Posted on Aug 20, 2015
Does anyone have any tips about getting into the Cybersecurity Sector?
8.29K
26
18
5
5
0
I am getting ready to start my bachelor degree at ITT Tech for Cyber security and information systems. I know that I am going to need certifications, I am just not sure where to start. Is anyone else having that problem?
Posted >1 y ago
Responses: 11
Like SSgt (Join to see) suggested, start with Security+. Then, you need to decide whether you want to be tech or mgmt. For mgmt. CISSP or CISM
for tech, depends on what you like but CEH, Certified Penetration Testing Engineer (CPTE), and EC-Council Certified Security Analyst (ECSA) are a few to choose from. Most of infosec team have either CEH or CISSP, but all of these are good.
for tech, depends on what you like but CEH, Certified Penetration Testing Engineer (CPTE), and EC-Council Certified Security Analyst (ECSA) are a few to choose from. Most of infosec team have either CEH or CISSP, but all of these are good.
(7)
(0)
SPC Tony Tarone
Excellent answer.
I would add a few things if you decide to be tech focused. Get a couple servers and setup a small honeypot environment. Linux systems are a good choice. Build a snort server, LAMP box ( say Wordpress and a mail server) for your honeypot and play with IP Tables or similar firewall. Then expose your honeypot to the world with some BS domain name pointing to the system (www & mail). It shouldn't take long before scans and attacks start.
While certifications are nice, a person who builds their own setup to analyze and defend attacks is better prepared for the real world.
Just my $0.02.
Tony
I would add a few things if you decide to be tech focused. Get a couple servers and setup a small honeypot environment. Linux systems are a good choice. Build a snort server, LAMP box ( say Wordpress and a mail server) for your honeypot and play with IP Tables or similar firewall. Then expose your honeypot to the world with some BS domain name pointing to the system (www & mail). It shouldn't take long before scans and attacks start.
While certifications are nice, a person who builds their own setup to analyze and defend attacks is better prepared for the real world.
Just my $0.02.
Tony
(1)
(0)
SFC Michael Jackson, MBA
SrA Sergii Convers - the licenses themselves usually range between $100 and $800. what gets expensive is pre-licensing training. training can costs anywhere from $50 to $10,000. Fear not, Employers sometimes pick up these costs if a commit to working for them a few years. some people cost save by using training subscription sites like cbtnugget.com, trainsignal.com, or udemy.com. there are many resources. Just find what works for you
(0)
(0)
What certifications have you looked at getting? I would get at a minimum get security +.
(3)
(0)
SSG Jessen....You have some really good certification intel here....this is not my field....that said.....what I did after ETS is go to indeed.com or government agency relevant websites....pull up relevant job postings and see what comes up as requirements....certifications change over time as technology progresses. Use the intel you have already received and use those as your search criteria on corresponding job sites to determine what the plan of attack would look like. Develop the plan and execute.....wish I had more.....as always....networking on LinkedIn and other networking of professionals will be extremely helpful for you. Kind Regards.
(2)
(0)
SGT Tom Kelly
Yeah....so this is what I was describing......Info found on Recruitmilitary.com....Cyber Security Jobs within 50 miles of Houston, TX
Displaying job search_results_presenters 1 - 10 of 104 in total
Cyber Intel Analyst Senior...looks like a salary at approximately....$60K-100K....found on indeed.com with Lockheed...Basic Qualifications
• 2+ years’ experience in tracking cyber espionage threat actors and or cybercrime activities. • 3+ years’ experience performing in-depth computer forensics, malware analysis, and investigating a wide variety of incidents such as targeted campaign intrusions, network intrusions, web defacements, malicious emails, root and user level compromises, worms, botnet infections and other anomalous activity. • Experienced in creating YARA and OpenIOC signatures used for tracking malicious code and adversary activities. • In-depth knowledge of TCP/IP and networking concepts, and hands-on experience with network monitoring tools (e.g., tcpdump, Wireshark). • Hands on experience working with cyber-attacks, persistence threats, different types of malware families, and DDoS activity. • Experience in researching and investigating exploits and system vulnerabilities. • Knowledge and hands on experience with regular expressions and other scripting languages (e.g., Perl, Python, Unix/Linux shell, Windows Scripting Host. • Experience with Intrusion Detection Systems (e.g., Snort/Sourcefire) and writing specialized and unique detection signatures.
Desired skills
• Knowledgeable in industrial control systems (ICS) and the cyber threats affecting them. • Familiarity with offensive attack sequences and defensible security. • Programming experience. • Experience with writing and editing technical documentation and operational procedures. • Working with visualization software such as Maltego, and i2. • Working knowledge of desktop word processing and communications software (Microsoft Office, Visio, Project, PowerPoint, Excel, etc.) • Possession of one or more industry standard certification such as CISSP, CISM, GCIH, CEH, GCFA, and GREM. - See more at: http://search.lockheedmartinjobs.com/ShowJob/Id/35871/Cyber%20Intel%20Analyst%20Senior#sthash.57rFbH6f.dpuf....Keep in mind....desired skills are not required skills....but they give you a lot more importance when it comes to considering you vs. someone else. get you a couple develop a career ladder and then determine the gap assessment....acquire training...if you are so inclined....and off you go....best of luck!
Displaying job search_results_presenters 1 - 10 of 104 in total
Cyber Intel Analyst Senior...looks like a salary at approximately....$60K-100K....found on indeed.com with Lockheed...Basic Qualifications
• 2+ years’ experience in tracking cyber espionage threat actors and or cybercrime activities. • 3+ years’ experience performing in-depth computer forensics, malware analysis, and investigating a wide variety of incidents such as targeted campaign intrusions, network intrusions, web defacements, malicious emails, root and user level compromises, worms, botnet infections and other anomalous activity. • Experienced in creating YARA and OpenIOC signatures used for tracking malicious code and adversary activities. • In-depth knowledge of TCP/IP and networking concepts, and hands-on experience with network monitoring tools (e.g., tcpdump, Wireshark). • Hands on experience working with cyber-attacks, persistence threats, different types of malware families, and DDoS activity. • Experience in researching and investigating exploits and system vulnerabilities. • Knowledge and hands on experience with regular expressions and other scripting languages (e.g., Perl, Python, Unix/Linux shell, Windows Scripting Host. • Experience with Intrusion Detection Systems (e.g., Snort/Sourcefire) and writing specialized and unique detection signatures.
Desired skills
• Knowledgeable in industrial control systems (ICS) and the cyber threats affecting them. • Familiarity with offensive attack sequences and defensible security. • Programming experience. • Experience with writing and editing technical documentation and operational procedures. • Working with visualization software such as Maltego, and i2. • Working knowledge of desktop word processing and communications software (Microsoft Office, Visio, Project, PowerPoint, Excel, etc.) • Possession of one or more industry standard certification such as CISSP, CISM, GCIH, CEH, GCFA, and GREM. - See more at: http://search.lockheedmartinjobs.com/ShowJob/Id/35871/Cyber%20Intel%20Analyst%20Senior#sthash.57rFbH6f.dpuf....Keep in mind....desired skills are not required skills....but they give you a lot more importance when it comes to considering you vs. someone else. get you a couple develop a career ladder and then determine the gap assessment....acquire training...if you are so inclined....and off you go....best of luck!
(0)
(0)
Read This Next