I have a summer internship in Security Consulting, and was wondering what certs I should get before my start date that would benefit me on the job. I was thinking Net+, and maybe A+, though I've heard its useless. I will get my cissp eventually, but apparently need 3 years of field experience first.
So, what certs will help me prepare for a career in infosec?
I've been a security consultant for fifteen years now. What is your current background and experience?
>>52233486
Im a junior working on an SRA degree (Security and Risk Analysis) with a focus in Cyber Security. Last summer I interned as a security analyst intern. Other than that, I have some professional development / networking experience with a "professional business organization" im involved with on campus.
>>52233787
Also after doing some additional research, seems like sec+ and net+ are good "basic" certs to have, and I have decent knowledge of both subjects from my experience / college courses.
>>52233787
Kill yourself.
Because if you don't, actual technologists will when you rock up and start trying to tell them how to do their jobs because of 'muh risk management.'
There are basically two strands to the risk game, Infra and Applications. You know nothing about either. Don't take this the wrong way but I sincerely hope you fail in your ambitions in this industry.
Oh, and Happy New Year!
>>52234351
From what I know so far, what I will be working on is helping "clients" build or strengthen soc's and generally coach them on best practices and how to implement and use siem software. Not in the field yet so not totally sure, but definitely not working in applications security.
Sadly, this is the only field of study that has ever peaked my interest, so I will continue to live.
Happy new year to you as well!
>>52233787
>professional development / networking experience
Shit bubba, I actually missed this on first read, kinda tucked away abit m8 innit?...
If it helps, I'm Infra, I worked support for five years, then got an MCSE. Then I read 'Hacking Exposed" and I was at a Big 4 doing penetration testing within three months. I know that's a travesty for all you pen testers out there, but lucky me.
Basically though, my advise to kill yourself (gently) still stands. You're coming at this job from the wrong angle. Security as a practice is dead simple, and there is nothing in the CISSP that any competent student can't ace and replicate at work. If you haven't got deep technical skills what do you honestly think you are offering to an organisation and their clients, other than box ticking to protect crooked excos?
>>52234475
>peaked
"piqued"
And you need to be able to write reports. That's a huge plus if you're going in at a soft angle.
Ccna r&s, cissp, Linux+
>>52234495
You're the first person to give me this type of feedback, likely because my advisors are old and clueless. Since I have a strong desire to continue living, what advice do you have to approach the field from a better angle.
>>52234543
>piqued
Thanks, I'm not as bad of a writer as that suggests. Still have a technical writing course to take as well.
>>52234661
I should mention my internship will give me the opportunity to pick which department to spend time in, and rotate between whichever I choose to work in. So which departments should I spend time with?
>>52234661
>my advisors are old and clueless
Beats young and clueless! But who are your advisers? You mean at college? On your internship?
>52234705
I should mention my internship will give me the opportunity to pick which department to spend time in, and rotate between whichever I choose to work in. So which departments should I spend time with?
Where is the internship? What kind of business?
>>52235036
Yes I mean my college advisors. The people im in contact with for the internship seem confident that im qualified. Its for IBM.
>>52235082
>Yes I mean my college advisors. The people im in contact with for the internship seem confident that im qualified. Its for IBM.
So you're basically looking at doing client facing work for the IBM security practice, or looking after IBM stuff internally?
Also, pls nigga, I didn't ask you to tell me what the company name was. You're supposed to be a security guy, not some flibbitygibbet who posts about his employer on a Wiccan Basket Weaving site. Fuck me sideways you're wet behind the ears!
>>52235435
>client facing work for the security practice
Yes.
>Wiccan Basket Weaving
You've clearly broken through my 7 proxies and know my real employer.
>>52235435
>So you're basically looking at doing client facing work for the IBM security practice, or looking after IBM stuff internally?
DESU it doesn't matter, just go and do what the old hands tell you to do. I'd estimate you're looking at five years as an analyst / SOC guy, use that time to broaden your horizons, deepen specific technology stacks, and then strike out on your own as a contractor in one of the major cities.
>>52234624
this. definitely be network side of the security team. brush up on taking pcaps with wireshark/tshark. learning how to use the main apps in kali would also help you understand some of the concepts better
>>52235496
>You've clearly broken through my 7 proxies and know my real employer.
What the fuck did you just say about me you fucking noob Hax0r??? :-)
>>52235524
>this. definitely be network side of the security team. brush up on taking pcaps with wireshark/tshark. learning how to use the main apps in kali would also help you understand some of the concepts better
Ignore this ape. We keep guys like this in the back room, away from the women and clients...
But CCNA is a good 'un, Linux too.
>>52235524
I will definately spend some time with them, but I'm more interested in working client-side
>>52235571
Thanks. Im thinking of going for sec+, net+, linux+, Ccna r&s, in the next year or 2.
>>52235616
>Thanks. Im thinking of going for sec+, net+, linux+, Ccna r&s, in the next year or 2.
Scrap sec+ and net+ except as paths to deeper tech. You can get both of them turning over a sheet of paper, they're worth shit, but they are a decent foundation towards other stuff.
where did you find the internship op? through your school?
I'm majoring in infosec myself but I'm hoping to get an internship in the fall.
>>52235799
Yea at a career fair at school. If your school offers these, go and hand out your resume to everyone and have a good 30 second pitch.
>>52235853
Unfortunately I take classes online and my main campus is in another state so that's not really an option.
