Need advise on IT Security role

vampool

Master Member
Joined
Jan 8, 2007
Messages
4,641
Reaction score
0
Hi,
Just a bit of background. I worked as a primarily desktop support in the past but also helped in patching server (windows),basic troubleshooting of server (windows),AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary. Right now I am doing proactive monitoring and as a 1.5 support for windows servers/linux/unix. Total work exp is 9yrs close to 10yrs exp.

I was thinking of directly going for CISSP but I not sure whether my 7yrs of AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary are considered as 2 domains in the CISSP. I want to move toward security role, it is a decision that I have been considering for close to a year and right now I do not want to hesitate anymore; I am not that young anymore :o 35.

The problem is IT Security job requires alot of exp and Certification and I highly doubt I can get in with my current credential. One friend recommend me to take CEH to enter into the market, the other friend said take CISSP when you still young; better memory to handle theory.

Now 3 question:
1. Should I go CEH or CISSP?

2. If I take CEH, any recommendation of place to take the course where the practical are much better? I do not just want a cert, I want the knowledge and the skills.

3. If I take CISSP direct, do I qualified for the minimum 2 domain?

P.S: Sorry for wall of text (damage 999 dealt)
 

seesiang

Member
Joined
Oct 17, 2011
Messages
415
Reaction score
5
security is a wide spectrum.

You already had one related experience, SEPM, and symantec is one of the corporate that is actively hiring based on my understanding.

A quick summary: Security is part of IT domain. IT domain is wide too.

Somethings that you may understand, IT domain may include networking, IT support, development, system support etc.

on the question: CEH / CISSP, in a layman term, it is as good as asking a person, should i go for ITIL or MSCE. One is for management, one is for technical. But both are IT support related.

Only yourself know what path you want, then head towards that path. Otherwise, it will be a couple of years burnt before you reach your goal.
 

vampool

Master Member
Joined
Jan 8, 2007
Messages
4,641
Reaction score
0
Thanks paper82 and seesiang advise. I have to admit seesiang, you are right... cause I am abit lost now and confuse because I am desperate to get into this line. I can't think right. My mind just keep telling me to try everything to get in. :(

To be more specific I want to start in monitoring of IT security (SIEM, DLP and etc) in SOC environment first. That is my first step. I don't really want to go into implementation or maintenance (part replacement) of hardware. I am sick and tired of hardware :( I have been doing that for 7yrs. Even if it is switch and router... hardware just... make me crazy now...

Than there are people who told me that it is better to get a CCNA first followed by CEH. Get in and move from there... but also friend who told me that monitoring don't really need CCNA and CEH... I am crazy now...
 

776ALA

Junior Member
Joined
Mar 28, 2016
Messages
45
Reaction score
2
Thanks paper82 and seesiang advise. I have to admit seesiang, you are right... cause I am abit lost now and confuse because I am desperate to get into this line. I can't think right. My mind just keep telling me to try everything to get in. :(

To be more specific I want to start in monitoring of IT security (SIEM, DLP and etc) in SOC environment first. That is my first step. I don't really want to go into implementation or maintenance (part replacement) of hardware. I am sick and tired of hardware :( I have been doing that for 7yrs. Even if it is switch and router... hardware just... make me crazy now...

Than there are people who told me that it is better to get a CCNA first followed by CEH. Get in and move from there... but also friend who told me that monitoring don't really need CCNA and CEH... I am crazy now...

Many of the security monitoring roles require odd working hours, will that be something you can accept? It wont be hard to find a job in monitoring if you are open to work night shift/12hrs/weekends/public holiday. :)

Instead of thinking what certifications you need. Maybe you should about what's you are lacking. If you lack networking knowledge, then go for network related training/self study. Depending on the companies you going to interview, having certifications without real knowledge might still not land you the job.

HTH
 

paper82

Member
Joined
Mar 30, 2008
Messages
135
Reaction score
0
Thanks paper82 and seesiang advise. I have to admit seesiang, you are right... cause I am abit lost now and confuse because I am desperate to get into this line. I can't think right. My mind just keep telling me to try everything to get in. :(

To be more specific I want to start in monitoring of IT security (SIEM, DLP and etc) in SOC environment first. That is my first step. I don't really want to go into implementation or maintenance (part replacement) of hardware. I am sick and tired of hardware :( I have been doing that for 7yrs. Even if it is switch and router... hardware just... make me crazy now...

Than there are people who told me that it is better to get a CCNA first followed by CEH. Get in and move from there... but also friend who told me that monitoring don't really need CCNA and CEH... I am crazy now...

As what I know SOC prefer to hire fresh grad for L1 monitoring role .

Not really need a lot of cert .... as long as have relevant IT degree .
 

Lastexile

Arch-Supremacy Member
Joined
Mar 6, 2004
Messages
11,688
Reaction score
115
If you want to go get CISSP, just go get it. My personal opinion is ISC doesn't validate the credentials strictly. I have seen many sales people who know little practical security knowledge and get CISSP membership after passing the exam. The key is just to get someone to endorse you.

If you have time and money, there's nothing wrong to go for certificate. But remember whenever you do a certification that is not relevant, you are wasting time (opportunity cost) instead of learning something actually useful.

At the end of the day, I think most employers (or anyone worth their salt) are looking at capability - can you actually perform the task? And you probably want to work for someone to know his **** and value your skills instead of lame acronym in your resume.

If you are really interested in SOC stuff, I strongly recommend you to look into how can you setup your own SOC at home or on the cloud.

Here are some examples using ELK stack

https://qbox.io/blog/welcome-to-the-elk-stack-elasticsearch-logstash-kibana

https://www.slideshare.net/prajalkulkarni/attack-monitoring-using-elasticsearch-logstash-and-kibana

https://resources.sei.cmu.edu/asset_files/Presentation/2015_017_001_431205.pdf

https://github.com/PolitoInc/ELK-Hunting

https://github.com/A3sal0n/CyberThreatHunting

At end of the day, SOC is all about analyzing data flow - Endpoint and network information. Find out what are the interesting information you should gather, gather them into one place then visualize/search/analyse them. Then go into threat hunting - proactively seek out anomalous information.

Singapore information security industry is mostly a joke because there seems to be a deep misconception that you need to get CISSP to even break into it regardless of the domain. What you really need is to demonstrate the skills required and passion for learning (at least for technical jobs). There are so many resources on the internet - tutorial, open source tools and youtube videos for explore and pick up things on your own.
 

loftystew

Master Member
Joined
Oct 24, 2009
Messages
2,926
Reaction score
14
You may want to try going for the 'Cyber Security Associates and Technologists Programme'.

https://www.csa.gov.sg/programmes/csat

Not sure if the opportunity is still available but no harm asking the partners about it.

Well, at your age, I guess the most important question is are you willing to take a giant step back in term of your salary? There are definitely opportunities out there but unlikely you will get what you are getting currently for entry-level SOC jobs.
 
Last edited:

Xcert

Supremacy Member
Joined
Sep 11, 2002
Messages
9,725
Reaction score
216
Hi,
Just a bit of background. I worked as a primarily desktop support in the past but also helped in patching server (windows),basic troubleshooting of server (windows),AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary. Right now I am doing proactive monitoring and as a 1.5 support for windows servers/linux/unix. Total work exp is 9yrs close to 10yrs exp.

I was thinking of directly going for CISSP but I not sure whether my 7yrs of AD administration, managing SEPM Manager, Surfcontrol and Lumension Sanctuary are considered as 2 domains in the CISSP. I want to move toward security role, it is a decision that I have been considering for close to a year and right now I do not want to hesitate anymore; I am not that young anymore :o 35.

The problem is IT Security job requires alot of exp and Certification and I highly doubt I can get in with my current credential. One friend recommend me to take CEH to enter into the market, the other friend said take CISSP when you still young; better memory to handle theory.

Now 3 question:
1. Should I go CEH or CISSP?

2. If I take CEH, any recommendation of place to take the course where the practical are much better? I do not just want a cert, I want the knowledge and the skills.

3. If I take CISSP direct, do I qualified for the minimum 2 domain?

P.S: Sorry for wall of text (damage 999 dealt)
CEH and CISSP are 2 very different certifications.....CEH is more of an introduction to hacking...showing you what are the tools that can be used for the purpose....You still need to put in the hours to try the tools and know which tool to use for what purpose.

to my understanding....CISSP is more of a theory certification....more for management....8 domains to know....

Disclaimer:I took CEH but not CISSP.

Where to take CEH?A lot of places have....Just google will do....From what I know....COMAT....New Horizons...Kaplan....
 
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
Top