Cyber Security Career Advice
•Download as PPTX, PDF•
10 likes•2,220 views
This the first edition of the Trainers Underground will cover topics of career advice, cyber security certifications, and other topics like marketing yourself. Using LinkedIn and cyber security certifications.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Cyber Security Career Advice
Similar to Cyber Security Career Advice (20)
More from Donald E. Hester
More from Donald E. Hester (20)
Cyber Security Career Advice
- 1. CAREER ADVICE FOR A CAREER IN IT AND CYBER SECUERITY
- 2. GETTING STARTED IN A NEW CAREER •Get the lay of the land • What are some of the best sources • Trade publications •Information saturation • Get as much information as you can • Different levels, different aspects •What types of jobs are there • What is the job market like • What is the average pay
- 3. TOWARD A STABLE CAREER •Your career rests on 4 legs •Experience •Certifications •Education •“Who you know”
- 4. YOUR CAREER PROFILE 7 3 0 10 20 30 40 50 60 70 80 90 100 Overall Career Score 60% 40% 50% 30% 50% Educati on Certificatio ns Vendo r Neutra l Vendo r Specifi c Experience SMB Enterpri se 60% CE Degre e
- 5. YOUR CAREER PROFILE 40% 40% 10% 60% 15% Educati on Certificatio ns Vendo r Neutra l Vendo r Specifi c Experience SMB Enterpri se 5 5 0 10 20 30 40 50 60 70 80 90 100 Overall Career Score 30% CE Degre e
- 6. YOUR CAREER PROFILE 10% 10% 60% Educati on Certificatio ns Vendo r Neutra l Vendo r Specifi c Experience SMB Enterpri se 2 5 0 10 20 30 40 50 60 70 80 90 100 Overall Career Score 10% CE Degre e
- 8. CYBER SECURITY CERTIFICATIONS CISSP CISM CISSP ISSMP CAP CISA GSNA SSCP CASP Security+ CISSP ISSEP/ ISSAP CSSLP Management / Risk Audit Software Dev Network / Communicatio ns
- 9. (ISC)2 CERTIFICATIONS (ISC)2 International Information Systems Security Certification Consortium, Inc. Website: www.isc2.org Certifications Associate of (ISC)² SSCP: Systems Security Certified Practitioner CAP: Certified Authorization Professional CSSLP: Certified Secure Software Lifecycle Professional CISSP: Certified Information Systems Security Professional CISSP Concentrations: ISSEP, ISSAP, ISSMP Professional Certification (ISC)2 certifications require ongoing continuing education to maintain certification.
- 10. ISACA CERTIFICATIONS Information Systems and Control Association (ISACA) Certifications CISA: Certified Information Systems Auditor CISM: Certified Information Systems Manager CGEIT: Certified in the Governance of Enterprise IT CRISC: Certified in Risk and Information Systems Control Website www.isaca.org Professional Certification ISACA certifications require ongoing continuing education to maintain certification.
- 11. COMPTIA CERTIFICATIONS CompTIA certifications Website: www.comptia.org Certifications A+ - Computer Support Technician Network+ - Network Support Technician Security+ - Entry level security certification CASP - CompTIA Advanced Security Practitioner RFID+ - RFID professionals CTT+ - Certified Technical Trainer Project+ - IT Project Management Others: Server+, Linux+, CTP+, CDIA+, PDI+
- 12. SANS INSTITUTE CERTIFICATIONS Website: www.giac.org Certifications GIAC (Global Information Assurance Certification) GSNA (GIAC Systems and Network Auditor) G7799 (GIAC Certified ISO-17799 Specialist) GCFE (GIAC Certified Forensics Examiner) GCFA (GIAC Certified Forensic Analyst) GREM (GIAC Reverse Engineering Malware) GLEG (GIAC Legal Issues) GISP (GIAC Information Security Professional) GCPM (GIAC Certified Project Manager Certification) GISF (GIAC Information Security Fundamentals)
- 13. SANS INSTITUTE CERTIFICATIONS (CONT.) Website: www.giac.org Certifications GIAC (Global Information Assurance Certification) GSEC (GIAC Security Essentials Certification) GWAPT (GIAC Web Application Penetration Tester) GCED (Certified Enterprise Defender) GCFW (GIAC Certified Firewall Analyst) GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCWN (GIAC Certified Windows Security Administrator) GCUX (GIAC Certified UNIX Security Administrator) GPEN (GIAC Certified Penetration Tester) GAWN (GIAC Assessing Wireless Networks)
- 14. DODD 8570 All IA (Information Assurance) jobs require certification.
- 15. DODD 8570 (CONT.) All IA (Information Assurance) jobs require certification. Level Qualifying Certifications CND Analyst GCIA, CEH CND Infrastructure Support SSCP, CEH CND Incident Responder GCIH, GSIH, CEH CND Auditor CISA, CEH, GSNA CN-SP Manager CISM, CISSP-ISSEP
- 16. SECONDARY CERTIFICATIONS • Project Management Professional – PMP (PMI) • Project+ (CompTIA) • ITIL V3 Foundation Certificate in IT Service Management • Microsoft Operations Framework • Six Sigma
- 17. USING LINKEDIN
- 18. DASHBOARD
- 23. CERTIFICATIONS • List your current certifications • Expired ones if applicable • Helps with search
- 24. SKILLS • Limited to 50 • Need to endorse other people • Typically the more you endorse the more likely you are to be endorsed • Don’t endorse skills for people that don’t have them • Again this comes up in searches
- 25. EDUCATION • Be as complete as possible • Add grades is applicable • Don’t forget dates • Don’t forget degree • Add activities and societies if applicable • Consider listing classes
- 26. LIST COURSES • You can add course from any schools you have listed • You may limit to relevant classes related to your profession • Again may lead to you showing up in a search
- 27. HONORS AND AWARDS • Think of it as extra credit • It may or may not help in selection for interview • Generally it doesn’t hurt • Depending on the wording it may help bring you to the top of searches
- 28. VOLUNTEER • Always considered a plus for resumes • Again betters your chances at turning up in search results
- 29. EXTRA INFORMATION • Add any professional organizations you belong to • These are extra points in your behalf • Additional info, give yourself a personality, not just another resume, a person
- 30. RECOMMENDATIONS • Best way to get them is to give them • Again only give them to people you know • People that have the skills • Sometimes applicants are not allowed to turn in letters of recommendation • But you can give them a link to your LinkedIn profile…
- 31. GROUPS • Join ones related to your career path • You can only join 50 • So pick them wisely • Look for groups with more activity
- 32. GROUP DISCUSSIONS • Being active in groups is a good way to be noticed • Keep it professional
- 33. INTERACT – KEEP IN TOUCH • Stay in touch with keep people • You can say congrats for work anniversaries • Keep it professional
- 34. UPDATES • Add value to the community • Post useful updates • Again keep it professional • Track your impact
- 35. OTHER STUFF • LinkedIn often has suggestions • Try some of them out • LION in someone's profile means they are open to connecting
- 36. IT ALL ADDS UP
Editor's Notes
- Certifications See Also Top 5 IT Security Certifications for 2011 Employers, Recruiters Identify the Most Valued Infosec Certifications December 30, 2010 - Upasana Gupta, Contributing Editor http://www.govinfosecurity.com/articles.php?art_id=3222
- (ISC)2 Certifications (ISC)2 International Information Systems Security Certification Consortium, Inc. Website: www.isc2.org Certifications Associate of (ISC)² SSCP: Systems Security Certified Practitioner CAP: Certified Authorization Professional CSSLP: Certified Secure Software Lifecycle Professional CISSP: Certified Information Systems Security Professional CISSP Concentrations: ISSEP, ISSAP, ISSMP Professional Certification (ISC)2 certifications require ongoing continuing education to maintain certification. Associate of (ISC)²: Pass the SSCP or CISSP exam but do not have the required work experience. SSCP: Covers seven areas of practice or domains: Access Controls, Cryptography, Malicious Code and Activity, Monitoring and Analysis, Networks and Communications, Risk, Response and Recovery, Security Operations and Administration CAP: Covers seven domains of knowledge aligned with NIST Risk Management Framework CSSLP: Covers seven domains of knowledge concerning secure software development CISSP: Cover 10 broad domains of information systems security. The CISSP was the first credential in the field of information security, accredited by the ANSI (American National Standards Institute) to ISO (International Organization for Standardization) Standard 17024:2003. CISSP Concentrations ISSAP: Information Systems Security Architecture Professional ISSEP: Information Systems Security Engineering Professional ISSMP: Information Systems Security Management Professional (ISC)², CISSP, CAP, ISSAP, ISSEP, ISSMP, SSCP and CBK are registered certification marks of (ISC)², Inc.
- ISACA Certifications Information Systems and Control Association (ISACA) Certifications CISA: Certified Information Systems Auditor CISM: Certified Information Systems Manager CGEIT: Certified in the Governance of Enterprise IT CRISC: Certified in Risk and Information Systems Control Website www.isaca.org Professional Certification ISACA certifications require ongoing continuing education to maintain certification. CISA is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems. The CISM certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. CRISC recognizes a wide range of professionals for their knowledge of enterprise risk and their ability to design, implement, monitor and maintain IS controls to mitigate such risk. The CGEIT certification program was designed specifically for professionals charged with satisfying the IT governance needs of an enterprise. The American National Standards Institute (ANSI) has accredited the CISA & CISM certification under ISO/IEC 17024:2003, General Requirements for Bodies Operating Certification Systems of Persons. ANSI, a private, nonprofit organization, accredits other organizations to serve as third-party product, system and personnel certifiers CISA, CISM, CGEIT, CRISC and ISACA are registered certification marks of ISACA
- CompTIA Certifications CompTIA certifications Website: www.comptia.org Certifications A+ - Computer Support Technician Network+ - Network Support Technician Security+ - Entry level security certification CASP - CompTIA Advanced Security Practitioner RFID+ - RFID professionals CTT+ - Certified Technical Trainer Project+ - IT Project Management Others: Server+, Linux+, CTP+, CDIA+, PDI+ The CompTIA A+ certification is the industry standard for computer support technicians. The international, vendor-neutral certification proves competence in areas such as installation, preventative maintenance, networking, security and troubleshooting. The CompTIA Network+ certification is the sign of a competent networking professional. It is an international, vendor-neutral certification that proves a technician’s competency in managing, maintaining, troubleshooting, installing and configuring basic network infrastructure. CompTIA Security+ is an international, vendor-neutral certification that proves competency in system security, network infrastructure, access control and organizational security. CompTIA RFID+ is an international, vendor-neutral certification for IT professionals with six to 24 months of experience in RFID technologies. CompTIA CTT+ is an international, vendor-neutral certification that covers core instructor skills, including preparation, presentation, communication, facilitation and evaluation in both a classroom and virtual classroom environment The CompTIA Project+ certification is an international, vendor-neutral certification that covers the entire project life cycle from initiation and planning through execution, acceptance, support and closure
- SANS Institute Certifications Website: www.giac.org Certifications GIAC (Global Information Assurance Certification) GSNA (GIAC Systems and Network Auditor) G7799 (GIAC Certified ISO-17799 Specialist) GCFE (GIAC Certified Forensics Examiner) GCFA (GIAC Certified Forensic Analyst) GREM (GIAC Reverse Engineering Malware) GLEG (GIAC Legal Issues) GISP (GIAC Information Security Professional) GCPM (GIAC Certified Project Manager Certification) GISF (GIAC Information Security Fundamentals)
- SANS Institute Certifications (cont.) Website: www.giac.org Certifications GIAC (Global Information Assurance Certification) GSEC (GIAC Security Essentials Certification) GWAPT (GIAC Web Application Penetration Tester) GCED (Certified Enterprise Defender) GCFW (GIAC Certified Firewall Analyst) GCIA (GIAC Certified Intrusion Analyst) GCIH (GIAC Certified Incident Handler) GCWN (GIAC Certified Windows Security Administrator) GCUX (GIAC Certified UNIX Security Administrator) GPEN (GIAC Certified Penetration Tester) GAWN (GIAC Assessing Wireless Networks)
- DoDD 8570 All IA (Information Assurance) jobs require certification. IAT Information Assurance Technical IAM Information Assurance Management IASAE Information Assurance System Architecture and Engineering
- DoDD 8570 (cont.) All IA (Information Assurance) jobs will require certification. CND Computer Network Defense