Trying to get into Infosec

[evilmaus]

Hello all.

I am a recent college graduate with an undergrad in MIS and an MBA graduate degree. I've been fascinated by security since I got wind of Backtrack, back when version 2 was in beta. I currently have no specialization backed up with a few years of experience, which is killing my job search. I have a decent understanding of networking, though I have no certifications to back that up. The same goes for computer hardware and linux. I'm probably 3/4ths the way to an entry-level cert in all of those.

All of that said, what is the best path into an infosec job? Should I try to get networking certs and a network admin job for a few years and then transition over or should I try to go straight for infosec certs and try to get in directly? For whichever path I take, what certifications should I get and in what order? (I'm itching to take backtrack 101 and later, backtrack to the max.)

Thank you very much!

[T1ckT0ck]

Hello all.

I am a recent college graduate with an undergrad in MIS and an MBA graduate degree. I've been fascinated by security since I got wind of Backtrack, back when version 2 was in beta. I currently have no specialization backed up with a few years of experience, which is killing my job search. I have a decent understanding of networking, though I have no certifications to back that up. The same goes for computer hardware and linux. I'm probably 3/4ths the way to an entry-level cert in all of those.

All of that said, what is the best path into an infosec job? Should I try to get networking certs and a network admin job for a few years and then transition over or should I try to go straight for infosec certs and try to get in directly? For whichever path I take, what certifications should I get and in what order? (I'm itching to take backtrack 101 and later, backtrack to the max.)

Thank you very much!

I know this is going to sound retarded BUT do your Network+ and then Security+. It's a start.

[evilmaus]

Not retarded at all. I have no certifications and I don't know the first thing about them. I just know that I liked playing around with my computer and learning what I can. I'll register for those two and a couple of others, as soon as I manage to get into the pearsonvue website, then go for Backtrack 101. As for jobs, do I need a few years of network experience before jumping over? And, what are the ultimate security-related certs that I should be building toward?

Thank you.

[T1ckT0ck]

Not retarded at all. I have no certifications and I don't know the first thing about them. I just know that I liked playing around with my computer and learning what I can. I'll register for those two and a couple of others, as soon as I manage to get into the pearsonvue website, then go for Backtrack 101. As for jobs, do I need a few years of network experience before jumping over? And, what are the ultimate security-related certs that I should be building toward?

Thank you.

I would say yes some networking background will help, understanding how the OSI model works and how the protocols work is a must in my opinion. The two high-end certifications I hear about are the offensive security and Cisco CISSP. You say you have a decent knowledge of networking, you can probably test Network+ without studying, it's basic stuff.

[thorin]

Here are some recent threads on or related to this topic:
http://forums.remote-exploit.org/showthread.php?t=16128
http://forums.remote-exploit.org/showthread.php?t=15109
http://forums.remote-exploit.org/showthread.php?t=8558

http://forums.remote-exploit.org/sho...02&postcount=5

Validity/usefulness of certs largely depends on geography and market.