I’m wanting to get out of Sales and become a Cyber Security Specialist. I looked into My computer career but got turned off by the $30k cost. I’m looking into just taking some classes at the local community college to prepare myself for the below certification tests. I’m looking for advice on the route I should take. Willing to give out personal contact info to those that really want to help and can provide insight. I appreciate the help/advice.

Post Photo
like
Posting as :
works at
You are currently posting as works at

I’ll play devils advocate, as someone that has been working in security for 20+ years.

Generally, I find certs only useful to satisfy the most basic HR screening. Having a CISSP might get you past them, but likely not past me. OSCP is the exception, as that requires a high degree of real technical expertise AND requires you to demonstrate use of that expertise during a live simulated 24 hour attack / defense scenario. But that’s specific to pen testing, which is a very small niche area within security.

I recommend starting with something cheap and basic like linuxacademy - 40 bucks a month gets you access to tons of starter courses on networking, programming, infrastructure, DevOps, cloud platforms, etc etc. after that you’ll have a more informed opinion about what to do next. Learn to use Python. Play around with Kali Linux. Create an AWS account and spin up some virtual environments and servers.

In the end, for most security roles we value hands on technical experience over certs. If you’d rather focus on compliance / audit related security jobs, you can get away with more certs / less hands on technical know how.

Feel free to DM me if you want.

likehelpful

Let me add some additional examples of what I think are more valuable, since my post seems to have gotten a few views. Basically, anything that require you to perform hands on work.

Cisco or PAN certs - build your own enterprise grade network at home with used routers, switches, and firewalls. Or deploy VM firewalls in AWS. It’s not security specific, but having a fundamental understanding of how data moves through networks is critical.

AWS / Azure / GCP certs - any of these; solutions architect, advanced networking, cloud foundations, etc.

Learn how to use the command line. Run a Linux VM and play around. If you have a MacBook use the command line and install Python - figure out how manage Python versions, libraries, and environments.

Install GitHub CLI. Setup a GitHub account and play with pushing code, pulling code, merging code, etc.

Play around with orchestration layers - Ansible, Chef, Puppet, etc.

Point is - CISA and CISSP are fine if you want to be an IT Auditor. If you actually want to do real security consulting you need to get in the weeds on all of the above.

helpful

I would reccomend getting your hands dirty with the technology as soon as possible. Any internal transfer to a more tech focused role would look good for your resume. I know some hiring managers are shy to go for people with just a bunch of certificates. If the transfer is not possible start getting into the various outside pojects on your own at home. Buy a raspberry pi or two and enjoy what you do.

like

Consider customer success or sales engineering. Be an inside sales SE or talk to your SE and get guidance from them.

like

2 questions you have to ask yourself: 1.) what role within the cyber security space do you want to be/play in. (Eg, cyber threat analyst, security architect, security engineer cyber strategist, penetration tester, etc) 2.) what area within cyber you want to specialize in (vulnerability management, cloud security, cyber strategy, endpoint security management, data/information protection, network security, application security, IAM, mobile, IT/OT, etc.) deciding those two things will help set the guide rails for your path. If you are just getting into cyber I recommend reading the CISSP (ISC)2 Certified Information Systems Security Professional Official book. CISSP is the gold standard cert every security personnel tries to get. The book will provide a nice overview of everything security and cyber.

likehelpful

While the CCNA has good core knowledge of networks, it quickly delves into cisco specific configuration/setup that only a network engineer or IT personnel would need to know. You'll gain that same core foundation from the Security+ and Networking+ so, in my opinion, you can take CCNA off your list unless you want to be a cable monkey

like

As someone who also previously had a CCNA and a couple other CC’s I agree with the poster. Very good solid network base, but a lot of vendor Kool-Aide. I did not see CISSP in your list, I would recommend you add it as it is a well respected, balanced credential.

Finally, incorporate Cloud - everything is headed that way and there are more legacy cyber people than Cloud cyber - an opportunity to get an edge.

like

Why the change... are you passionate about cyber security or just tired of sales?
If you are not passionate about cyber security you will find your self in the same boat in 12 months. Just a thought...

likesmarthelpful

I am passionate about cyber security. Even if all it gets me is a better sales role at a cyber security company,I want to have the knowledge and truly be of value in this field.

Unrelated but why are you looking to leave sales? Are you in cyber security sales now?

like

OP - I get what you are feeling. Was in a similar boat and hated the reset button every quarter/year. Work on basic certs, look for entry level positions to get in and then work your way up. There will be a pay cut but it’ll be worth it at the end.

like

You have to first select a route.

Broadly speaking:
1) pen testing (offensive/defensive)
2) risk/audit/governance
3) forensics/incident response

Looks like you're heading towards pen testing atm (whether intentionally or unintentionally).

Your list of certs are entry level and will build a solid foundation for you, but you don't need to do all those, most of their content will repeat and overlap, which is why a clear route is important, you don't want to spend a year doing 4 certs only to find 1 would have sufficed.

I would suggest you:
A) Do more research into the various cyber roles and pick 1 or 2 to further research.
B) Google what certs are most valuable for those particular roles.
C) Look up the respective certs and what path you need to attain them (usually on their site).

Having said all that, you will still need foundational knowledge and the CompTIA certs are great for that.

like

Taking classes might help you understand the fundamentals better if you don’t have a tech background. Just getting the practice test and books on the test works better. I’m an info sys undergrad and work in tech and still spent 6 months studying with practice test to barely pass the SEC+

likesmart

I went from a business degree to a very technical cyber role where I've been working for the last 16 months. Everything i learned was self taught and im constantly gathering advice and resources so feel free to DM me on fishbowl if you'd like

likehelpful

I agree with MD1 here. Find some technology and understand how it operates. Get into a role where you have to really learn how to gain value from its use and then learn how to secure it. A safe avenue will be to transfer to a sales engineering role. Another safe route will be to learn your dream job while grinding away at what pays the bills. Take some pro-Bono work on your free time. Once you have a baseline of knowledge you can work in an operations role and move on up. Focus not on having experience and skills but in making experience and acquiring skills. Hiring managers love people who show that they can learn and want to grow in their careers. My $0.02.

like

Would going back and getting a computer science degree help me at all?

If you don’t already have an undergrad degree, yes. I would recommend you do that. If you already have a degree, are really driven/motivated then I think you can use the certification route by:

1. You’re already at a tech company. See if you can find out about any technical roles that might give you a shot.
2. Get certs aligned to those roles to get your foot in the door.
- In tech, you can move around (technology space) laterally quite a bit if you manage your experience and your resume right.

If you’re driven enough to get certs and do hands on labs to learn stuff, you can go this route. If the thought of spending time doing this turns you off then you will probably need something more structured (school, but many times you won’t learn what you’ll actually need to know to do a job). Technical roles are not for everyone though. This will be a good gauge if it’s for you.

At the end of the day, your education, certs etc. (aside from the learning aspect) show companies that you are able to accomplish/complete things when you don’t have the experience to talk about yet.

like

From personal experience, I’m enrolled in a course Instructor led for the CCNA. I know there are more specific certifications for cyber security, but I am really enjoying the knowledge I’m gaining from the CCNA. I don’t know about the career opportunity CCNA could you offer, but it gives me a very ground knowledge of many topics. If you don’t have the main concepts about network and stuff, then I would recommend to spend some time on the CCNA. Then after having the basics, you could go for more specific field related certifications. I am currently a consultant, but I would like to switch to Cloud projects, that’s why I started from CCNA (which is not that expensive compared with other certifications).

Bachelor degree if you don’t already have one. Networking basics you listed are good - CCNA to have enough Cisco knowledge to talk with network folks is reasonable as well. Offensive skills are a good place to start and perhaps stay if you like the work. Add some defensive architecture and design as well as some compliance and you can build a well rounded security career. Remember to polish your writing/presentation skills - if you can do the work *and* write and present the results you can be a star.

Cloud security is huge right now! Look into Azure and GCP, they have free certification trainings.

Related Posts

Exhausted from 5+ months of 80 hour weeks...

Fantasizing about quitting without warning and taking a sabbatical for a month just to remember how to be a human again.

Anyone done that and not had it blow up your career trajectory or competitive salary bargaining power? I know it'll burn bridges with well-connected people.

like

I currently work as an associate marketing manager for 2 years, I previously worked on the financial operations team. My manager was very patient and trained me in all our systems and my tasks. This was also during the pandemic so a lot of calls, sharing screens on teams. She was very hands on but I took as because I'm younger, new in the digital marketing world and she making sure I was set up for success. Fast forward to 1 year and half she became a helicopter manager.

like

I have not been on a project for over 3 months. Since I joined, I have been put in training. The training got extended by a month and now it's close to 4 months since I joined and without a project.

What should I do? People say that I'm lucky to get paid without doing any work, but it is stressing me out. I need the experience. The uncertainty is freaking me out, with rumours of layoffs and the certification program and all.

How do I get into a project? How long do I have to wait more?

hey Wish to get into product companies like collins aerospace, bosch, Electronic arts , Pfizer gaming first preference , follpwed by healthcare as a business analyst in analytics space. Could somebody guide how to get into such companies? i have 8.8 YOE as a BA

1 year in doing tax returns, do most accountants do public for a few years then gtfo and go to industry?

like

Hi IBMers
What is role of a senior advisory consultant. Is it similar to solution architect

like

Hi Everyone, Started my career in government 5 years ago working in an operational role, then focussed on HR for 3 years working my way up to a middle manager role in HR as a business partner and completed my Level 7 CIPD. I don’t think HR or government is for me anymore and looking to find something new, now 24 feel I have a lot of transferable skills and knowledge but worried about private companies in other professions taking me seriously. Grateful for any advice - thanks in advance!

like

Anyone have any CSCMP Certifications? Are they worth getting or are there more beneficial supply chain related certifications worth getting?

like

Hi everyone! I’m currently working in the analytics field, and have been with Deloitte for about 3 years. With so many people now getting their masters in analytics, wondering if I also should as I’m worried I’ll fall behind. With an undergrad in stats and business, and already working in the field I want to be in, however, not sure if it’ll be worth it to spend the time & money. Would love to hear your thoughts!

like

For experienced realtors, how long have you been doing your job and why do you still love it? I'm fairly new to the field, but I'm excited for the future opportunities that I can already see!

like

I tried out a career and I'm currently miserable in it and want to figure out how to use the degrees I have to find something I find fulfilling. I don't want to go back to school and start over with that process. If anyone has any advice on what websites or resources to explore to figure out what careers and jobs are comparable with my degrees or if anyone has any information or experience with this please hit me up. I have a degree in biology and teaching credential

like

Looking to advance my career but most places ask if you have full Sales cycle/ closing. How do I gain this experience if current role won’t offer it and new roles require it?

like

Hi, can you guys please provide your opinion / review on the company qualitest? S it worth to switch from a big 4 to qualitest for test lead or test manager position?

like

I come from an engineering background and trying to get a CPA. Any advice to get the requisite accounting credits? Board - NY or whichever is easier to attain the eligibility.

like

I have a total of 3.3 years of experience with cloud services Infrastructure and development. Currently with 1.3 years of exp. in Devops Engineering, I am feeling kind of stuck with not a lot of work and no growth in my current profile. And I have only 1 year of work experience in Devops, so I'm not getting enough job opportunities per se. I am well versed with Google Cloud Services with 2.6+ yrs of exp. as a PE and have a learning curve in AWS cloud. Kindly suggest some ways that I may take??

like
like

In 2020 I made a few huge changes, I left my world of fashion/sales, retail operations and L&D and I moved countries and eventually found my way to Tech. I currently am in Sales Enablement, which I do love, but I want to grow.

How do I continue to grow in L&D/Sales enablement in tech?

Would love some insight, and also would need some help adjusting my resume to fit the tech landscape.

Thanks in advance!

like

Has anyone ever left the accounting side of a PE firm? If so, what was the move?

like

Happy Friday everyone. I'm seeing some posts in the general forum about Speedy Gonzales or lessons in Spanish... It's not that those topics aren't important, it's just that what is more urgent to me is empowering you to succeed in your current and future roles.

like

How do firms see candidates seeking to lateral across practice groups? I’m a senior lit associate doing v well at my current firm but seeking a global relocation which might entail switching to a transactional practice. Thinking capital markets since I have a lot of experience in advising our clients of litigation risk when issuing debt etc. Would I even be considered (obvi I expect some cut in seniority)? Is this common?

like

More Posts

Hi 🐠 fam: I’m looking for recommendations to plan a honeymoon trip to Hawaii (10-14 days). Would love to get the following:

- What 2 islands should we visit (nature lovers and active for hikes and scuba)?

- Recs on what and how we should plan for those islands?

- Anyone willing to share their planned itineraries? I can DM you, please let me know

- Recs on places to stay (have Marriot/Hilton points, but would love to try so unique Airbnb or resorts as well)?

like

Has anyone tried Jeff Sipe's Negotiation coaching? Is it worth it?

like

How can we delete the existing applied job in Accenture portal, showing pending review for past 7 months.

Share your thoughts.

like

I had two interviews with two people at different companies and each time the interviewer had their camera off stating that they are having connection issues. Is that acceptable for candidates to do?

like

I make $95,000 a year and get a 10% bonus for 5% raise a year. I hear others are getting 125k a year plus similar benefits. Is this actually possible? (CA)

like

Hi Everyone,

I gave interview in ericsson. 2 Technical round and 1 managerial round in September.
I cleared all rounds.
After 20 days (after so many reminders by me) they asked for the document to submit so that they proceed.

Now it's November I haven't received offer letter and no updates from HR and the HR is not picking up my call.

Anyone facing same? Is this normal in Ericsson?

I know several people, with 2-3 years of experience, who were all recently hired as senior copywriters at reputable agencies. No awards. No notable work from their last agency. Mediocre books. Am I missing something? Is there a talent shortage? Did we change the rules? 🤔

like

For those who live in Edgewater. How much do you pay in rent? I’m looking for a place in Edgewater but near Andersonville and want to get a range for the price. I want a 2 bedroom with 1-2 bathrooms.

Thanks

Can anyone tell me what the cadence of interviews with directors are? Situational, technical?

like

Hi,
What will be the in hand salary ?

Post Photo
like

I am almost done with FNP and I am so sick of patients now. I've been in healthcare for almost 20 years and it is what I know, but the pandemic has burnt me out so much. What about corporate wellness jobs? Has anyone gone there? Or gotten a job for a federal agency (not the VA, I don't want to work with patients)? How does one "break into management" if you're over 40?

like

As a hyper-self-aware person, I’m always surprised when people aren’t. Not silencing phones/watches, gabbing loudly out in the open, sitting in an office with a call on full volume for all to hear.

like

I am a Chartered Accountant. But while working on various projects, I got interested in programming. And I would like to make a career in software development. But since I am a commerce student, most companies would not consider me for those roles. Does anyone have suggestions as to how I can explore such avenues?

like

Will McKinsey create your salary account. Or you can give your saving account for salary ???McKinsey & Company

like

Hey Folks Have a fully furnished 2BHK available at Wadgaon Sheri Gurukrupa Aster at 30k.
If you are interested drop me a DM.

like

🌟 Things to Do Thursday 🌟
What's going on in Chicago this weekend? Let's use this thread to share events, concerts, activities, and other fun things happening in the city this weekend!

like

In TCS 1st month will get full month salary irrespective of joined date? @tcs

like

Odd request, but does anyone have a post-TCJA international tax law school outline that I can connect with?

like

I’m so depressed about returning to the office.

like

Additional Posts in Technology/IT Consultants

Deloitte is looking for qualified candidates to join their Cyber & Strategic Risk practice immediately. All levels. Please reach out if you're looking for a change and I'll submit your resume!

likefunny

Currently certified in AWS (CCP, SAA, and Security) and GCP (Security Engineer and Cloud Architect).

Any recommendations on Azure certs to pursue?

like

Cyber is a great space to be in right now

like

Is anyone worked before with Cloudsultants? How’s your experience with them in terms of billing for contract-based project?

like

Applied to PWC US for a position in Dynamics 365 as a functional consultant with 3 years of experience but the application status is still under review. Currently in Canada but want to move to US and utilize the TN visa opportunity. Anyone know how long is the waiting period?

like

Online Masters in Cybersecurity or Computer Science? I’m debating between applying to Georgia Tech’s OMS in CS vs CMU’s MS Infomation Security Policy and Management. My undergrad was in CS at a private school and I’ve had no Cyber experience before big4 cyber work. Lately I’ve been finding the security program strategy/transformation work to be repetitive & boring and interested in getting back to more technical work like appsec. Currently a Senior Manager with 10 YOE. 167k TC. Thoughts/advice?

like

I am an Oracle Functional Implementation consultant (