Related Posts
More Posts
What is the job grade for sr specialist in nokia
Tips to improve on IR (GMAT/EA)?
Additional Posts in Consulting
FTI consulting- any thoughts ?
Thoughts on KPMG Ignition?
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.



Naah doesn't matter. Get a certification pertinent to the field instead. CISSP is an industry standard but not particularly useful in terms of actual knowledge. If you wanna be technical in the pentesting space, I would highly recommend the OSWP and OSCP. Getting certified as a QSA will guarantee job security someplace (unless you're just a rubber stamp). CISA is another one that I've seen people get.
In cyber myself and haven't seen much use for it. I know plenty at the Mngr and Sen Mngr level without one. Also known as consultant who had one in cyber, but she's so stupid I won't trust her to protect my microwave. Certs def carry more weight as well as skills/relevant work experience.
Wouldn't get a master's degree, there's just no need. Focus on gaining relevant skills and get certs when the company offers training. OSCP is a great cert if you want to go down the pentesting route, but it will be the hardest cert you've ever taken, and you'll never pass if you're not already somewhat skilled. Government loves the CEH, which is an easy one to pick up. CISSP is still the industry standard, although it's quickly losing its weight imo
No value IMO
The only thing I'll add is that the most beneficial security skill is the understanding of how an attacker thinks/acts. I've seen so many security professionals who are compliance pros, or DLP experts, or even VM remediation folks who have really no idea how to hack. Pick up basic pen testing skills, learn how attackers think, and you'll quickly differentiate yourself from your peers who have just tool-specific experience.
CISSP & CISA are really the two that recruiters target. No idea why considering neither of them are overly technical.
Nope, certs much more important
I have a son—he’s 10 years old. He has computers. He is so good with these computers. It’s unbelievable. The security aspect of cyber is very, very tough. And maybe, it's hardly doable.
I'm in security too and I'm not sure if I should just focus on certs, get an MBA, or get an MS in cyber security.
If you have work experience I don't think you need one. Fresh out of undergrad, it could be useful.
What are your goals? Depends what you are looking to do 5+ years down the road
What helps you go into management? Just time and hard work?
How does the GSEC look for a cyber security professional with 1 year of experience?
Yeah everyone seems to be answering in line with what I was thinking. I've already got a number of certs, not sure I'll need anymore given that I'll be up for manager next year and I keep moving more and more 'out of the weeds'.
I think the common route after that promo is lateraling to industry at director levek, taking a 30+% pay raise. Getting from director to VP up to CISO is a little more ambiguous
As for long term goals...I'm definitely not in for the PPD haul. I guess we all mostly think of CISO at some big company to be our ceiling? Other than starting your own company? I for sure want to move into management. I think ideally I'd be like a director of security architecture over a large/diverse tech environment. I've got a fairly technical skillset, and I don't want to be completely removed from the technology, but I also don't want to be configuring tools and running pen tests the rest of my life.
Yeah A1 I feel you. Just wanted to see if anyone thought a masters would help make that kind of transition. Glad to hear that's not the case lol
Also know a.....damn autocorrect
No need for it. Pick a speciality though. Cyber ark is pretty hot right now
If you have 1 year of experience, have a GSEC and NSA cert, what is the next best cert for my level? CEH? Then CISSP in a few years?