+ Reply to Thread
Results 1 to 12 of 12
  1. Senior Member
    Join Date
    Oct 2016
    Location
    USA
    Posts
    492

    Certifications
    CISSP, PCNSE, CCNP R&S, CCNA(Security/Data Center), CySA+
    #1

    Default Pathway to CyberSecurity Architect

    Hi everyone,

    I'm putting all my focus into security. I've been in IT for about 20 years now in various technical positions, going to senior levels in each (desktop, server, network). The only security related certs I have now are CCNA Security and Palo Alto's PCNSE 7. As of now, I've been focusing only on network security. I was studying for CCNP Security but with the goal of cybersecurity architect, I feel I need to put that on the back-burner and expand to other areas. Plus, I don't want to be limited to only network security.

    I've been looking at various job CyberSecurity Architect postings and as expected, the requirements are pretty long. Anything from network security, IDS/IPS, IAM, PAM, DLP, MFA, SIEM, public cloud.

    The great thing is, it's a lot to learn, and that's what interests me the most. The question is what's the best way to learn some of these things? Do I contact various companies to give me trials of their products?

    From the certification side of things, what are the best options for this path? Should I continue with various vendor specific certs or go vendor neutral?

    I know I'm going to begin looking at the CySA+ topics, but not sure if I'll sit the exam. I guess it can't hurt. CISSP is always an option, since it's on almost every job posting, but I want the knowledge and skills to perform the job duties. I don't feel CISSP will give me that

    FWIW...My training is all self-funded and right now my budget is limited
    Reply With Quote Quote  

  2. SS
  3. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    942

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #2
    I vote for vendor neutral certs like CompTIA or eLearnSecurity until you can get an employer to pay for SANS.

    From a technical angle, your best all-in-one shot would be to download security onion & get it up & running in your house and then maintain it daily as you would in an enterprise.

    overall i'd also say download the CIS Top 20 Critical Security Controls and read through and learn about everything they preach, both from the technical & administrative/process side.

    Do all that and I'll give you a job!
    Reply With Quote Quote  

  4. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,669

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security, MSISA, BSBA
    #3
    Great advice from 636. I'd also add that you SHOULD do the CISSP. It's pretty much the HR gatekeeper for security positions. Get it done and out of the way and then you can delve into the technical side of things. It honestly should not take anyone more than a month of study for the CISSP.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    365

    Certifications
    CISSP, C|EH, C|HFI, CCNA Cyber Ops, MCSA 2012, MCSA 2008, Security +, Net+, A+
    #4
    Quote Originally Posted by JoJoCal19 View Post
    It honestly should not take anyone more than a month of study for the CISSP.
    But, but, but, it's the "gold standard"!
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Apr 2011
    Location
    DMV
    Posts
    243
    #5
    As an architect and a previously a security analyst, the gap I see from attending meetups and working with folks is inadequate or the lack of knowledge about web technologies and cloud.

    Some experienced architect don't really understand the cloud and they try to design using the old knowledge or whatever they're comfortable with...I guess it's human nature.

    To me, I didn't get my job because of a cert...I don't even have an Azure or AWS cert, but I can talk the talk and walk the walk when it comes to cloud technologies (I sleep in the console ). I simply kept learning and it became second nature to question a design during meetings...one day the VP asked if I wanted to join his team. And I said yes.

    Financially it was a lateral move because I was a security analyst/manager; but I was ready for a new challenge and ready to fix the BS designs I was seeing.
    Last edited by joneno; 02-09-2018 at 05:29 PM.
    Reply With Quote Quote  

  7. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,726

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure,FW), LFCS, CEH, PA ACE
    #6
    I guess it depends on the job description. Cyber Security Architecture can be a broad term. If the job is more high level enterprise management, then CISSP, CISSP-ISSAP, SABSA Enterprise Security Architecture, ISACA, CIS CSC, GDPR, ISO, types of skill knowledge will work to your benefit.

    If it is an Architecture role where it is more hands on design and configuration, then technical skill level is more of the idea here which will need various vendor and non vendor technical skills. In the end a CISSP will make a technical engineer even better.

    Most Architecture roles I see require both technical skills and enterprise management. A Security Architecture role is such a high level position, you should be required to do both.

    So regardless, CISSP is a good start or measurement of skills you should have at a minimum for either type of Architecture role.

    Being a Security Architect is one of my goals in the near future, I am working on the technical hands on skills as you can see. However, eventually I want to obtain the ISSAP and the SABSA Architect certifications mainly the SCF(foundation) and the SCP(practitioner). I heard the SABSA is considered one of the best enterprise security architecture certifications.

    After taking the foundation courses/exam the SCP looks like a beast.

    It is not possible to assess Advanced competency using multiple-choice testing techniques so Advanced module examinations take the form of demonstrable assignments. Examination papers contain 5 questions from which candidates must choose 2 to answer. Using examples from real working environments, or by creating a case study, or a combination of both, candidates are required to assess issues, evaluate solution approaches, and customise and apply the SABSA method and framework to create and populate appropriate SABSA work-products (techniques, tools, templates, models, frameworks, etc.).

    http://www.sabsa.org/certification-levels

    As mentioned above the CIS CSC top 20 is also heavily needed, it is something we are working on at my current employer as well as GDPR.

    SANS has a good course on the CIS CSC, I am set to attend later this year.
    Last edited by chrisone; 02-09-2018 at 09:46 PM.
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), SpecterOps: Adversary Tactics Red Team OPS (complete), eCPPT (obtained), OSCP PWK (2nd Attempt), Demystifying Regular Expressions (in progress), SLAE (October Start), OSCE CTP (DEC Start)
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Oct 2016
    Location
    USA
    Posts
    492

    Certifications
    CISSP, PCNSE, CCNP R&S, CCNA(Security/Data Center), CySA+
    #7
    Appreciate all the replies. I will check out security onion and also the CIS Top 20

    My current position entails network security and vulnerability management. By vulnerability management I mean, I'm responsible for our scanners, I resolve my network vulnerabilities and then discuss all the others with the appropriate teams. If time permits, I'm going to look into the other teams vulnerabilities more and help them research/resolve them

    @ChrisOne, I'm currently more interested in Architect roles that are hands on (for now). Thanks for the links

    Quote Originally Posted by JoJoCal19 View Post
    I'd also add that you SHOULD do the CISSP. It's pretty much the HR gatekeeper for security positions. Get it done and out of the way and then you can delve into the technical side of things.
    This is a very good point. I think it would take me longer than a month though. I believe the new exam comes out in April. Maybe I'll work on CySA+ and follow it up with CISSP.
    Last edited by MitM; 02-10-2018 at 02:47 AM.
    Reply With Quote Quote  

  9. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,713

    Certifications
    CISM, GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #8
    Excellent replies in this thread
    Goal: MBA, March 2020
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Jan 2015
    Location
    Chicago, IL
    Posts
    1,177

    Certifications
    Too many MCPs and MCTS, MCSA: Security, MCSE: Security, MCSA: 2003, 2008, 2012, MCITP: EA, CISSP-ISSAP, SCS DLP, GREM
    #9
    I'm a security architect in an enterprise grade business. I think what brought me here is getting things done better, faster and simply done on all levels than anyone else on any security team I've worked in, both technical and managerial. I got my ISSAP primarily just to feel myself more confident as I struggle with this "impostor syndrome" thing and having a piece of paper helps to feel bold, to feel like I was endorsed by an independent trusted entity and therefore I'm good enough and deserve it.

    But while it may get you the interviews, ultimately you get there by your ability to deliver.
    Reply With Quote Quote  

  11. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    834

    Certifications
    PenTest+, CySA+, LFCS, GCIH, eJPT, CCNA, CAPM, CompTIA Trifecta
    #10
    It's a few weight classes above me, but now this thread has me curious about the CISSP-ISSAP.
    2018: CCNA Cyber Ops cohort 7
    2019: OSCP | CISSP
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Oct 2016
    Location
    USA
    Posts
    492

    Certifications
    CISSP, PCNSE, CCNP R&S, CCNA(Security/Data Center), CySA+
    #11
    Quote Originally Posted by gespenstern View Post
    I'm a security architect in an enterprise grade business. I think what brought me here is getting things done better, faster and simply done on all levels than anyone else on any security team I've worked in, both technical and managerial. I got my ISSAP primarily just to feel myself more confident as I struggle with this "impostor syndrome" thing and having a piece of paper helps to feel bold, to feel like I was endorsed by an independent trusted entity and therefore I'm good enough and deserve it.

    But while it may get you the interviews, ultimately you get there by your ability to deliver.
    Thanks for the reply. Very true, you have to put in the work to get it.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Jun 2016
    Posts
    150
    #12
    Having worked with and as an architect for quite some time the one core skill that you need to develop is the ability to “design.” Literally, when you create current or future target states or referencial architecture or even domain architecture you create artefacts or patterns which are reusable in a business and align to the enterprise, Any methodology like Togaf or zachman or Sabsa will teach you these stakeholder viewpoints that ultimately allow you to design based on that viewpoint.

    The Cissp is a good start but ultimately experience is king / because only then can you incorporate principles such as defence in depth/fail secure/open design etc into your work. As far as I know Sans don’t have a course that teaches “design” per se and I’ve asked them this before though many people have different terminology regarding what a security architect actually is depending how you look at it .
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks