HWZ Forums

Login Register FAQ Mark Forums Read

Need advise on IT Security role

Like Tree1Likes
  • 1 Post By Lastexile
Reply
 
LinkBack Thread Tools
Old 18-11-2017, 12:21 PM   #1
Master Member
 
Join Date: Jan 2007
Posts: 3,190
Need advise on IT Security role

Hi,
Just a bit of background. I worked as a primarily desktop support in the past but also helped in patching server (windows),basic troubleshooting of server (windows),AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary. Right now I am doing proactive monitoring and as a 1.5 support for windows servers/linux/unix. Total work exp is 9yrs close to 10yrs exp.

I was thinking of directly going for CISSP but I not sure whether my 7yrs of AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary are considered as 2 domains in the CISSP. I want to move toward security role, it is a decision that I have been considering for close to a year and right now I do not want to hesitate anymore; I am not that young anymore 35.

The problem is IT Security job requires alot of exp and Certification and I highly doubt I can get in with my current credential. One friend recommend me to take CEH to enter into the market, the other friend said take CISSP when you still young; better memory to handle theory.

Now 3 question:
1. Should I go CEH or CISSP?

2. If I take CEH, any recommendation of place to take the course where the practical are much better? I do not just want a cert, I want the knowledge and the skills.

3. If I take CISSP direct, do I qualified for the minimum 2 domain?

P.S: Sorry for wall of text (damage 999 dealt)
vampool is offline   Reply With Quote
Old 18-11-2017, 01:06 PM   #2
Junior Member
 
Join Date: Mar 2008
Posts: 82
1.Get OSCP
2.self study
3. Your experience should more then 2 domain.
paper82 is offline   Reply With Quote
Old 24-11-2017, 05:25 PM   #3
Member
 
Join Date: Oct 2011
Posts: 311
security is a wide spectrum.

You already had one related experience, SEPM, and symantec is one of the corporate that is actively hiring based on my understanding.

A quick summary: Security is part of IT domain. IT domain is wide too.

Somethings that you may understand, IT domain may include networking, IT support, development, system support etc.

on the question: CEH / CISSP, in a layman term, it is as good as asking a person, should i go for ITIL or MSCE. One is for management, one is for technical. But both are IT support related.

Only yourself know what path you want, then head towards that path. Otherwise, it will be a couple of years burnt before you reach your goal.
__________________
HDI-SCA MCSA RHCE CEH ECSA LPT CHFI ITIL CoBit TCSE
seesiang is offline   Reply With Quote
Old 24-11-2017, 10:12 PM   #4
Master Member
 
Join Date: Jan 2007
Posts: 3,190
Thanks paper82 and seesiang advise. I have to admit seesiang, you are right... cause I am abit lost now and confuse because I am desperate to get into this line. I can't think right. My mind just keep telling me to try everything to get in.

To be more specific I want to start in monitoring of IT security (SIEM, DLP and etc) in SOC environment first. That is my first step. I don't really want to go into implementation or maintenance (part replacement) of hardware. I am sick and tired of hardware I have been doing that for 7yrs. Even if it is switch and router... hardware just... make me crazy now...

Than there are people who told me that it is better to get a CCNA first followed by CEH. Get in and move from there... but also friend who told me that monitoring don't really need CCNA and CEH... I am crazy now...
vampool is offline   Reply With Quote
Old 24-11-2017, 11:43 PM   #5
Junior Member
 
Join Date: Mar 2016
Posts: 5
Thanks paper82 and seesiang advise. I have to admit seesiang, you are right... cause I am abit lost now and confuse because I am desperate to get into this line. I can't think right. My mind just keep telling me to try everything to get in.

To be more specific I want to start in monitoring of IT security (SIEM, DLP and etc) in SOC environment first. That is my first step. I don't really want to go into implementation or maintenance (part replacement) of hardware. I am sick and tired of hardware I have been doing that for 7yrs. Even if it is switch and router... hardware just... make me crazy now...

Than there are people who told me that it is better to get a CCNA first followed by CEH. Get in and move from there... but also friend who told me that monitoring don't really need CCNA and CEH... I am crazy now...
Many of the security monitoring roles require odd working hours, will that be something you can accept? It wont be hard to find a job in monitoring if you are open to work night shift/12hrs/weekends/public holiday.

Instead of thinking what certifications you need. Maybe you should about what's you are lacking. If you lack networking knowledge, then go for network related training/self study. Depending on the companies you going to interview, having certifications without real knowledge might still not land you the job.

HTH
776ALA is offline   Reply With Quote
Old 25-11-2017, 12:43 AM   #6
Junior Member
 
Join Date: Mar 2008
Posts: 82
Thanks paper82 and seesiang advise. I have to admit seesiang, you are right... cause I am abit lost now and confuse because I am desperate to get into this line. I can't think right. My mind just keep telling me to try everything to get in.

To be more specific I want to start in monitoring of IT security (SIEM, DLP and etc) in SOC environment first. That is my first step. I don't really want to go into implementation or maintenance (part replacement) of hardware. I am sick and tired of hardware I have been doing that for 7yrs. Even if it is switch and router... hardware just... make me crazy now...

Than there are people who told me that it is better to get a CCNA first followed by CEH. Get in and move from there... but also friend who told me that monitoring don't really need CCNA and CEH... I am crazy now...
As what I know SOC prefer to hire fresh grad for L1 monitoring role .

Not really need a lot of cert .... as long as have relevant IT degree .
paper82 is offline   Reply With Quote
Old 25-11-2017, 04:37 PM   #7
Arch-Supremacy Member
 
Lastexile's Avatar
 
Join Date: Mar 2004
Posts: 10,974
If you want to go get CISSP, just go get it. My personal opinion is ISC doesn't validate the credentials strictly. I have seen many sales people who know little practical security knowledge and get CISSP membership after passing the exam. The key is just to get someone to endorse you.

If you have time and money, there's nothing wrong to go for certificate. But remember whenever you do a certification that is not relevant, you are wasting time (opportunity cost) instead of learning something actually useful.

At the end of the day, I think most employers (or anyone worth their salt) are looking at capability - can you actually perform the task? And you probably want to work for someone to know his **** and value your skills instead of lame acronym in your resume.

If you are really interested in SOC stuff, I strongly recommend you to look into how can you setup your own SOC at home or on the cloud.

Here are some examples using ELK stack

https://qbox.io/blog/welcome-to-the-...ogstash-kibana

https://www.slideshare.net/prajalkul...ash-and-kibana

https://resources.sei.cmu.edu/asset_...001_431205.pdf

https://github.com/PolitoInc/ELK-Hunting

https://github.com/A3sal0n/CyberThreatHunting

At end of the day, SOC is all about analyzing data flow - Endpoint and network information. Find out what are the interesting information you should gather, gather them into one place then visualize/search/analyse them. Then go into threat hunting - proactively seek out anomalous information.

Singapore information security industry is mostly a joke because there seems to be a deep misconception that you need to get CISSP to even break into it regardless of the domain. What you really need is to demonstrate the skills required and passion for learning (at least for technical jobs). There are so many resources on the internet - tutorial, open source tools and youtube videos for explore and pick up things on your own.
ExtremeWays likes this.
Lastexile is offline   Reply With Quote
Old 30-11-2017, 02:08 AM   #8
Master Member
 
loftystew's Avatar
 
Join Date: Oct 2009
Posts: 2,625
You may want to try going for the 'Cyber Security Associates and Technologists Programme'.

https://www.csa.gov.sg/programmes/csat

Not sure if the opportunity is still available but no harm asking the partners about it.

Well, at your age, I guess the most important question is are you willing to take a giant step back in term of your salary? There are definitely opportunities out there but unlikely you will get what you are getting currently for entry-level SOC jobs.

Last edited by loftystew; 30-11-2017 at 02:10 AM..
loftystew is offline   Reply With Quote
Old 11-12-2017, 06:47 PM   #9
Master Member
 
Join Date: Sep 2002
Posts: 4,965
Hi,
Just a bit of background. I worked as a primarily desktop support in the past but also helped in patching server (windows),basic troubleshooting of server (windows),AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary. Right now I am doing proactive monitoring and as a 1.5 support for windows servers/linux/unix. Total work exp is 9yrs close to 10yrs exp.

I was thinking of directly going for CISSP but I not sure whether my 7yrs of AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary are considered as 2 domains in the CISSP. I want to move toward security role, it is a decision that I have been considering for close to a year and right now I do not want to hesitate anymore; I am not that young anymore 35.

The problem is IT Security job requires alot of exp and Certification and I highly doubt I can get in with my current credential. One friend recommend me to take CEH to enter into the market, the other friend said take CISSP when you still young; better memory to handle theory.

Now 3 question:
1. Should I go CEH or CISSP?

2. If I take CEH, any recommendation of place to take the course where the practical are much better? I do not just want a cert, I want the knowledge and the skills.

3. If I take CISSP direct, do I qualified for the minimum 2 domain?

P.S: Sorry for wall of text (damage 999 dealt)
CEH and CISSP are 2 very different certifications.....CEH is more of an introduction to hacking...showing you what are the tools that can be used for the purpose....You still need to put in the hours to try the tools and know which tool to use for what purpose.

to my understanding....CISSP is more of a theory certification....more for management....8 domains to know....

Disclaimer:I took CEH but not CISSP.

Where to take CEH?A lot of places have....Just google will do....From what I know....COMAT....New Horizons...Kaplan....
Xcert is offline   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On