I am an transitioning Air Force officer pursuing opportunities in information security. Given that I am coming from a background of no experience in Information Technology, I am pursuing many different venues in terms of education and training.
I am a student in the Masters in Information Security and Assurance program at Norwich University, and I am also taking certification preparation courses through ITPro.TV. I have attempted to understand the certification landscape and the different tiers of certifications, and it is a goal of mine to pursue and earn the Associate of ISC2 certification before separating from the military in one year. This Associate of ISC2 certification will transition to a full CISSP once I gain the required experience.
I guess my biggest question relates to what my Masters degree will equate to. That is, should I be pursuing certifications on top of my Masters degree work? Should I pursue certifications such as CASP or CCNA-Security before embarking on the journey to a CISSP?
Thanks!
Answers
Thank you for your service. There are several suggestions that most services and internet sites recommend, and they are right.
Give your resume a format change and lead with a summary that outlines your skills and qualifications. Share generalities from past positions to translate how it will be beneficial in new roles, like skills, duties, projects or management. Use clear civilian language to describe your career objectives, but highlight key wording from job descriptions and any accomplishments you have achieved. Keep the verbiage in present tense and have others read through it for feedback. If you can pursue any IT: volunteer opportunities, contract jobs, certifications or even CEU (Continuing Education Units) courses will show how interested you are and make recruiters take notice. This will aid you in finding an entry level position. Take advantage of in-house professional development and training programs available, which always shows you are willing to do and learn more.
I hope this helps you on this new journey and I wish you all the best.
Kindest regards,
Merry Vickers
Hi Kelly,
You have the right idea of getting a good foundation of data security from a vendor neutral and vendor specific perspective.
Once these technology foundations are learnt, then I would recommend to get involved with security as it relates to the "Cloud" . This cloud architecture in IT or Networking , is really what industries are moving towards . And you want to understand what is not only current but what is next generation.
So as Tim commented " Don't put the cart before the horse" . Be patient . There is a lot to learn .... But the journey is fun .... My2Cents .
Hope this helps.
Fred
As a grad of the Norwich program myself (2010), I found the program to be quite rigorous and I greatly benefited from it. However, I also had nearly seven years of diverse IT experience prior to enrolling in the degree, so the degree was just icing on the cake.
And, therein lies the rub . . .
If you have no IT experience, then it's going to be difficult for you to get into IT security, because IT security is an additional layer onto the IT itself. Analogous to this is securing a house. First, you build the house and understand the different parts of the house, and then you think about how to secure it and what's involved. To do the latter before the former is putting the cart before the horse.
So, the first thing you should be doing is start acquiring entry-level type IT skills like network administration, programming, and the like. There are many resources out there where you can teach yourself, and you can acquire cheap equipment on which to practice.
One way you can do this is to start from where you are, which is take your current experience and position and find out where the IT work to support this is. That way, you're learning IT while focusing on one area that has problems to solve.
Secondly, concerning certifications, start with CompTIA -- but do so with the following in mind. The curriculum for A+, Network+, Security+ is very helpful in learning the groundwork of everything involved, but only one of the certifications is really worth anything: Security+. That's for checking the box for Federal/DoD security jobs. Same for the CISSP, though the CISSP has other, more civilian, requirements.
Remember, don't put the cart before the horse.
Your Answer
Please log in to answer this question.