best routes into cyber security?
Current been working in IT for 2-3 years (2 with my current company. Currently work as an IT Analyst (L1) doing help desk duties like desktop support, sas administration, support jamf mdm , creating IT automations thru Tines etc I’m thinking of getting my sec+ next. Do I need to learn Linux as well? anything would help thanks! #it #security
would i need to brush up on networking as well?
Do you have a CS/IT degree? If not, get that. It'll be a tough climb without a degree regardless of certs. Companies will usually pay for your certs, so I don't suggest getting them otherwise. Plus the good ones require the experience and a recommendation to actually get the official certificate and not just the "I passed the exam" paper.
Wow, that’s a really interesting take. I literally don’t know any Net or Sec Engineers with a degree. The story I’ve seen is really consistent: use certs to get a job, then get better jobs with experience and project accolades. Maybe a degree is a good way to go — I just don’t think I can agree it’s paramount.
SecEng here — I have a degree in security. If OP didn’t have a job in tech at all/was just starting out/etc, might be a good idea for them to pursue a degree, but I can’t recommend it for someone already in IT. It’s a good idea, it’s just also a ton of work and a lot of time commitment for someone already in a full time role. OP, just go for your certs. Sec+ -> CySA+ -> CISSP, or whatever best supports the specific role you want to pursue. I think Microsoft broke it down well above. Good luck to you
The 2 main paths to security are development and sysadmin (obviously not the only ones, but a plurality for sure). I spent 5 years going through the sysadmin route at several companies before jumping into a SecAnalyst position. After 18 months there I got an offer for a full SecEng from Amazon. My college degree is in an unrelated field (non-tech) and I have no certs whatsoever. Experience is king for security roles.
what tasks/skills did you for your sys admin role that were fundamental for your sec analyst role?
The last job I had before going into security I ran the yearly audit and quarterly vendor audit at a small credit union for several years. That was experience I could directly talk about in interviews. The reason my resume got looked at in the first place is because of the range of environments I had been exposed to and that I had worked in both financial and healthcare companies.
Ive heard that some companies used to hire through CTFs
CISSP. Sec+ is entry-level sec cert. Get it first — won’t take long. CISSP is still a super solid cert, AFAIK. Source: I started the journeyman phase of my career as a NetEng (Route/Switch) and worked directly with NetSec people.