Re: New to Cyber

IvanGuti

Hello Community,

My name is Ivan Gutierrez.

I have recently made the change in career to Cybersecurity.

I have been able to acquire the CompTia Security+, CySa+, and CSAP, the ISC2 CC and AWS Cloud Practitioner.

I am looking for guidance as to how I could continue on this path and hopefully acquire a new job in this field.

Even looking for a mentor that is willing to guide a person that has all the will to keep moving forward and make an impact wherever I go.

Thank you!

nkeaton

Just something to keep in mind but not to get discouraged over is that will hear ads about half a million unfilled positions. There are, but they are not at entry level and usually require 5 - 10 years of experience. I would suggest earning a SSCP as part of your journey towards a CISSP. It is similar to Security+ but much less expensive ($249 vs $404) and no performance based questions. It does require a year of experience but is the only ISC2 certification that would suggest to earn as an Associate of ISC2. The only down side is that the AMF goes up but covers all ISC2 certifications. Unfortunately Security+ no longer differentiates a candidate. The last brag I saw from CompTIA was over 700K certified. That is the competition which has flooded the job market with inexperienced people. This is not really CompTIA's fault as DoD recognized the certification. Private industry followed them. Now DoD has changed and values experience and education more. Hopefully private industry will follow them again. I agree with attending chapter meetings as suggested. Fortunately with ISC2 we are members already. I would also suggest OWASP and Infragard. Chapter meetings usually start with companies that are hiring. Look for cloud data centers in your area. Most people do not even know that they are there. Don't forget to work on your continuing education. Best wishes.

IvanGuti

@emb021 I cannot argue with that logic, and you have a very valid point.

Thank you again. I will take you advice and keep moving forward. See you in ISACA and ISC!!!

emb021

@IvanGuti YES, you will need to pay for membership. You paid to join ISC2, right?

For EVENTS, this will vary.

Conferences almost always have a fee, but BSides try to keep their costs low.

For meetings of associations, whether there is a fee to attend will vary. Some will be free, some will be a fee. There are groups that are totally free. My area has a few, including the Defcon groups.

Thing is, there are BENEFITS to being a member of an association, Just as there are BENEFITS to getting certified, thus there is a FEE to cover the costs of that association for which you BENEFIT from.

I am a PAID member of ISSA, ISC2, ISACA, IAPP because I benefit from my membership. And also have to pay for my certs with ISC2, ISACA, and SANS/GIAC, because I benefit from them.

Information security is a PROFESSION, and as professionals we often join professional associations to advance our careers. This is why I joined ISSA and later the rest.

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow

IvanGuti

Thank you very much Michael.

I will look into these. I have seen in some tht if I want to be able to attend or see these event i have to pay a membership or per event, I'll keep looking if I am able to attend some of these for free, or if not then invest in myself a bit more to attend these.

Thank again for taking the time to answer me.

emb021

@IvanGuti I hope you are networking with local infosec peers. Look for local chapters of ISSA, ISC2, ISACA, or home grown groups and attend them. This is you avenue to finding local roles. Also attend conferences. See if there is a BSides conference in your area, as many will have a career track with recruiters there etc. Or see if the local chapters (ISSA, ISC2, ISACA) have conferences you can attend.