I currently work in threat research and I have my OSCP (along with a lame SANS cert). I agree with what everyone has said in this post so far and would like to add some insight.
Do a lot of research into the certs you want to get. I'm a bit confused because you said you want the CEH, but then you want to do blue/purple/green team. I thought it was a red team cert, so make sure it applies to what you want it to apply to. There are more relevant certs for blue teams. Green team sounds like what you're doing now, just with maintaining vulnerabilities.
The OSCP test I took was a 24 hour practical exam where I had to hack into at least 4/5 lab machines. I took 60 days of studying which I started after learning the ropes on HackTheBox. The test wasn't so bad, easier than a lot of the lab machines. It took a lot of studying and definitely isn't for everyone though.
I started in the SOC at a small, local information security consultancy (it was an MSSP). Certs can really help get your foot in the door. I think your associates degree in cybersecurity is incredibly helpful with that as well. Always get your job to pay for certs as much as possible. If you want to get into security, you'll want to get the certs or do a lot of outside work training, like setting up relevant labs. You might have to work a crappy SOC job for a little bit, depending on what you want to do. SOCs are regularly hiring though. Let me know ifyyou have any specific questions, either on here or a PM.
(you need an account to see links) and $(you need an account to see links) said is pretty much correct. I had a similar career path as $(you need an account to see links) as well. I have a Honors in Computer Science and started out at helpdesk position at a quasi government company that was essentially a proxy to the official government. I moved up to network admin then to infosec/cybersecurity. I have my ITIL, CCNA and CISSP. My company paid for all my certs as they pay for education that benefits the company and also we were required to have them. As they both stated some certs are very easy and are meant for entry level roles that introduce you to the IT world like ITIL (which is a cert meant for client services just to get you acquainted with dealing with IT clients and handling tickets). While other certs like CCNA are vendor specific certs meant for a little higher roles like networking. And other certs like CEH are for specialty roles such as a becoming a pen tester. While higher end certs like CISSP are meant for managerial/director positions. You acquire each one of these certs sequentially as you advance your career (of course they are not required for every job and each company has a different policy along while taking to account each person's experience which is different). But generally as you advance your career and knowledge you acquire them to better stand out from the competition and also it boosts your confidence going into the higher role so you don't set yourself up to fail.
Certs are generally more relevant in the IT/MIS industry than in the Software Development industry. And also certs are required in most government jobs. If you live in the US and want to get into cybersecurity you will need clearance if its a government company. If its not a government company you may or may not need clearance depending on the job you are doing, and certs will be an asset and/or required. For instance there are a lot of high paying cybersecurity jobs with the DoD (Department of Defense) as cyberattacks are considered a threat to national security. So you will need clearance and they also require certs since generally speaking government hiring practices are more strict and they try to be as objective as possible out of fairness as opposed to more private companies. So they require certs which cuts a lot of applicants down in a more objective way. Government jobs are also much safer as well as mentioned by someone before, compared to like big tech companies like FAANG. Government jobs also tend to have better work/life balances, benefits and lower stress. Essentially golden handcuffs.
You said that your concern was that you are not sure if you would use the skills in the certs and would forget them, and were wondering if they are like academic degrees? Simply put, all degrees and certs are in my personal opinion useless and you will forget most of what you learned in them no matter what. I have two Honors Degrees, multiple certs and a plethora of other training and I can tell you I don't remember half of it. But it doesn't matter, degrees/certs are akin to a driver license. You study for your driver license then you write the test or take a 15 min course and pass then you can drive, congrats. But does that mean you are as good of a driver compared to someone like your Dad who has been driving for 40 years? No. That is where experience comes into play. Its just common sense, the more you do something, the more it becomes second nature. Practice makes perfect. So if you are worried about forgetting the skills, don't be, the certs/degrees are just to confirm your knowledge and aptitude and to secure you the higher jobs. Once you start working in the job itself you will build your skills naturally and stay on top of your game as you continue to work. This is why boomers prefer experience over degrees/certs but naturally no young person has 30 years before they can start their cybersecurity career. So that's why you get a few years of experience in, get the certs/degrees and secure the job, once you have it just build your experience and keep your skills sharp. Also don't be afraid to fail, I had a guy where I work, failed our required ITIL cert 3 times, but they never fired him or anything. It happens, just as long as you learn from your mistakes.
Now you said you want to go into cybersecurity over sysadmin and are interested in the red/blue team or digital forensics side of it. That's good you have a target in mind. And you already are a sysadmin and work in a University setting which is good. Because Universities tend to have proper protocols and Unions similar to governments. Hiring managers at government agencies will see that you have work experience in a unionized environment at a well known University as a definite plus. And if you choose to apply at your University's Cybersecurity team then it will be easier since you are an internal candidate. I would suggest talking to your Cybersecurity team manager for information on what education/experience/certs they are looking for since each manager and company has different way of hiring.
As for the exams and certs themselves. It depends on your level of knowledge and comfort with the material itself. For instance I took the ITIL and the CCNA and looked over at the material for the cybersecurity certs such as the Security+ and other security certs like CISSP and realized I already knew most of this stuff so I didn't bother doing Security+ or CEH or Pen+ and just went straight for the CISSP with self study and passed. So you can skip some depending on your knowledge base. Generally for Cybersecurity it goes Security+ > CEH/OSCP > CISSP/CISA/CISM. If you want study material and detailed advice I suggest you go on reddit and there are subreddits entirely dedicated to each individual cert. They have all the advice, resources, success stories etc. you need to help you prepare and become confident before sitting in an exam. Note that some certs are easy and take a few weeks of study while others take months and the degree of difficulty is similar to a university level course. Also since you work at a University, they might offer you classes for the certs as well at a discounted rate so I would take advantage of that as well.
I personally would not get a Masters/PHD in cybersecurity because you do not need it. Universities tend to push students into academic streams such as Masters/PHD programs to make money, their crooked in that sense...An Honors Degree would do it. So if you have an Associates degree currently I would look into boosting it to an Honors Degree because a lot of the cybersecurity jobs require Bachelors with certs OR since you already work as a sysadmin you could continue to build experience in exchange of the Degree requirement, which is something companies also consider especially government companies. But since you said your coworker has been working for 7 years and is locked in the sysadmin role but you would like to continue your education so you can move ahead quicker, then I would recommend upgrading your Associates to a Honors Degree and studying for the certs then applying for Cybersecurity Roles like L1 SOC analysts etc. Once you are in then you can adjust your path based on your liking and affinity for the specialized cybersecurity area, such as GRC/AppSec/Digital Forensics etc.
Last edited by Stunna; 01-05-2024 at 12:51 AM.
wait besties. what about the Google Certifications? will those help get a job easier since it's by a "BIG" name?
Just because it’s a big name doesn’t automatically give it credence. You could have all the Google, Apple, Microsoft certs you want - but if they don’t properly showcase your skills, it won’t help. The main point of a cert is to back up the talk you give off with industry standardized results.
What's my definition of success?
Creating something no one else can
Being brave enough to dream big
Grindin' when you're told to just quit
Giving more when you got nothin' left
Alcremie (4 Weeks Ago)
google offers a Cyber Security certificate (says Foundational?) as well as an IT Support cert that has like three levels Foundational, Advanced, and Industry Specialization.
Regional differences are also something to consider, different certs hold weight differently depending on where you live.
Currently studying for my CISSP, I've had one attempt and bombed it like a year ago - I currently work as an InfoSec consultant.
Certs I got in the order I got them
Some ITIL stuff (required for the job at the time)
CEH (for me, useless tbh)
and now hopefully by the summer my CISSP will be done.