- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Any CISSPs here?
Posted on 5/30/16 at 7:36 pm
Posted on 5/30/16 at 7:36 pm
Moving to The Woodlands in July to work for an international firm that specializes in security and testing for critical infrastructure systems like SCADA. It appears that most of the team members are CISSPs (which I've gathered is the holy grail of security certifications), so I have something to aim for down the road. That being said, I have no IT experience, so I'm trying to absorb as much info as possible.
Any of you guys have recs for some more basic certs that I could use for a solid foundation? Drizz told me that Sec+ and Net+ are solid places to start, and I've also been referred to Brainbench.com and Cybrary.it to get some learning done. Employer has sent me 8 gigs of videos to watch from a 5-day online course that he conducts as well. I plan on getting the official ICS textbook (4th edition) as well as the Shon Harris 7th edition study guide.
I'm sure it seems pretty silly for someone like me to dive into this, but I think I'm capable of learning it all. I was told that it would take about a year for me to learn and utilize the various technologies/processes that this company uses. Seems like a really exciting field with great opportunities for the future.
ETA: just to clarify, I'm aware of the work requirements to earn the certification. Like gmkr said, I'm looking to be an associate while I accumulate the four years of work. Even the associate position is a little down the road, just thinking long term.
Any of you guys have recs for some more basic certs that I could use for a solid foundation? Drizz told me that Sec+ and Net+ are solid places to start, and I've also been referred to Brainbench.com and Cybrary.it to get some learning done. Employer has sent me 8 gigs of videos to watch from a 5-day online course that he conducts as well. I plan on getting the official ICS textbook (4th edition) as well as the Shon Harris 7th edition study guide.
I'm sure it seems pretty silly for someone like me to dive into this, but I think I'm capable of learning it all. I was told that it would take about a year for me to learn and utilize the various technologies/processes that this company uses. Seems like a really exciting field with great opportunities for the future.
ETA: just to clarify, I'm aware of the work requirements to earn the certification. Like gmkr said, I'm looking to be an associate while I accumulate the four years of work. Even the associate position is a little down the road, just thinking long term.
This post was edited on 5/31/16 at 10:38 am
3
Posted on 5/30/16 at 7:48 pm to Carson123987
CISSP is more of the manager's side....GSEC cert is more advanced than what you listed, but they're on the technical side.
you've got the requisite material, just need to make a study plan and try some practice/eval tests. good luck
you've got the requisite material, just need to make a study plan and try some practice/eval tests. good luck
Posted on 5/30/16 at 7:50 pm to BabySam
quote:
ISSP is more of the manager's side....GSEC cert is more advanced than what you listed, but they're on the technical side.
Interesting. Thanks for the info.
quote:
you've got the requisite material, just need to make a study plan and try some practice/eval tests. good luck
That's the plan. Thanks for the input.
Posted on 5/30/16 at 8:32 pm to Carson123987
You're aware of the work requirements?
quote:
You must have a minimum of five years of direct full-time security work experience in two or more of these 8 domains of the (ISC)² CISSP CBK: Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity) Asset Security (Protecting Security of Assets) Security Engineering (Engineering and Management of Security) Communication and Network Security (Designing and Protecting Network Security) Identity and Access Management (Controlling Access and Managing Identity) Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery) Software Development Security (Understanding, Applying, and Enforcing Software Security)
Posted on 5/30/16 at 8:54 pm to LordSnow
quote:
You're aware of the work requirements?
Yes. Like I said, the whole team is comprised of CISSPs and they meet every one of those requirements. It's also only a four year requirement if you have a 4-year degree (which I have)
This post was edited on 5/30/16 at 9:05 pm
Posted on 5/30/16 at 9:24 pm to Carson123987
Senior manager in info security here...
I would NOT rush into the cissp, it is a fine certification but just that. If they are willing to train you on the job for a year (sounds like they are) that is worth it's weight in gold. Security business is all about reputation in the end. Work hard, be humble, and absorb all you can. A good risk/control mindset helps as well.
It is a fun field.
Ping me if you have any other questions
I would NOT rush into the cissp, it is a fine certification but just that. If they are willing to train you on the job for a year (sounds like they are) that is worth it's weight in gold. Security business is all about reputation in the end. Work hard, be humble, and absorb all you can. A good risk/control mindset helps as well.
It is a fun field.
Ping me if you have any other questions
Posted on 5/30/16 at 9:45 pm to St. Pete Tiger
Thanks, St Pete. If you wouldn't mind posting your email, that'd be awesome. I'll post mine if you don't want to
Posted on 5/31/16 at 9:05 am to Carson123987
I hold a CISSP and several other GIAC certifications. Like another poster indicated, you wont have the work requirements to get the full CISSP upon passing the exam. You would however qualify for "Associate CISSP". It is not an easy test to pass, especially with no real world experience.
Shoot me an email and I'll be happy to answer any other infosec job related questions you may have.
gmrkr5 at gmail
Shoot me an email and I'll be happy to answer any other infosec job related questions you may have.
gmrkr5 at gmail
Posted on 5/31/16 at 3:57 pm to Carson123987
I would recommend the following certs to help you:
Security+
Net+
OSCP (if you can get this, you are SET in your field)
OSWP
CEH (If you are bored, it's absolutely lowest of the security certs)
Security+
Net+
OSCP (if you can get this, you are SET in your field)
OSWP
CEH (If you are bored, it's absolutely lowest of the security certs)
Posted on 5/31/16 at 4:01 pm to RussianFromLSU
quote:
OSCP (if you can get this, you are SET in your field) OSWP CEH
lol come on man.... OSxx for an entry level person is a pretty dumb suggestion and CEH is worthless (which you stated). Most would argue both of those comptia are all but useless as well unless you just need a cert for 8570
This post was edited on 5/31/16 at 4:02 pm
Posted on 5/31/16 at 4:44 pm to RussianFromLSU
quote:
I would recommend the following certs to help you:
Security+
Net+
OSCP (if you can get this, you are SET in your field)
OSWP
CEH (If you are bored, it's absolutely lowest of the security certs)
Thanks for the input. The OSCP is the one where you're in a lab, correct? that's definitely one for down the road
i understand that sec+ and net+ are pretty elementary, but figured it'd give me something to do as a starting point. Might get CEH as a formality
Posted on 5/31/16 at 6:14 pm to Carson123987
OSCP is a pen testing cert. Are tou interested in being a full time pentester? I agree that building a foundation is what you need to do. Dont get any of these certs just to get a cert. You'll end up getting challeneged to the point where you being asked to do things you cant do unless you really learn some of this material. Work on the Comptias for the simple point of gaining understanding.
SANS offers some control system specific training. It aint cheap
SANS offers some control system specific training. It aint cheap
Posted on 5/31/16 at 7:15 pm to gmrkr5
Just shot you an email 
Posted on 5/31/16 at 9:10 pm to Carson123987
Incoming
Page 1 of 1
Back to top
Follow TigerDroppings for LSU Football News