What a great post! I just started my journey into the INFOSEC field about a month ago. (I’ve been a lurker here for about that long) I currently work in a computer help desk for a big company and after being here for 10 years I am finally wanting to do something more exciting. Back in 2006 I got a few cisco certs and some comptia certs. I am wanting to get into NETSEC and pentesting.
I guess I would love a little guidance with what I should do. I do not have a degree and it would all be self taught. I’ve started studying for my A+ exam because I thought it would offer a good refresher on the basics of computers etc but now I feel like maybe thats a waste of time. I really want to get a job in INFOSEC in about a year or so. Should I instead focus my time learning Linux,network and studying for the OSCP cert? I have already setup a virtual lab using virtualbox and I am starting to learn tools like Kali and backbox.
Below is some information I put together for “a plan” for reaching my end goal of getting into INFOSEC. I do feel its CERT heavy and I may not need everything I have in it.
Certifications I need for obtaining a job in INFOSEC/NETSEC.
MCSA: Windows Server 2016
Certifications to get after I get a job in INFOSEC/NETSEC.
Linux Foundation Certified Engineer (LFCE)
Kali Linux Certified Professional (KLCP)
Offensive Security Certified Professional
Certified Ethical Hacking Certification
Certifications I need to get once I am in a security role for 4+ years
GIAC Penetration Tester (GPEN)
GIAC Mobile Device Security Analyst (GMOB)
GIAC Web Application Penetration Tester (GWAPT)
GIAC Assessing and Auditing Wireless Networks (GAWN)
Programming I need to learn.
I guess I just need some help with how I should go about this thing.
maderas you seem VERY knowledable in what you do and thank you so much for taking the time out of your busy schedule to help us that are just starting out.