Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!
Outside of the SANS courses, are there any other reputable trainings that focus on Cloud Security Architecture?
AWS has their own first-party certs if you want something vendor-specific (I’m sure Google and Msft have similar). ISC^2 has something too https://www.isc2.org/certifications/ccsp
I’m studying for CCSP right now. It’s fairly general and tries to be vendor neutral but Architecture is one of the knowledge domains on the exam. Might be worth it if you meet the work requirements or experience waiver requirements.
A lot of people also seem to conflate it with the CISSP when it comes up in conversation I’ve noticed.
Google has one too, can’t say whether it’s good or not, sorry.
CompTIA has a cloud cert
Been debating about going back to school or not. It might be just easier to start trying to create a job for myself based on my work and experiences, but not sure. Both would take a lot of work, but based on what I do now, I’m not sure if I would be able to deal with the boredom of going through all the classes that might be too basic for me and I don’t test well so I don’t know if it would be worth pouring money into things that I might fail at because colleges, universities, etc. can’t give me the accommodations that I know I need.
WGU is a popular option for school that is more budget and time-friendly. Have you run into issues applying to jobs that required a degree?
Applying for jobs that require a degree or stupid amount of experience and a case that is biting me in the ass even though I served my time with probation and would rather stupid people in middle management and hr would mind their own business instead of googling up my name and finding an article that is riddled with misinfo and other stuff that isn’t true which is already causing me problems. Been debating about suing for defamation of character on multiple “journalist” platforms on articles that really are defamation of character and also dox my info plus other shenanigans.
Yikes. Well hopefully you can get that sorted out. Best of luck!!
Yeah. Pretty awful. Took a look at WGU and will definitely give it a try with some of its standalone courses before committing to a full degree program. Also looking at several other unis and colleges. Might be a good idea to go somewhere out of state, so I can get away from some of my stress.
I just started my first official cybersecurity position at a medium size company in an industry that is currently being heavily targeted with ransomware.
I’m starting pretty much from scratch as they have not had a dedicated security role in over a year and my predecessor didn’t make much progress. So far i’ve been focused on inventory lists, policies, and procedures for hardware, software, and data. I think we’re doing okay with minimizing stuff thats internet facing and patching is in a good place (well, at least with the devices and os’s that are still supported).
Any suggestions on where to go from there or what to prioritize?
Thanks! This is actually exactly what I have been basing my efforts on so far, it’s just sobering to look at how far away we are from completing implementation group 1.