Dear colleagues,
This is a question we frequently ask ourselves throughout our career, but the answer is not as simple as it seems.

I've written an article that might help you to build a strategy when pursuing certifications.

http://www.myinfosecjob.com/2010/02/whats-the-right-information-security-certification-for-me/

Feel free to comment both here and there; your opinion is always important!

Adriano

Dear Dark Knight, thank you very much for spreading the word! In my case, I've sat for many technical certifications in the past (+5 ago), but for the past couple of years I've taken all the Managerial/Compliance as I mentioned in the article (since that's what my current career position asks for). What I see happening to me now is that my technical knowledge got very rusty, therefore I'm planning to sit for one or 2 more technical certifications just to refresh my knowledge.

As I said, I've spent the past couple of years performing high level security assessments (ISO, PCI-DSS, COBIT, etc), audits and was happy withthat. Until a couple of days ago when I had an interviewer asking me to "give example of protocols sitting on the transport level"... That was a SHAME. I obviously didn't have the answer at the top of my mind, even though I was a network/firewall administrator for such a long time in my career.

I got so upset that I decided to write an article about the topic... I'll let you know



 

Good article Adriano! Thx.

Put choices people have to make within their career path in a good constructive prospective!!

Very nice write up, Adriano! I've also been moving more into a less technical role, doing more audit  and C&A type work of late.

Oh, and I, too, have now added your blog to my subscriptions.