Related Posts
More Posts
Guys....we can do better than 55 consultants.
Need 11 likes to start DM
Any news from DPW? 🤔🤔
Anyone else love blockchain?
Additional Posts in Cyber Security Bowl
Views on carbon black as a product?
Anyone ever heard of or worked for Sygnia?
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.




Would you be interested in Web Application penetration testing? Plenty of Java experts needed in that area. If you are, I would put the CISSP and CISA on the back burner and take up a couple of other more technical certifications: eWPT, GWAPT, OSWE. The CISSP and CISA are more management related and would not take advantage of the technical experience you have. The OSWE is actually very technical and commands a decent amount of respect.
The problem with OSCP is that it encompasses network penetration testing elements as well (Linux, Windows AD, exploit development etc), and is not as focused as the OSWE. You will also find that jobs that require the OSCP will take less advantage of your java experience unless they are web app based. On the plus side, the OSCP is easier than the OSWE so you could probably get it in 3 months or so. Even easier still is the GWAPT - I just searched for web application tester jobs just now and GWAPT was listed amongst quite a few of them. GWAPT is 100% focused on web application testing and is more in line with your current experience/skill set.
Pentest or get into devsecops
Thought the same, devsecops sounds like a good fit.