Good day,
I know there are some very smart(much smarter then me) Cybersecurity professionals on here, and I need some guidance. Within the next year and a half I will be leaving my current career in the military to pursue a role in the civilian sector. What did you do to make a successful career? Things you regret doing or not accomplishing? How do i "Sell my skills" to potential employers and hiring managers?
Things about me
I have four years in the cyber career feild and currently maintain a security clearance. The first two years were centered around Hostbased security solutions and client endpoint protection, doing threat event monitoring and managing/configuring firewall policies and system compliance. My last two years have been more focused on the administrative side doing Information assurance and cybersecurity liason work, granting people accounts, making sure mandatory security documents are processed correctly to allow users/admins to operate on our systems.
Formal trainings:
NMCI: Networking training - Network equipment familiarization including Cisco and Brocade networking devices, physical layer troubleshooting to include identifying layer one problems, identifying the differences in vLANs, configuring ports for use, toning cables, and identifying unlabeled networking cables.
Apogee Engineering: CSCS FTU - Management, maintenance, building, patching, upgrading, and restoring of Host Base Security System suite, and the identification/ definition/ remediation of threats to proactively defend critical IT assets
Six Sigma: GreenBelt -Improves the ability to confidently discuss rather complex subjects, effectively solve problems, provide useful recommendations, effectively finishing projects, and reducing operation costs for the organization.
Air Force: Cyber190- Improve understanding of networking concepts and cyberspace operations to develop foundational capability in support of full-spectrum cyberspace operations.
Certifications:
Security+
CC by ISC2
Microsoft 365
HBSS 201
HBSS 301
I am currently studying for the CYSA+ exam, and I plan on taking CASP right after.
Also I am three classes away from an associates degree.
*EDIT*
Thank you to those who gave me a better direction and great information towards my cyber career.
Thank you for the valuable information, i will be sure to join one of the groups you mentioned.
@dcontesti wrote:I started my career in Security as I was the only one in the company that knew what Kerberos was ....LOL.
This made me laugh thank you for that.
I note that you say you have the Security+, according to this site:
https://www.isc2.org/certifications/cissp/cissp-experience-requirements
You may be eligible to qualify for a one year experience waiver on the CISSP.
I know very little about the CYSA+ exam, or the CASP but with four years experience and one year for the Security+, I think I would be inclined to take the CISSP
Katastrophe wrote:
What did you do to make a successful career? Things you regret doing or not accomplishing? How do i "Sell my skills" to potential employers and hiring managers?
Those are loaded questions but I would suggest that you join one of the local Security groups/chapters (ISC2, ISSA, ISACA, etc.), mingle with those folks, talk with Security vendors/contractors, so in general build your network. If you can attend security briefings, etc. In other words be a sponge and absorb as much as you can. I started my career in Security as I was the only one in the company that knew what Kerberos was ....LOL.
Selling yourself? Be polished, do not BS the interviewer (it is okay to say that you do not know), highlight your accomplishments in a positive way, seek help from those organisations that I mentioned in reviewing your resume.
Have a great day
d
Maybe I had the wrong attitude towards the CISSP. I was aware of the "Associate status" Its just a bit intimidating to jump from an entry level certification to one on a professional level. I will get the study materials you suggested and give it my best shot. Is there anything else you suggest i work on before I get out?
You can take the CISSP before you have the experience and get "Associate of ISC2" status.
Thing is, most employers know of the CISSP. Few will know of the CASP or CySA. Security+ they know. Hence am leery of advising people to get those and it be a waste of money ESPECIALLY when you are close to being able to get the CISSP. If it was 2-3 years out, then I'd say get them.
Doesn't take a year to study for the CISSP. I got the CBK book at the time, read thru it over a few weeks, got a practice exam book and worked thru it and took and passed the exam. If you have cybersecurity experience, studying will be a mix of reviewing stuff you know, reviewing stuff you used to know, and learning some new stuff.
I would think a combo of the current official study book & practice exam book would do the job.
I need another year of work experience to claim the CISSP, however since you dont think the cysa or casp is worth the time i could use that year to study the cissp. As for the greenbelt cert I dont have it, but now that i know it would be useful I look into getting that too.
If you have the experience get the CISSP and don't bother with the CASP (or the CySA).
You say you have Six Sigma Green Belt training. Did you get any kind of certificate/certification? That is certainly worth putting on your resume.
Good day,
I know there are some very smart(much smarter then me) Cybersecurity professionals on here, and I need some guidance. Within the next year and a half I will be leaving my current career in the military to pursue a role in the civilian sector. What did you do to make a successful career? Things you regret doing or not accomplishing? How do i "Sell my skills" to potential employers and hiring managers?
Things about me
I have four years in the cyber career feild and currently maintain a security clearance. The first two years were centered around Hostbased security solutions and client endpoint protection, doing threat event monitoring and managing/configuring firewall policies and system compliance. My last two years have been more focused on the administrative side doing Information assurance and cybersecurity liason work, granting people accounts, making sure mandatory security documents are processed correctly to allow users/admins to operate on our systems.
Formal trainings:
NMCI: Networking training - Network equipment familiarization including Cisco and Brocade networking devices, physical layer troubleshooting to include identifying layer one problems, identifying the differences in vLANs, configuring ports for use, toning cables, and identifying unlabeled networking cables.
Apogee Engineering: CSCS FTU - Management, maintenance, building, patching, upgrading, and restoring of Host Base Security System suite, and the identification/ definition/ remediation of threats to proactively defend critical IT assets
Six Sigma: GreenBelt -Improves the ability to confidently discuss rather complex subjects, effectively solve problems, provide useful recommendations, effectively finishing projects, and reducing operation costs for the organization.
Air Force: Cyber190- Improve understanding of networking concepts and cyberspace operations to develop foundational capability in support of full-spectrum cyberspace operations.
Certifications:
Security+
CC by ISC2
Microsoft 365
HBSS 201
HBSS 301
I am currently studying for the CYSA+ exam, and I plan on taking CASP right after.
Also I am three classes away from an associates degree.
*EDIT*
Thank you to those who gave me a better direction and great information towards my cyber career.