November 12, 2008 at 9:32 pm #2999
I’m new here, so need your advice.
I’m not even US citizen, but i have Barcelor Degree in IS. I want to try make my career in that field. With what should i start?
I don’t have any experiece and looking for some internship or something like that. I want to get cirtified also…
November 13, 2008 at 3:48 pm #20534jasonParticipant
You might start with some of the security professional organizations, such as the ISSA (issa.org). They’re a really great way to meet folks and network, as well as a good learning opportunity. There may be folks there who would be able to tell of opportunities in your local area.
As for certifications, several of the big ticket certs require job experience in security in order to obtain the certification. Be sure that you research them first to ensure that you can qualify before you go jumping in. One of the basic certs that is relatively well known and does not require experience is the Security+ from CompTIA (http://certification.comptia.org/security/default.aspx), and of course you can’t lose with any of the classes/certs from SANS (sans.org)
November 14, 2008 at 9:26 pm #20535
Thank you a lot!
I will start with Security + i was thinking about it!
November 18, 2008 at 4:18 am #20536jasonParticipant
No problem. Good luck to you. Feel free to post if you have questions, we’re happy to help.
December 3, 2008 at 8:44 am #20537mmurrayParticipant
Having spoken on this topic at a bunch of conferences (ChicagoCon, Defcon, RSA, Source, etc.), I’ll weigh in:
Forget certifications until you know what you want to do.
Then, once you’ve figured out what you want to do, figure out whether you need certs to do it.
For example, if you want a job as a pen-tester, certs aren’t generally going to help. Most pen-test consultancies (with a few exceptions) are smaller companies that hire based on knowing people and merit far more than “Oh, you have a CEH, welcome aboard”. In that case, go out and start doing stuff. Join a CTF team at Defcon. If you’re still in school, participate in CCDC. Get involved in your local community – OWASP meetings, (Linux/BSD/Mac/Windows) user groups, etc.
Get a CEH later if you feel like it, but it doesn’t need to be about that.
(As an example: I’ve been pen testing for more than 10 years, have lead vuln research teams, have taught certification courses for CEH/ECSA/CEPT and don’t have a CEH.)
The bigger question – why do you want to be in security? What do you love about it? And what part of it do you find yourself being good at as you read about it and work on it in your spare time?
December 5, 2008 at 6:41 pm #20538
ohhh, you just made me think!
In fact, I like all about security, i have Barchelor in it!
I’m ready to specialize on any field of it. But i have first START somehow.
I thought to get a cert is a good point in my resume to get a job for experience!! Am I wrong?
December 20, 2008 at 5:19 am #20539shednikParticipant
In addition to an internship I’d look at grad school for a good Infosec program. I goto the University of Pittsburgh in the School of Information Sciences and Telecom. The program I am in is 80% comprised of foreigners studying Telecom/Security. I’d maybe look into that if you want to continue your studies, they also have alot of scholarships in return for x number of years of service. If you want some more information let me know!
- You must be logged in to reply to this topic.