Skip to main content
8 answers
8
Updated 988 views

What security certifications are ideal to obtain when pursuing a career in cyber security, more specifically a position dealing with cybercrime?

#cyber-security #cybercrime

+25 Karma if successful
From: You
To: Friend
Subject: Career question for you

8

8 answers


2
Updated
Share a link to this answer
Share a link to this answer

Joel’s Answer

There are five GIAC certifications related to digital forensics.

  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Advanced Smartphone Forensics (GASF)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Network Forensic Analyst (GNFA)
  • GIAC Reverse Engineering Malware (GREM)

Any of these would be beneficial for someone seeking a position in fighting cybercrime.


Joel recommends the following next steps:

Go to the GIAC website (https://www.giac.org/) and read over the certification details and determine if you have the background necessary to begin the forensic certification that most interest you.
Thank you comment icon Thank you so much Mr Snider. I will certainly look into these certifications and see what each entails and which best fit what I'm looking for. Armando
2
1
Updated
Share a link to this answer
Share a link to this answer

Jessica Valentine’s Answer

Hi Armando! Look into the Security+ certification with CompTIA and the CISSP (associate level can be achieved prior to the 5 years of required experience.

Thank you comment icon Thank you for the tips Mrs. Valentine I have actually looked into the security+ and will definitely be pursuing it this year. I will also look into the CISSP and learn more about the requirements and benefits. Armando
1
1
Updated
Share a link to this answer
Share a link to this answer

Doris’s Answer

Hi Armando,

Here's another link with great info on getting your OSCP.

https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html

Good luck!

Thank you comment icon Thank you Mrs. Delgado the link your provided is certainly helpful in giving me insight on what to expect. I am currently focused on obtaining my Security+ , but will be referring back to this link and to better prepare when I am able to pursue the OSCP. Armando
Thank you comment icon Thank you Mrs Delgado the link you provided is certainly insightful on what to expect when obtaining the OSCP. I am currently pursuing my Security+, but will be referring back to this when I am ready to obtain my OSCP. Armando
1
1
Updated
Share a link to this answer
Share a link to this answer

KC’s Answer

If you're looking for a role in cyber security, certifications certainly won't hurt. However, companies where security engineers are doing the hiring tend to focus more on practical skills and an understanding how how to assess and address risk. Certifications don't necessarily reflect those skills in practice. In fact, most of the brightest people I know in infosec do not have certifications. By no means am I assuaging you from pursuing that. But many security certs require years of experience, so you run into frequent 'chicken-and-egg' issues. Instead, spend your time interacting with others around your geographical area that are security engineers. If you have a local BSides, OWASP, or DEF CON group, reach out to them to help assess the resources available to you based on your interests. Explore, do, challenge yourself! We need you!

Thank you comment icon Exceptional advice thank you. I certainly want to do what is necessary to obtain those critical security skills. I will definitely be pursuing some certifications, but I understand what you mean when you say that certifications don't necessarily mean you have those fundamental practical skills. My aim is to learn as much as I can from current security professionals and resources in order to develop the essential skills and knowledge that I need to excel in the information security industry. I will definitely look into the security groups that you suggested! Armando
1
1
Updated
Share a link to this answer
Share a link to this answer

ROBERT’s Answer

I would suggest you look into a law enforcement training track. When we have brushed against actionable crime in business we always need to turn it over to police or FBI to take action. From my interaction with law enforcement you will have much more trust & opportunity if you become an officer or special agent first, then specialize in a unit focused on cybercrime.

ROBERT recommends the following next steps:

Ask Gregory Michaels at Kroll Cybersecurity. I am a client and worked with him in the past.
Thank you comment icon Thank you for the advice Mr. Sullivan. I actually originally planned on pursuing law enforcement and majored in criminal justice in my undergrad. This is certainly something that I have considered and is of great interest, I will certainly follow up with Mr. Michaels for further insight. Armando
1
1
Updated
Share a link to this answer
Share a link to this answer

Stacy’s Answer

Hello Armando,

Here is a link from the College Board website that can give you a head start about some possible career paths that you can choose from. Definitely, if you want to work for the CIA or FBI, you would be required to get a MA (Master's degree).

https://bigfuture.collegeboard.org/majors/security-protective-services-criminal-justice-corrections-computer-forensics

Hope this helps you a little to figure out your future endeavors (:

Thank you comment icon Thank you so much it will certainly give me a better idea of what to expect and how I should prepare. I really appreciate it! Armando
1
0
Updated
Share a link to this answer
Share a link to this answer

Miguel’s Answer

Hi Armando,

These are all great recommendations. I would suggest acquiring some foundational knowledge on Computer/Digital Forensics and then finding a certification specific to the forensic tool you will use such as EnCase https://www.opentext.com/products-and-solutions/services/training-and-learning-services/encase-training/examiner-certification. The GIAC certifications are good but quite broad. I found a product specific certification provides more value on the use of the tool and the process it is built for which is aligned with industry best practices.

You can create a test lab to practice with open source tools. Many are available https://www.guru99.com/computer-forensics-tools.html



0
0
Updated
Share a link to this answer
Share a link to this answer

Mariana’s Answer

Hi Armando, GIAC is definitely a great start, but it's somewhat general and broad. OSCP (Offensive Security Certified Professional), it's hands on, with explanation on techniques. The material will lead you to a lab and prepare you for the exam.

https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

A couple of books that will help you are Practical Malware Analysis. The Rootkit Arsenal. Reversing Secrets of Reverse Engineering.

Mariana recommends the following next steps:

Go to Defcon
Download Kali Linux and start with some easy exploits
Follow Liveoverflow https://liveoverflow.com/ and suscribe to his youtube channel, he explains amazingly well.
Be curious!
Thank you comment icon Hello Mrs. rodriguez thank you for the exceptional advice. I will certainly follow up on each of these and learn as much I can to prepare myself. The OSCP certification is certainly of interest to me and I plan pursuing it and any other essential certifications that will strengthen my understanding of vital security topics. Armando
Thank you comment icon Awesome to hear Armando. Happy learning!! Mariana Rodriguez
0