Re: Career Advice

[Michael Dickey <lonervamp () gmail com>]

I'll probably say the obvious that you already know, but...

With your experience, picking up a Security+ cert should be easy. Likewise,
I doubt you'll have too much trouble with a CISSP, given purchasing a book
and getting signed up to take the test. People who geek out about security
and are surrounded by it either at work or at play should not have much
trouble. OSCP is very cool, but don't fall into the unanticipated trap I
fell into: clear off a month of time so you can get your cost out of it.

Certs can really only help in the job search, and shouldn't hurt you.

I'll second the items about being involved either in local security groups
or in the greater online locations, like Twitter, blogging, and so on.

Honestly, we need more people like you (and in a self-serving sort of way
me, since we're in similar boats!) who have solid backgrounds in enterprise
operations. Not only does that knowledge help in knowing the common trouble
spots, but also to give real-world tips on Getting Things Done, instead of
the often-times unrealistic expectations some may give who've never had to
live with those recommendations themselves. Besides...being in ops means
you've probably been in higher-pressure situations than any security-only
people have ever been in. ;)

The best part, though, and it applies to most any career: The first "real"
job in that field is by far the hardest one to land.

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com