Hello everyone, So I came here for some advice. I recently just graduated from a cyber security bootcamp and now have been thrown into the wild. I earned some cloud certifications and AWS Cloud Practitioner and MicroSoft Azure Fundamentals. Now it is time for a real core certification. I am looking to go more into the risk management side I do like and know my technical side of Information Security but the Risk aspect is what I am looking to get into. So I have 0 work experience so I cant even get my SSCP. I dont know if my education covers it I did one year at college for Computer Science, and 450 hours (3 Months) in the bootcamp. If someone can help me find out if that covers it i'll go get the SSCP right now. I am thinking about just getting my CISSP and that will open the doors I need to get a job.
Please let me know your thoughts thank you so much!
It sounds to me as if your most immediate priority is to get some relevant work experience. Your aim may need you to take some sideways steps. I'll explain:
1. Formal InfoSec qualifications act as an entry barrier to the field, with many job add asking for several even for the most junior positions
2. The formal qualifications have a work experience requirement (see 1)
So it seems chicken and egg. So what you could examine if joining an organisation in a related IT role, gaining some relevant work experience and looking for internal vacancies isn't a worthwhile option.
Thank you for your advice! Should I still go after my sscp at least? I will have 2 years to get the one year done!
@Steve-Wilme already answered that.... "It sounds to me as if your most immediate priority is to get some relevant work experience".
There is no prohibition against continuing your education after you have the job, and it comes with a few benefits, such as (1) income to pay for the exam -- and the possibility of getting somebody else to pay, (2) OTJ knowledge that will make passing easier, (3) reduced risk of running out the certification clock.