+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 45
  1. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #1

    Default Career advice needed

    Hi guys,
    I'd like to ask you about your ideas, which certs / related knowledge should I acquire in the coming year(s).

    My background: 8 years in IT, including 6 years in IT audit in about 15 countries on two continents. CISA, CISSP and recently CWNA, next month I'm planning to pass Network+. Next month I'm changing to a IT security consulting company, where I'll have an opportunity to teach and work for other companies.

    My future plans: to work as a consultant and trainer, in middle to long term maybe to become self employed. I'd like to keep balance between teaching and consulting, not to focus on one of them.

    My ideas: to make MCSE Security and MCP. Maybe CTT+, but I will be working primarily in non-english speaking countries. Btw. I like using certs for setting learning goals i.e. I'm planning Network+ to motivate myself to learn more on networks.

    What would you add to it? What are your ideas? Many thanks in advance for your help.
    Reply With Quote Quote  

  2. SS -->
  3. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #2
    Net+ should be a piece of cake for you. I would pick either the MS or Cisco route and focus on one or the other until you master it. You could do the CCNA and 70-290/291 for starters and then see which one is more to your liking. If you are going to teach you may want to become certified that way as well (MCT for example).
    Reply With Quote Quote  

  4. Senior Member mwgood's Avatar
    Join Date
    Feb 2004
    Location
    New Mexico
    Posts
    298

    Certifications
    MCSE, CCNP
    #3
    CCNA, then CCSP?
    Reply With Quote Quote  

  5. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #4

    Default Certs

    thanks SparkyMark,

    I was recently talking to a friend from Learning Center and she suggested the same like you, i.e. either M$ till MCT or Cisco till Cisco trainer. In her opinion these two enjoy the biggest demand on the training market.

    From which path is it easier to acquire new skills / certs? It seems to me that the Cisco path gives more usable ideas about networks and security, so I can use these skills for pentests, auditing FWs or learning Checkpoint, if I need to. M$ seems a bit like learning the world "the Redmond way". Is it true, or am I unjust?
    Reply With Quote Quote  

  6. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #5

    Default Cisco

    thanks Mwgood,
    is it another vote for the Cisco path and against the M$ path?
    Reply With Quote Quote  

  7. Senior Member mwgood's Avatar
    Join Date
    Feb 2004
    Location
    New Mexico
    Posts
    298

    Certifications
    MCSE, CCNP
    #6

    Default Re: Cisco

    Quote Originally Posted by seccie
    thanks Mwgood,
    is it another vote for the Cisco path and against the M$ path?
    Yes. Of course, you have to weigh our "votes" against your own career path, but in my experience, since MS is more ubiquitous, it is also valued less - Cisco is more difficult (broadly), and more (generally) highly regarded.

    I'm suggesting CCSP due to your security background, and CCNA to help get you there.
    Reply With Quote Quote  

  8. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #7

    Default Cisco trainer

    Mwgood,
    what is the Cisco's counterpart to MCT? Is it CCAI?
    Reply With Quote Quote  

  9. Security Tinkerer
    Join Date
    Sep 2004
    Location
    I'm conviced, we all live in the Matrix.
    Posts
    1,228

    Certifications
    CISSP,,CCSP,CNSS-4013+4011,MCT MCSA2K3,CWNA MCSE2K3:Sec LPT ECSA CEH CHFI,CCNA CS-CFW, CCIE-Sec/Written, etc..
    #8

    Default Re: Cisco trainer

    Quote Originally Posted by seccie
    Mwgood,
    what is the Cisco's counterpart to MCT? Is it CCAI?
    CCI
    Reply With Quote Quote  

  10. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,597
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #9
    With your experience in IT auditing, it would seem that computer forensics would be the logical path for you. You can use this specialization to set yourself apart from all the other IT people who already have the CCNA/CCSP or MSCE. And with forensics experience, you can work in IT or with law enforcement.

    Computer forensics certs include:

    GIAC Certified Forensic Analyst (GCFA)
    http://www.giac.org/certifications/security/gcfa.php

    Certified Information Forensics Investigator (CIFI)
    http://www.certmag.com/articles/temp...=589&zoneid=41

    Certified Forensic Computer Examiner (CFCE)
    Certified Electronic Evidence Collection Specialist (CEECS)
    http://www.iacis.com/iacisv2/pages/certification.php

    Computer Hacking Forensic Investigator (CHFI)
    http://www.eccouncil.org/CHFI.htm
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  11. Security Tinkerer
    Join Date
    Sep 2004
    Location
    I'm conviced, we all live in the Matrix.
    Posts
    1,228

    Certifications
    CISSP,,CCSP,CNSS-4013+4011,MCT MCSA2K3,CWNA MCSE2K3:Sec LPT ECSA CEH CHFI,CCNA CS-CFW, CCIE-Sec/Written, etc..
    #10

    Default Re: Career advice needed

    Quote Originally Posted by seccie
    Hi guys,
    I'd like to ask you about your ideas, which certs / related knowledge should I acquire in the coming year(s).

    My background: 8 years in IT, including 6 years in IT audit in about 15 countries on two continents. CISA, CISSP and recently CWNA, next month I'm planning to pass Network+. Next month I'm changing to a IT security consulting company, where I'll have an opportunity to teach and work for other companies.

    My future plans: to work as a consultant and trainer, in middle to long term maybe to become self employed. I'd like to keep balance between teaching and consulting, not to focus on one of them.

    My ideas: to make MCSE Security and MCP. Maybe CTT+, but I will be working primarily in non-english speaking countries. Btw. I like using certs for setting learning goals i.e. I'm planning Network+ to motivate myself to learn more on networks.

    What would you add to it? What are your ideas? Many thanks in advance for your help.
    It sounds like you're very much where I was about 6 or 7 years ago. I can tell you what has worked for me.

    First of all, if you want to start teaching immediately, I would suggest starting with CTT+. Also I'd like to point out that I too had the original dream of splitting consulting and training down the middle, but I've found that a 70% consulting/30% training schedule works better.

    Also you already have the CISSP. Any time you teach security, try to always keep that body of knowledge in mind. It will help you keep things in perspective and ensure you relay information to sure students with perspective in mind.

    Also, you need to go far beyond what's outlined in your Microsoft instructor kits and other training kits. Students will come to you with real world problems and you'll be expected to at least point them in the right direction. Failure to do this to many times will ruin your credibility. Nobody wants to hear these days "we're sticking strictly to the book".

    If you're going to be teaching CISSP material or any material that deals with laws and the like, make sure you keep a very watchful eye legislation in the perspective area you'll be teaching in. Laws are vastly different depending on which part of the country you're in. For example, I'm doing security training in Saudi Arabia this month, so I've been reading their information ministry laws, regulations, and statements for the past few weeks. Always lean to the side of over preparing.

    Also going the CTT route before the MCT will be a good idea. Why? Because it's actually a requirement (that or either going to a 3 day train the trainer class for MCT's).

    I started similarly to the way you have and I currently own the majority share of my company. Just to give you an idea of what it takes to stay on top, I read on the average about 4 hours per day EVERY DAY. I also spend a great deal of time practicing exploits, labs, and things of that nature (thank you VMWare and Virtual PC), especially during long flights to other countries. I've been known to read entire 1000+ page writings on long flights.

    The key is to keep your knowlege bank very fresh. And probably just as important as anything else, spend as much time as possible here. You'll find we're a good group of knowlege loving people. And most people here have no problem sharing with you their experiences or giving you advice.

    Good luck and congrats on taking your career to the next level.

    Keatron.
    Reply With Quote Quote  

  12. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #11

    Default Forensics

    Hi JD,

    thanks for your bunch of ideas!

    IT auditing in my case means a significant time share spent with SAP R/3 (ERP Software). Good money, big market, but it means more accounting than networks. Even if I'm a MA in business somehow I couldn't develop passion for it, that's why I moved to the IT security.
    Reply With Quote Quote  

  13. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #12

    Default career advice

    Thanks Keatron,
    that's a lot of useful tips!

    Your point about hands-on knowledge exceeding course curriculum is a clear indicator for networks (e.g. Cisco) and against M$. I prefer to dedicate my life to something what I personally consider interesting.

    Different legislation: I do know what you mean. This year I was working in Spanish, Polish and German and it was really an interesting experience.

    CTT+: Here in Europe it is (as far as I know) offered in Britain and in English only, and even M$ doesn't expect German MCTs to have it (there is a special course offered instead). German is not my native language and to be sincere I'm a bit puzzled about in which language should I attend the trainer course.

    Learning: 4 hours a day? I was sure there is someone learning more than I do - I'll show your post to my wife next time when she complains And now seriously - what do you learn? I always spend relatively much time for research, what to learn next. If you walked the same path I do now - I'd be happy about some ideas of yours.
    Reply With Quote Quote  

  14. Security Tinkerer
    Join Date
    Sep 2004
    Location
    I'm conviced, we all live in the Matrix.
    Posts
    1,228

    Certifications
    CISSP,,CCSP,CNSS-4013+4011,MCT MCSA2K3,CWNA MCSE2K3:Sec LPT ECSA CEH CHFI,CCNA CS-CFW, CCIE-Sec/Written, etc..
    #13
    4 hours a day is what I average now. Earlier in my career it was much more than that. I remember times where I'd buy 3 or 4 pizzas, and not leave my computers for 3 or 4 days at a time. Just trying to master certain things. I tell people all the time that infosec is an expensive career. And by expensive I mean the amount of time you have to invest to reach excellence and maintain excellence.

    As far as next steps you could go any direction you wish. You could look at C|EH now or any of the forensics programs JD listed above. Consider your CISSP the IT Security equal to a general practitioner MD license. Now you need to look at some specializations. I myself chose penetration testing and forensics. I've training and consultants in both of these areas worldwide. My latest challenge and specialization decision is the CCSP and CCIE /s. I'm giving myself 3 years or so (because I'm also writing a book of my own, and co-authoring a book with another individual, and must continue to run my business in the process). I also have to sit the CWSP and CWAP by June (I promised Devin and Rick). So I pretty much know exactly where most of my time will be focused for the next 5 or 6 years. And I'm working on an action plan for time after that. Now these are just general ideas and a look into how I do things (most of the time anyway). But the real question cannot be avoided as it is inevitable. And it is, where do you feel your true passion is and what is it YOU want to do. I chose Cisco because it's a program I've always respected, and I've got access to hundreds of thousands of dollars worth of Cisco equipment. I chose CWNP because it's a rock solid program and I've developed a very rewarding relationship with some of the staff there. See these are all personal decisions of mine. Where do you see yourself being focused on in 2 years?
    Reply With Quote Quote  

  15. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,597
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #14
    Quote Originally Posted by keatron
    And by expensive I mean the amount of time you have to invest to reach excellence and maintain excellence.
    keatron, this reminds me of a phrase I just read in a posting on an academic Web board about the proper attitude for attending a Ph.D. program:

    Academia is not a destination, its the beginning of a lifetime commitment to learning and creating knowledge.

    You've certianly made InfoSec a "lifetime commitment." You're quite a role model in this regard, right up there with Harold Tipton, Richard Bejtlich, and Charles Cresson Wood. You've only published fewer books than they have.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  16. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #15

    Default choice

    okay guys,

    thanks for all the ideas. Especially I like the pizza-and-computers-long-evenings combination. It's better to learn something you like and make a living from it, than to spend time in the office, doing the same things long long years.

    Before becoming a superguru I see that there are essential skills I have to acquire. It might be Cisco if I enjoy the CCNA and have access to Cisco equipment without buying it all by myself. It must be in short or long run the CTT+ if I intend to be a trainer.

    That's something to start with. Thanks a lot!
    Reply With Quote Quote  

  17. Security Tinkerer
    Join Date
    Sep 2004
    Location
    I'm conviced, we all live in the Matrix.
    Posts
    1,228

    Certifications
    CISSP,,CCSP,CNSS-4013+4011,MCT MCSA2K3,CWNA MCSE2K3:Sec LPT ECSA CEH CHFI,CCNA CS-CFW, CCIE-Sec/Written, etc..
    #16
    I was recently doing a lecture for a group of managers for a large credit card company. One of them asked me where the heck did I find the time to keep up with all the stuff we were talking about during that week. I asked him what was his favorite things to do. He said golf, fish, and read history books. I told him that imagine if all he did was golf, fish, and read history books and got paid lots of money to do it. I told him that's what I do. The things I love to do are hack, train, and read security writings, and that's what I do all the time. And I have a good bit of flexibility as to when I do which one. The point? We always find time to do the things we really WANT to do.
    Reply With Quote Quote  

  18. Member
    Join Date
    Dec 2006
    Location
    Berlin
    Posts
    52

    Certifications
    CISA, CISSP, CWNA, Network+, A+
    #17

    Default self employed

    Keatron,
    what has in your case triggered the decision about becoming self employed? You've done it because you've had prospective customers, or was something else more important?
    Reply With Quote Quote  

  19. Security Tinkerer
    Join Date
    Sep 2004
    Location
    I'm conviced, we all live in the Matrix.
    Posts
    1,228

    Certifications
    CISSP,,CCSP,CNSS-4013+4011,MCT MCSA2K3,CWNA MCSE2K3:Sec LPT ECSA CEH CHFI,CCNA CS-CFW, CCIE-Sec/Written, etc..
    #18
    It has always been a goal of mine. I'd planning the launch of my company for almost 10 years before I actually started it. So it was not a last minute decision. The biggest factor was just personal satisfaction and endeavor more than anything else. Again, you can always find time to do what you WANT to do. And when human beings (not just me but any human being) are truely committed and focused on something, there's not much that is able to stand in our way.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Feb 2006
    Location
    UK
    Posts
    245

    Certifications
    MCSA2k, Security+
    #19
    Quote Originally Posted by keatron
    there's not much that is able to stand in our way.
    Yeah thats the best way to think, anybody can do just about anything if they really want it and put the effort in.
    Reply With Quote Quote  

  21. Junior Member
    Join Date
    Nov 2006
    Location
    Zimbabwe
    Posts
    8
    #20
    I FEEL LIKE A DROP IN THE OCEAN WHEN I LOOK AT YOU GUYS
    Reply With Quote Quote  

  22. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #21
    Quote Originally Posted by Namco
    I FEEL LIKE A DROP IN THE OCEAN WHEN I LOOK AT YOU GUYS
    Then try to remember that that little drop has all the same chemicals in it that the rest of the ocean has.
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Oct 2006
    Posts
    152
    #22
    Quote Originally Posted by Namco
    I FEEL LIKE A DROP IN THE OCEAN WHEN I LOOK AT YOU GUYS
    I feel the same way but it motivates me to get better at what I do
    Reply With Quote Quote  

  24. Security Tinkerer
    Join Date
    Sep 2004
    Location
    I'm conviced, we all live in the Matrix.
    Posts
    1,228

    Certifications
    CISSP,,CCSP,CNSS-4013+4011,MCT MCSA2K3,CWNA MCSE2K3:Sec LPT ECSA CEH CHFI,CCNA CS-CFW, CCIE-Sec/Written, etc..
    #23
    We're all drops. That we can't control, but what we can control is how big of a "ripple" (read impact) we're going to make. And the beauty of it is, your drip drop continues as long as you're on this planet. So your drops today should generate more impact than they did 2 years ago. A good example is Mikej, he started with his Cisco certs 2 years ago, now he's sitting the CCIE Security lab Monday. That's a prime example of going from a drop in the ocean to a big splash. It's not just us moderators either. Just look around and do a search on some of the forum members here. You can see that most people here have made steady progress. It might be in the form of certs, it might be in job promotions, or it might just be in the quality of their posts, but the point is progress. This is the very essence of techexams.net and one reason you certainly WILL NOT find another technical forum that begins to come close. Just hang around guys. Here's some things to think about.

    Some of the stuff that Johan is getting ready to push out is no less than amazing.

    Mike will most likely pass the CCIE lab next week.

    I'm starting the CCIE track currently, and I think there's about 7 to 10 others starting it as well.

    We currently have 3 (I think) very active CISSP's on board.

    We have a host of MCSE's on board who are also very active and popping at the seams with knowledge (check the Microsoft forums).

    JDMurray (CWNP Mod) is one of those guys who knows something about everything IT related.

    This place is going to be rockin like never before. And we can all continue to improve our "drop quality" The key is to not disappear once you think you have "made it". I'm busier now than I've ever been in my life, but I have a strong commitment to helping out here as much as possible (I caught myself putting a client on hold to finish answering a post here the other day )
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    May 2005
    Location
    Topeka, KS
    Posts
    332

    Certifications
    A+, Net+, Security+, MCSA 2k3
    #24
    yes, this place is VERY influential to my career and is pretty much my main "IT forum"

    i very rarely go to the microsoft forums, I do read on the CWNP forums and other info sec forums, but techexams is my bread and butter, i've become a much better IT professional since I found this place (back after completing A+) and have used the info I gain from the users to help me continue in my cert path as well as practical advice on interviewing and how to handle yourself in interpersonal relationships as a IT pro

    in short, I will NEVER leave this place and hope to one day become someone who has alot to offer those needing help.
    Reply With Quote Quote  

  26. Junior Member
    Join Date
    Dec 2006
    Posts
    4

    Certifications
    CPA, CISSP, CISA, CAP (Certification and Accreditation Professional - ISC2), CISM
    #25

    Default Re: Forensics

    Quote Originally Posted by seccie
    Hi JD,

    thanks for your bunch of ideas!

    IT auditing in my case means a significant time share spent with SAP R/3 (ERP Software). Good money, big market, but it means more accounting than networks. Even if I'm a MA in business somehow I couldn't develop passion for it, that's why I moved to the IT security.
    When you did IT auditing (SAP R/3), I'm just curious who you did it for? Were you an internal or external?

    OK - my two cents. Sounds like you have an excellent background but I'm not sure I would recomend you pull the plug on your IT Auditing. You couldn't "develop passion for it". Hmmm. Yes, I kind of know what you're talking about but there is definitely something to be said for a person that is "expert" in a particular field. Sounds like you are (or were) well on your way.

    I used to head up cyber security for one of the Federal agencies. I couldn't get passionate about that because they (budget folks and top politicos) never really wanted to fund security. They just want to give you enough so you can say yeah we put up a firewall, yeah we're canning spam on our email servers, yeah we got our sytems C&Aed. But really, IMHO, they never really bought into the whole Security thing. I mean, it takes a monumental screw up like VA looking plain-text files on a bunch of vets before "they" get interested in security.

    As far as "what to learn next" - I'll throw you a curve ball. Ever consider learning an object oriented programming language? I'm playing around with Java now (former object pascal coder) and I kind of like it. Eventually everything security has to come "code". Who best to code it? I don't know if I'll stay interested in it, but it's something I'm playing with. Also - you might want to consider picking up your CAP from ISC2. Certification and Accreditation Professionals are becoming more and more important. You have a strong enough background - with a little reading you could probably pick up this cert - and its only going to become more and more important.

    Good luck!
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks