Best cyber certification to get next? Have CISA and CISSP. Thinking AWS Security, CEH, or OSWP? Thoughts??

like
Posting as :
works at
You are currently posting as works at

It all depends on where you want to go and the story you want to tell. I don't recommend AWS Sec, OSWP, or CEH for varying reasons, but I think you'd be good to maybe look into CISSP specializations, CISM, or other ISACA certs.

Where you're at, I would highly recommend CISM. Stay within the ISC2 and ISACA realms to keep your maintenance liability low. CISM and CISSP together tell a story that you've got management qualities and can help you move forward on the path you've laid out with the certs you have and if you want to be in/stay in management.

If you want to go cloud - CCSP is the way to go. If you want to tell a more technical, hands-on-keyboard story - OSCP is the way to go. OffSec also just released a blue-team SOC based cert that may be worth looking at if you're more into blue team work.

like

Great information. Thank you for the insight

like

What's your current role, and what do you want to get out of it?

Also, I would go with OSCP over OSWP without knowing that answer due to more demand and useful skills for threat modeling and vulnerability testing. OSWP is great if you're going to become an onsite pen tester.

like

CCSP might be a safe bet. I see a lot more people looking for it in all fields.

like

I agree I’ve had a few interviewing managers suggest me about CCSP as well.

like

Follow

It depends on what you want to do with your career. OSWP is easy and also a bit of a waste. If you want to go down the offensive route, OSCP is the one to get. If you’re focusing on cloud security, AWS is good but you should also get the Solutions Architect Associate as well. Plenty of other certifications out there as well, but it does depend on what you want your career path to be

CCSK. Exam is open book and taken from home

Related Posts

I am in a tech IC position. One of friends switched to FAANG by converting the profile to consultant profile. The friend who might have less tech knowledge than me is now in FAANG and earning more. If the end goal would be that the friend might one day be a product manager and me an engineering manager taking instructions from the same friend, isn't consultant profile an easier path to growth. I had been practising DSA for years and the competition is only ever growing.

Is it worth it to pay for your own certification ?

like

Hi fishies! Considering an internal big 4 move from Western Europe to Dubai. Not sure about WLB and whether there’ll be enough growth and learning opportunities after reading some of the threads here. Anyone up for sharing their experience? Especially concerned about sexism / racism as a WOC…and whether moving back to Europe in a few years will be difficult because the ME experience won’t be considered valuable.

like

Hi Fishes, I've 2.25 Years of experience in SAP Basis, but I've lost interest in the same due to not receiving proper training, inability to practice on customer's system and shifts. I'm looking forward to go for MBA/changing technology, which one would be a better option? In case of the latter can you guys suggest lucrative technologies which has little/no coding and can definitely give good packages? I've tried changing jobs in Basis for nearly one year and didn't get through. Please help me.

like

Any recommendations for best MBA programs which offer part time/ weekend classes around Boston area. With M-T regular travel, evening weekday classes not poss. for me. Interested in General MBA (cont)

Good jobs for introverts? So over consulting.

likeuplifting

I was a software engineering consultant and moved to industry last year. To keep things short, I can’t see long term growth for my career and exploring options to be proactive.

My friend just offered to refer me to Twilio “when I’m ready”. When would be a safe time to make the jump? 1/3 of stocks vest in a yr. All vest jn 4 years ($180K). Base: $205K

10 yoe w/ avg 3-4 year tenure. Was at last job but left after 6 months. Current job for 2 months. I work best in a technical/mgmt hybrid role.

like

How difficult is it to lateral to other areas of tax without prior experience in the area? (Ex: Income tax planning to estate planning, corporate tax to exec comp, or estate planning to controversy work, etc.) Assuming you have an LLM or a couple years of experience in your first tax area.

like

Is there anyone here who is a UX strategist? I’m looking to make a change from the healthcare industry to UX and I think strategy or research is where I’d like to land but would love to talk to someone currently in this field!

like

A good friend of mine graduated from Parsons this past summer, has degrees in Journalism and French, is a talented photographer and designer (which I feel I have a pretty decent eye for after working at a design-driven branding agency for half a decade). And I’m certain she’d make a fabulous junior AD or content strategist. Unfortunately she, like many in this pandemic, is still without a job. Any advice for her and/or shops/hiring managers/non-traditional job hunt tips to steer her towards?

like

A question from a youngster. Is working at a big big company with slightly low pay better or working at a much smaller company with higher pay better?

In the future, after a few years, let’s say I’m at a small company and want to switch to big big company, will the “small names” hurt my chance to get into the big doors?

I mean big big company is like 10x bigger than the small one if this was a factor. Assume everything else the same, WLB, commute, teams, etc.

like

Hi Fish,

I am currently working in non tech as an analyst. I have learnt SQL AND Data warehousing concepts. I am thinking of switching to any data related role Data Analyst/Data engineer. Appreciate your views/thoughts on this.
Should I have to learn some more to switch or should take up any real time projects to start a career in the above mentioned fields.
Overall experience: 3y
CCTC: 4.2 LPA

THANK YOU

like

Hey fish, I started recently (within the last year) at post PhD level. I’m thinking about moving into pharma or biotech since I don’t think the ladder in consulting is right for me long term. How long do you need to stay in consulting for before making say 150-200k base in pharma/biotech?

like

I am a female developer, I started in QA & learned everything on the job to become a junior dev and then to developer. After 6 years at the same company I think it’s time to move on.
I know vue & have developed everything from emails to landing pages to being second on a WP site. My only hesitation is I’m nervous I am not good enough at JS to look for a new job.
Will companies be willing to train me more due to the current job market & being female?
Advice on learning JS or job search please

Should I opt for online 2 yrs MBA from DY patil university? It is good or should I look for alternative. I am getting alot of calls from them. Please suggest. I have around 3 yrs experience in IT.

like

🗣️ #ASpaceToVent 🗣️
Making a career change is tough! Let's use this thread for venting, asking for community support and feedback, or just being witnessed on something that needs to be shared. A space to say what you can't say elsewhere!

like

Are there any roles at Google that would consider someone coming from Private Equity Ops (with consulting background) or is that too far removed? About to take a PE position but would like to know if it hurts my chances at moving to Big Tech one day - thank you

I feel bad for the people who got into supply chain management and are burned out. I feel like they get the short end of the stick, and it truly is not a bad career at all, I think maybe some of them just aren't cut for it.

like

I have 4.5 yrs of work ex and joining as ACON at KPMG. Will I get promoted to CON in next cycle i.e October 2023 or so I have to wait until October 2024?

like

I have a period of time (~2 years) where I worked multiple part time jobs. One job was with a FAANG so that’s easy to put on my resume. But the others included a couple non profits (mainly digital marketing), then multiple contracts with clients doing things like business development, APIs, websites, etc. How can I combine these “side gigs” under a single title/experience? Business Consultant? Say I ran a consulting agency? Business Dev Engineer? I’m lost. I don’t want to embellish or undermine.

More Posts

like

Why PWC only prefers 60% even if you have experience in IT..?
why are they rejecting people with less than 60%

like

Big Ass Fan - Haiku - has anyone purchased these and can recommend it over other ceiling fans?

About to close on a house soon, and looking to smart automate a lot in the house with fully integrated devices - but at over $1K a pop these things aren’t the cheapest but I’m convinced we’d get a lot of use out of these.

like

I cleared all my rounds of interview in JPMC, had salary discussion with HR 2 weeks back. After which i was asked to apply the job on candidate portal and submit additional information.

Its almost 2 weeks and i haven't heard back anything from them. My status in portal shows "You are moving to the final steps in the process". This status has not changed since last 2 weeks.

Can i expect the offer letter to be released? If yes when?

How to link ESPP to Personal Capital/Mint? Not 401K, I already got that covered 👀

like

What is the best way to learn OICs and VBCS ? What resources, blogs and YouTube channels are good?

Has anyone worked at Cole, Scott & Kissane? Received an offer this month when I graduate law school but I’m hearing mixed stories.

like

Anyone have an attorney recommendation for pursuing a construction defect claim against a roofing contractor? Preferably South FL

like

I’m so glad this bowl finally exists.

like

Anyone help me know what user credentials are needed to login to iPhone given by mercer?

I graduated with my bachelor's in HRM and I'm wondering if there are any certifications or trainings I could do before I lock down on the SHRM-CP. I recently became HIPAA certified for my company and that got me thinking about what else I could do to add to my resume. Looking for good stepping stone certificates.

like

Women in construction PMP® Certified Professional with 13 Years of Work Experience
in UAE & Mumbai India in High-Rise Residential, Mixed Use Buildings, Ballistic Works / Military Projects , Firing Range & Warehouses, Precast Concrete, Asphalt Road Works & Infrastructure Works

B.E. (Civil Engineering) , PMP® Certified, LEAD -QMS ISO- 9001-2015, ACI Cert

Strong at Technical knowledge Project management, Coordination .

Looking for a job , open to explore new Field. Please consider.

like

Hi Fishes,

Does Cvent has any type of service bond ?

like

Would love insight into the workforce readiness practice… good/bad/ugly :)

like

Hi Fishes, I am into the Java domain with 5 YOE.
Cracked all interview rounds for
GlobalLogic .
Already been told that I would be mapped to the client 'Precisely'.

Can someone provide insights regarding client/project and work load?

Your responses are highly appreciated.GlobalLogic

Are art director/copywriter partnerships antiquated?

like

The nail on my second toe hasn’t been the same since I ran a half marathon a few years ago. It’s gross and totally messed up and it doesn’t seem to be getting any better. Do I see a podiatrist for toenails or a dermatologist?

like

Can OSSI employee work from any Oracle office in India?

Hi,

Please help me in getting 11 likes to unlock dm.

Thanks

like

Walking home from the office today, I walked past an AE store. Walked in on a curious whim and I accidentally bought a new pair of chukka boots. Can anyone relate? 😂😩

like

Additional Posts in Cyber Security Bowl

Has anyone gone through the deloitte cyber risk interview process recently? How many interviews did you have and how was the process?? Salary?

like

Any BCG Platinion Cyber folks here?
What kinna work do you guys do? Planning to make the switch after 5 years with Uncle D. Wanna hear from you guys about culture, projects and areas of expertise.

like

On a phone call today, my client suggested our project team provide 24/7 coverage for scanning support. My team size is two, including myself.

Post Photo
likefunnysmart

Any recommended study material for CIPP and/or CIPM (still debating the two)?

Would you expense a speeding ticket on your way to an IR?

funnylike

is CRISC worth it? dont see it coming up as much as others

like

Can anyone recommend a good book/materials to prep for the CIPP/CIPM? 🙏🏽

Salary range for PwC S1 in Cyber Risk MCOL?

like

I start my journey of being more technical today. I am giving myself 2 yrs. I started a role doing IT controls, Identity and Access Management work. I have prior experience in UAT, business process controls (A-123). I am planning on passing the Security plus and CISSP certs within 2 yrs. Have a TS clearance. Any advice or reality check is welcome.
I will like to do cyber work in the Intelligence Community.

like
like

Currently a senior with 2.5 YOE(not including 7 months of internships). I want to apply to Pwc Senior Cyber Risk position, but the minimum YOE is 3. Is it worth my time applying for the role? Will I get eliminated off the bat due to YOE?

like

Joining a group that specializes in incident response. Any recommendations on things I can do this summer to prepare on fundamentals/certs?

like

Currently working in an IT audit role, what is the best way to transition into cyber ?

like

Currently stuck in risk but interested in Cyber. Have done one related engagement from a regulatory perspective. But a lot of posts here making me think it’s harder to break into than I expected (non-technical background). If you had a six sigma green belt / supply chain degree/exp., would you still go through the effort of going into Cyber or take easy risk money being offered / easier transition back to supply chain? 2-3 YOE and trying to decide career course, any advice highly appreciated

like

New to the U.S., is the Healthcare Industry (via HIPAA), the only industry in the U.S. that legally mandates having a designated Privacy Officer? So for example, although GLBA has obvious privacy requirements, unlike with healthcare, financial institutions in the U.S. are not mandated by law to have a designated Privacy Officer?

like

Anyone working in Pharma industry?

like

Deloitte Cyber, how long did it take you to receive an offer after final interview?

like

Privacy fish - Anyone taken the CIPM and can share what the exam is like?

Content outline seems like application of standard consulting approach, so how do they test it on an exam?

Tired of your job and want to come to KPMG Cyber Services? Drop me a burner here.

likefunny

For those who have passed the CIPM exam, what is it like (and how does it compare to the CIPP/US exam)?

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal