Posting later than usual due to the holiday and some quirks I’ve encountered with infosec.pub.

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

  • MigratingtoLemmy@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    5 months ago

    The market is still fairly dogshit from my perspective. What certifications do you recommend to rise up the ladder? I’m more into cloud security/infrastructure than pentesting, was considering the AWS-SAP but was quickly reminded of how much work that is without continuous AWS exposure.

    • shellsharks@infosec.pubOPM
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago
      • Security+ typically puts you on the map
      • CISSP is usually Sec+ level-up
      • Relevant (to the job you’re applying to) SANS course (expensive)
      • OSCP (for pentesting)
      • Any AWS cert is good if you’re applying to cloud roles

      But really, certs don’t move the needle the way they once did imo. You may be better off documenting your experience on a website rather than just having letters. This has at least been my perspective (and I have a TON of certs so I wish they were worth more)

      • MigratingtoLemmy@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        You’re probably right. In this market even the perfect candidate has a tough time. I’ll still probably go for the AWS certs (I have been eyeing the specialities for a while now) along with maybe CISSP if I find the time for it. Security isn’t actually my main focus but I try to bring it along in everything I do at work (and annoy a fair number of people as a result hehe)