedIn, Facebook, Twitter, etc. Be sure to refer to it in your resume and during interviews. That will give future employers a feel for who you are and what you know. Just be cautious, though. Too many people put together blogs that look childish or have far too many grammatical or spelling errors to be taken seriously. If your English skills need some help, consider using Grammarly.

    Lastly, branding. Make sure your LinkedIn profile looks good. Get a professional looking photograph and post it. Do not, under any circumstances, post anything on LinkedIn that falls within the three deadly social sins: sex, politics, and religion...unless you happen to be targeting jobs within those three areas. Make sure that the message on your blog matches reality (nothing worse than seeing blog postings that are positive and uplifting then meeting the author who is nothing but negative). If you have a social media presence, make sure that you are not posting about how wasted you got last night...employers do conduct their due-diligence through open source intelligence gathering and you will be eliminated before the first contact from them.

    Good luck and keep us posted as to your progress...we are here for you and want you to be successful.

    *Iceweasel jacked up the formatting, had to correct it.
    Thank you. Ill have to looks into charities. Would you happen to know a good place to start? Im not aware of charities that fix computers or let your troubleshoot their network.
    I dont plan to slack off these 3 months. from experience i know just about 75% of the CompTIA A+ so I should be able to knock that one out soon. The network and sec+ will take more time.
    I do need to work on my LinkedIn account , and im very good about keeping all my social media private/ non existent.
    The blog is a great idea, I will defiantly get one once I have work.
    Last edited by hellar; 01-01-2017 at 05:22 PM.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks