Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: IT certification/career questions

  1. #1
    Junior Member whiterabbit7500's Avatar
    Join Date
    Feb 2010
    Location
    in your server
    Posts
    33

    Default IT certification/career questions

    Seeing as the large majority of members here appear to be in the field I'm looking to get into, I feel it's an appropriate place to ask about what certifications to acquire.

    **Note: I'm not a n00b, or a kid trying to get into this as a hobby, although I'm sure the question may make me appear that I am...

    I'm a 23 year old college student, A+ certified (IT tech elective) , and looking to get into the IT field. My long-term goal is to work as a pen-tester/EH, and one day open my own firm. I'm in a bit of a catch-22 in that most certifications I feel I should go for (Network/Security+, CCNA, CEH, etc.) all require, or at least, strongly recommend moths, if not years, of on-the-job training and experience. Right now I'm working as a retail PC tech (think wannabe Geek Squad) at a office supply store, which, in all honestly, I feel a monkey can do. How can I move up the ladder to a position that will get my feet-wet with IT/networking, but without needing the certifications? A better question might be, how can I gain the job-site knowledge and experience for the certifications?

    I know the economy is crap right now, so jobs are few and far-between, especially in the entry-level IT field, but any help or insight you all can provide would be greatly appreciated.

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    http://forums.remote-exploit.org/gen...s-quality.html

    In my experience you have 3 things that make up this field. Certs/Experience/Education. Some argue one is better than the other, imo all 3 of those fields compliment each other. It's up to you.

    I went with CCNA first and it got me a job working on Cisco switches. To each their own.

  3. #3
    Junior Member whiterabbit7500's Avatar
    Join Date
    Feb 2010
    Location
    in your server
    Posts
    33

    Default

    CCNA and Networking+ are my obvious next step, but what I'm concerned about is the fact that both require some sort of hands on knowledge, which at my current position I have absolutly none...

  4. #4
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Quote Originally Posted by whiterabbit7500 View Post
    CCNA and Networking+ are my obvious next step, but what I'm concerned about is the fact that both require some sort of hands on knowledge, which at my current position I have absolutly none...
    Then you need to get an entry level position (ex: helpdesk) somewhere. Get some experience then go for the certs. Like I said they all tie into each other.

  5. #5
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    My advice is to start with a Diploma or Degree level course in a field related to systems/network administration, then go for an entry level sysadmin/netadmin job. Get a helpdesk job if you cant find a sysadmin position, but try and move to a sysadmin position as quickly as possible - choosing a company that may let you move from the helpdesk role after acquiring enough experience. Spend some time in the sysadmin role (a few years) and then look for a move to a role with more of a security focus.

    You can add certifications as you progress if you like. CCNA is good, SANS certifications are good (you might want to focus on GPEN if pen testing interests you), Microsoft certs are OK (easy to get at least) and CEH - well I don't have a high opinion really, but it is relatively well known. Be aware that certifications are more valuable in particular environments than they are in others. Check jobs postings in your area to see and maybe check with some IT recruiters.

    The above path is pretty much the one I followed, although I also went back to Uni three years ago to get a Masters in an IT Security Specialisation, which I believe has helped me. The general IT experience especially regarding networking is absolutely necessary in my opinion before you can effectively pen test.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #6
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    5

    Default

    If you don't have certs you will need experience.. if you don't have experience you will need certs.

    Its all about getting your foot in the door, then its up to you to impress them enough in an interview. Show that you have a passion for learning and for security.

    Unfortunately like you said, its a catch 22. Certs are expensive and experience is hard to get. However it can be done. I myself managed to move from doing my Diploma and working in a local pc store, directly into a security focused role.

    Regarding training: I have done many SANS courses and they have all been great, especially the GPEN if you want to get into security, however that brings up the $$$ issue again.

    My recommendation is spend the $700 USD and get the OSCP. Its cheap and a fantastic course.
    Try and enhance any security aspects of your work on your CV.
    Hit up all the security companies you can find.
    Aim high.

    Breaking into the industry is the hard part...

  7. #7
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    1

    Default

    One extremely important thing for ppl in college, ppl just out of college, or even kids still in high school... Internships. The experience that even an unpaid internship gives you, is like money in the bank now-a-days. Your college should be able to help you find an internship, or check out job posting websites.

    Certs are very overrated and really show nothing of your skill set. That being said, CISSP is a good certification to shoot for, although having this cert doesn't mean you know anything about anything... most 'larger' companies won't look at your resume for security positions without it.

  8. #8
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    5

    Default

    Quote Originally Posted by xxjxx View Post
    Certs are very overrated and really show nothing of your skill set. That being said, CISSP is a good certification to shoot for, although having this cert doesn't mean you know anything about anything... most 'larger' companies won't look at your resume for security positions without it.
    This is pretty much what I was alluding too. Certs are used as reference by companies in place of actual experience.

    The CISSP is most certainly a great cert to get as it will get you in the door, but you will also need 4-5 years experience before you can get it.

  9. #9
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by xxjxx View Post
    Certs are very overrated and really show nothing of your skill set. That being said, CISSP is a good certification to shoot for, although having this cert doesn't mean you know anything about anything... most 'larger' companies won't look at your resume for security positions without it.
    I have found, in my time as a helldesker, an admin, a consultant and an EDI, that some certifications are actually quite useful. If someone showed up with the OSCP I would look at them - over, say, a Bachelor of IT. Everytime I come across an IT group or team that are well run, they say the same thing. Everytime I see a government based organisation, they're not very decently operational, rely heavily on outside consultants, and all hold BoIT or similar qualifications.

    Personally, I have Network+ and an Apple certification, until this here crunch it was enough to get me into some seriously cushy work. Now I'm upskilling with OSCP, OSWP and any others I can get my hands on, while trading on my name and reputation to keep myself in rent. It's well worth every cent I've spent thus far.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  10. #10
    Junior Member whiterabbit7500's Avatar
    Join Date
    Feb 2010
    Location
    in your server
    Posts
    33

    Default

    tyvm for the insight guys, it really is appreciated. I'm working on my AS (mini-degree) in networking at the local community college right now, and seeking out an entrylevel spot like i mentioned before, so hopefully stuff starts happening soon.

    It's always great to hear from guys in the industry though, ty again

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •