Which security certifications are most accepted?

5 pts.
IT careers
Security careers
Hello All, I have been involved in the IT career path for about 6 years now. I have worked my way up from a helpdesk agent to my current position as a systems admin. Lately I have felt mired... or stagnant in this track and I am looking to test new waters. Security has always been an interest and I am hoping to explore that field futher. Can anyone assist with where to best get started, (Books, training materials, classes, networking, etc...) with the pursuit of this segment of the IT industry. Which certs are most accepted? Is it better to be vendor specific or non specific? I really dont know where to start. I have basic security knowledge ( VPN, IPsec, L2TP, PPTP, NTFS, GPO, yadd yadda..) Thanks in advance for your assistance. I look forward to all of your replies. Best regards, Eric

Answer Wiki

Thanks. We'll let you know when a new response is added.

We checked with independent security expert Brien Posey, MCSE, and here’s his answer:

“I would recommend starting by getting a CISSP certification. The classes can be expensive, but there are plenty of books that can prepare you for the exam without you ever having to set foot in a classroom.”

Interested in more from Brien Posey? Read his latest SearchCIO-Midmarket tip: Unified communications: Securing access to OCS.

The CISSP is not a starting point — it requires 5 cumulative years experience in at least 2 of the 10 domains.
SANS GIAC / CompTIA Security+ are better suited as starting points.

Discuss This Question: 5  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • SAPMeister
    The first question I would ask is: Are you sure you want to stay in the IT field? What I've done is bit different. I decided to re-tool for a more "recession proof" job. By recession proof I mean accounting, life sciences (doctor, nurse, etc.) or law. This was a very tough decision, but the way things were going with the economy, offshoring, etc., something had to be done. All of the complaining, no matter how well put together the facts were/are, companies turned the other cheek and IT people are suffering because of it. It has now evolved into us simply having to accept these things and living with them or moving on. The ups and downs in our economy and the way the country has been run over the last eight years or so, contributed to my decision. I love IT and still keep a hand in it, but overall, my career is transitioning to one of the recession proof ones I mentioned above. What we need is more control over our careers! The IT world has changed too much! Salaries have gone through a decay process due to offshoring, industry lobbys, etc. The worry of layoffs loom over our heads every two or three years. I think IT pros need to look at other alternatives, either inlieu of, or in addition to IT. What will you want to do after security?
    10 pointsBadges:
  • Chrissezhi
    All are good ideas. One area that you may want to consider if education. With online education coming to the forefront as it has, it could push you up the path. If you have your bachelors already, one college that is NSA certified is Capitol College located in Laurel MD. Good luck in your adventures.
    10 pointsBadges:
  • Jocko
    I would propose CISSP too, special as the question was set up on CIO site. CISSP has value to understand the whole security aspects. The guys like to say that gotten knowledge is one inch deep and miles wide. You can start with the book CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One) by Shon Harris or research online on http://cccure.org/ or http://www.isc2.org. The certificate require thinking like a manager and out of the box. I assume you are looking for a new challenge. According to your listed experience I assume that you can qualify for CISSP. Without experience you can still apply for CISSP Associate. CISSP learning material can help you to decide where in security area you would like to deep dive in. Another option is to add to CISSP some project management certificate or MBA, as there is and it will even increase demand for such knowledge combination.
    10 pointsBadges:
  • DiegoDH
    As said, CISSP requires "verifiable" experience (see www.isc2.org for details). Agree with the outsourcing/offshoring issues, that's part of life. But is you still want to be in IT, the further you move up in knowledge (specially abouyt a company's business & processes), the lesser the risk your job could be at. After security... why not IT Auditor? Tech knowledge is useful, as well as process-related one. And you need to ba able to understand risks, frameworks, audit guidelines, etc. Yes, this can also be outsourced (even offshored), but is a less risky path (AFAIK). For this a CISA certification (which also requires some experience, see: www.isaca.org) is highly recommended. And with proper qualifications, well you can "offshore" yourself! (as far as you're happy to relocate in a different country/region). Good luck! Diego.
    275 pointsBadges:
  • Kevin Beaver
    You need to really focus on getting some good hands-on experience. Certifications are good for learning and getting you in the door but don't fully count on them as I outline in this recent article for SearchSoftwareQuality.com. You've got to get out and network and be known...Most importantly, you need to figure out what you're good at and what you want to do in security. It's such a vast field with so many options. The following should help answer a lot more of your questions: http://securityonwheels.blogspot.com/2008/02/my-first-official-audio-program-getting.html
    27,520 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: