Information Assurance professional guidanceCareer Goals

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Home Forums Cyber Security Career Goals Information Assurance professional guidance

This topic contains 8 replies, has 4 voices, and was last updated by  cyops 4 years, 7 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
  • #30151


    So i have been in the IA field for over 5 years now and i feel pigeon holed in my current job, just doing essentially Helpdesk support 80% of the time, My career has revolved around vulnerability assessment tools and being in SME in that aspect on how to implement and configure them in customer environments. I have already scheduled out my CISSP, but do not really see that doing much good besides opening a few doors. so i am looking for some guidance from my fellow security professionals on how do i continue to build off what i have learned to eventually get into a more senior role?

    i also have a great interest in forensics i do see myself going into that field but i feel like i would have to start all over career wise, since i feel like i have do one or the other.



    Have you had the same job for five years? If so, within the job have you had any progression in terms of job roles? What is it that you are most interested in doing? Lots of questions, I know… But, it’s good to have a better understanding of someone before recommending anything.

    In regards to the CISSP, it does unfortunately meet a ‘tick box’ requirement for some roles. It never hurts to open a few doors. Perhaps working for a larger consulting company might be helpful? I’ve gone that route personally and it ends up giving you a lot of exposure to different roles.



    in the beginning i did have progression, i did a lot of traveling to customer sites to install the vulnerability tool and help them understand how to use it, but funding was cut and i only did traveling when we did training classes. in those classes it was more me babysitting the mobile systems and answering technical questions. I get tasks here and there but its never a big bite to “chew” on per se and have to find something to do with my time. i am the lead demo guy but now i just do tickets granted i am a “manager” but its not like i can tell who to do what tickets. so answer is not really any progression.

    i actually am going to reschedule my CISSP till end of 2016 and focus more on getting my RHSA and network+ and CASP since those provide more immediate benefit to myself




    also i would like to apply to be a ISSO but have no experience in that arena. How can i prepare?



    It sounds to me like you need to move on (sorry for the belated reply!) – at least it doesn’t hurt to look around for opportunities. In terms of certs, it won’t hurt to have the others first as CISSP is more of a well-rounded security one anyway…

    Unfortunately I’m not familiar with exactly what it means to be a ISSO. I googled the term and it seems to be an American term?



    ISSO=information system security officer 😉 but yes, i am looking around and seeing where things fall




    The good news is there’s not enough vulnerability management people. I personally think you’d be a great fit for an internal employee at an organization with a mature security program. Typically they need someone to deal with their vulnerability management program, however you’ll probably be able to do many other things since security teams are way understaffed.

    On the flip side, a lot of consulting firms need vulnerability management expertise. You could potentially do this is a consulting capacity and get trained up in something else like DFIR when you’re not billable.



    Thanks for the replies everyone! though not many places will help with training if its not related to the field your in. besides going the cert route and paying a hefty pricetag for training. any other ideas getting Forensic training?



    Recently completed the CISM cert…more risk focused. Excellent for carer path lading to CISO or Chief Risk Officer function. Consider focusing beyond certs to broader education…technical degree or business degree including Masters Degree is the ladder to success.

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?