.

New to the community, need advice

<<

mattyboync

Newbie
Newbie

Posts: 5

Joined: Thu Jun 14, 2012 2:24 pm

Location: Charlotte, NC

Post Thu Jun 14, 2012 2:39 pm

New to the community, need advice

Hello all!

This is my first post, so apologies if I've ended up in the wrong spot! :)

I'm relatively new to information security, having worked in the area for about 2 years.  I spent my first year and a half working for a large bank in threat and vulnerability management, mainly focusing on data in motion and data at rest.  I ended that spell getting involved heavily in metrics, which led me to where I am now.  I work in IT Risk Management at my current company and have been tasked with developing a metrics program for info sec. So far its going well, and I hope to use this as a platform to get myself into more of a management role relatively soon.

My educational background is a BA in History, MS in International Trade / Economics, and I'm just a couple of classes short of my MBA.  My goal is to end up at the CISO or CIO level.

Now, for my real question, what certs should I be working towards right now?  I know the CISSP is where I really need to be, but I'm still 2 years short on the experience required to get it.  It's been suggested that I look at the GSEC, but I wasn't sure.  Would appreciate all advice and feedback!
Security Professional
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Thu Jun 14, 2012 9:20 pm

Re: New to the community, need advice

you can also consider the CISM since you are looking to get into management.  GSEC is great if you are looking to get a little bit of technical knowledge on all platforms. 

How long have you been in IT?  The requirements state 5 years in at least two of the 10 domains.  Also you have an alternative of becoming an associate by passing the exam and then you have 6 years to get the experience.  You also might want to check out some of the SANS management courses.

http://www.sans.org/security-training/c ... management

Good luck!
Certs: GCWN
(@)Dewser
<<

mattyboync

Newbie
Newbie

Posts: 5

Joined: Thu Jun 14, 2012 2:24 pm

Location: Charlotte, NC

Post Fri Jun 15, 2012 8:10 am

Re: New to the community, need advice

Hey!

Thanks for the comment.  I didn't realize that the CISM let you have 6 years to get the experience.  That may be the route I take and just make sure I get myself into a good management position in the next couple of years.

I definitely want to focus more on the management side of things.  I enjoy the technical stuff, but I'm much better at managing and doing the strategic stuff.

I've only been in IT for 2 years when judging by cert criteria.  I've done it on the side my whole life, and did help desk work during high school at night.  I was also a network admin after high school, but that was 12 years ago so won't count. 
Security Professional
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Jun 17, 2012 7:35 pm

Re: New to the community, need advice

I'd do CISSP, CISM, and possibly CRISC if I were you. You're not going to need too much on the management side (though technical certs may be a nice bonus).
The day you stop learning is the day you start becoming obsolete.
<<

mattyboync

Newbie
Newbie

Posts: 5

Joined: Thu Jun 14, 2012 2:24 pm

Location: Charlotte, NC

Post Sun Jun 17, 2012 9:09 pm

Re: New to the community, need advice

Do you have any thoughts on which order would probably be best?

Does the CISSP work like the CISM and let you have so many years to get the experience after you pass the exam?

My wife is pregnant with triplets and they are due in October, so I'm trying to get a head start on one now so I can try to take the exam this fall before my life becomes super crazy. :)
Security Professional
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Jun 17, 2012 10:32 pm

Re: New to the community, need advice

You should go in the order I listed. CISSP carries the most weight out of all of them, so if you can only do one for the foreseeable future, do that one.

And yes, it's the same. I believe you have six years from the day you pass to meet the five-year experience requirement. You can also waive a year with a qualifying cert or degree. If you don't have either, you could knock out Security+ quickly.

Just hit up ISACA and (ISC)2's websites and review the requirements; it's pretty straight-forward.

Also, congratulations on the triplets (and good luck).
The day you stop learning is the day you start becoming obsolete.
<<

mattyboync

Newbie
Newbie

Posts: 5

Joined: Thu Jun 14, 2012 2:24 pm

Location: Charlotte, NC

Post Mon Jun 18, 2012 7:46 am

Re: New to the community, need advice

Thanks man!

Perfect info.  I truly appreciate you guys taking the time to give me some advice.

I guess its now time to go get some study materials. :)
Security Professional

Return to General Certification

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software