Me Pointing Down For Some Odd Reason

After many years of working in the IT space, in November of 2017 I became excited by the idea of getting more deeply involved in the cyber security world.  My work experience had taken me from help desk to break fix tech support to systems archival work; from years as a web developer slinging everything from Javascript to MySQL to Php to UNIX systems administration; and from project management to senior management leading digital teams.  Plus, I had years of experience administering and auditing roles and accounts as well as securing systems both from a technical standpoint and managing the dreaded “human threat,” which can involve anything from bad actors to serious incompetence or ignorance. 

Obviously there is no one path that one follows when contemplating a complete career change, but it became obvious to me that the best way for me (note that I say “me” because this was my path and everyone has their own path) to get more formally up to speed in the cyber security world was to build up a lot of book knowledge and work towards some certifications. I came to this conclusion in part after reading this very short, but practical guide to cyber security The Top 10 Cyber Careers: And What It Takes To Get One! and the respective certs that matter, and this article by Darrill Gibson describing some potential paths.

Word of Warning: Anyone reading my story and thinking that certifications alone will gain them entry into a new profession are sorely mistaken. Usually your best bet is to get some practical experience under your belt as a sys admin, help desk professional or developer and put some real world focus into your area of interest, then combine that experience with a cert or two to get you through the door. In certain cases certifications like the CISSP and/or Security+ are mandatory in terms of either scoring or holding on to certain government, insurance or finance world jobs, but they by no means should make up the bulk of your resume.

For myself I decided on the following path, first take the CompTIA Security+, then on the advise of my friend Dan, a CISSP who works in the medical industry, after hearing about my career ambitions said, “Why screw around, go get the CISSP!?!” tackled that very certification several months later.

This site is dedicated to telling my journey for how I self-studied for and was ultimately able to pass both the Security+ (after 45 days of study) and the CISSP (after 4.5 months of study).

I very much hope some of what helped me will help you . . .