IT Security - What do I need?

Spud21 · 26 Jul 2017 at 14:49

Hi,

I have been in the IT industry for around 18 months now, did just over a year of 1st line and then got an Apps support job internally.

Currently I'm looking for a new job, it's not that I don't enjoy my job, but the pay is not great, the company I work for is known for not paying particularly well I took a hefty pay cut when I changed career and I was happy to do so for a year or so, but it's got to the point now where I need a bit more money, so i'm currently looking for either apps support or even a well paying 1st line job which would see me get a reasonable pay rise.

Anyway, during my searching I've been considering where I actually want to go in my career and one of the areas that interests me is Cyber Security, obviously i'm nowhere near being able to apply for jobs in that area at the moment so I'm just wondering what sort of things I should be looking at learning to give me the knowledge and skills I need to look to move into this area in the future.

Any ideas will be much appreciated.

Ayahuasca · 26 Jul 2017 at 15:03

A start would be security+ to get familiar with things and if you put yourself through it then it shows you likely have a genuine interest, realistically though in security and I know this sounds cliche for near enough every job role today, they really want experience. It's unlike say software development where you get junior dev positions, other than working in a support role and being given the opportunity to work on security I have no idea how people get into it. I keep hearing there's a shortage of people for the sector and it's no surprise why when you look at what's needed on most job descriptions for even basic security roles.

Beerbaron · 26 Jul 2017 at 15:07

Here is a list of certs/courses which you should be looking to obtain to get in to cyber security. Looking at their contents will help you. Some will require experience for certification. CompTIA certs are a good place to start.

CompTIA N+, S+, CSA+ & CASP+
Certified Ethical Hacker
CISSP
SANS SEC 401 & SEC503 - these are expensive but worth every penny

Software:
Snort IDS
Wireshark
NMAP
Kali linux
Nessus Vulnerability Scanner
Python and BASH

Hulkster · 27 Jul 2017 at 12:54

Some good tips so far! Experience is important and I found that I was able to shoe-horn security into previous roles because that is the direction I wanted to go and that paid dividends. Keep an ear to the ground for security projects/tasks and see if there is scope for some involvement.

I don't actually have any of the certs listed by Beerbaron except CEH and it's never really been an issue. It totally depends what you want though. If you are looking at internal security/analyst type roles (of which there are opportunities for junior positions) then I would say it's less of an issue. If you want to be a full on Pentester then yes certs needed to speed things up (such as OSCP). Maybe web application security might be your thing, which has it's own set of stuff.

Security+ for me..I am not sure. Good learning experience and worth having, but I've not really ever seen the advantage of doing S+ AND CEH personally, and it's not something I've held against anyone for not having.

CEH is good for CV but isn't terribly well respected in the higher circles. It's a good stepping stone cert for sure with some good content.

I'd never pay for SANS out of my own pocket; you're talking best part of £5k per course if you want to do the live training.

Willingness and aptitude go a long way. If you're pretty switched on and fancy the challenge, OSCP would be the way forward and trumps most other certs.

100% agree with the software list there, essentual tools. Check out Kali Linux and Security Onion. I would add a solid knowledge of HTTP, SSL and web frameworks to that list aswell, as web security (WAF, DDoS mitigation etc) is a big industry.

And underlying networking knowledge is pretty important aswell. Knowledge of TCP, how firewalls work, and so forth...you canprobably see why the experience side is important!

Ultimately it's a very broad term covering basic junior analyst roles right up to hardcore pen testers and threat researchers. There is also the more policy/managerial side (CISSP is your friend there), so it really depends what aspect of cyber security you are looking to get in to.

Junior SOC and Network Security Engineer roles would be a really good starting point if you can find a suitable role, and you can branch out from there.

Good luck!

Beerbaron · 27 Jul 2017 at 19:57

I currently hold CompTIA N+, S+, Certified Ethical Hacker, CISSP and CISM. Experience is definitely key.