Hey c/Cybersecurity!
Just looking for some advice on what certifications are worth getting?
I am wanting to steer my career into ICS Incident Response and was wondering what Entry level certs are worth it? I want to get my SANS FOR-508 (GCFA) and SANS ICS-515 (GRID) certifications, however due to the expense of these I am looking to hopefully do some cheaper ones first until I can get the company I work for to pay for them.
I was considering perhaps CompTIA Security+ and CompTIA CySA+ but I don't know if the time spent towards them could be better invested in another course such as CISSP.
I am Based in Australia and have a Bachelor of Computer Science, and a Bachelor of Electrical Engineering. I have also been working as a Process Control Systems engineer for about 3 years since finishing uni if this helps gives some more context.
Any career advice or recommendations is highly appreciated, I am kind of overwhelmed by all of the options. Also keen to do some more non-certified courses to increase my knowledge, I have been working through a few from Chris Sanders' recently and want to do more from him.
The SANS ICS courses are the only ones I know that specifically focus on ICS; but yes, do not spend your own money to get expensive certs like those. Your employer should be paying on your behalf. Security+ is worth it if you’re making a lateral move to security.
Hey thankyou for taking the time to reply. Do you think a Security+ cert is worth it with my degrees or should I focus on something different? It sounds arrogant but I have been going through some of the practice exams and they seem pretty basic
It’s essentially a way to get your foot through the door if you’re trying to get into the security field. I guess if you’re planning to switch roles within your current org it’s not really necessary vs trying to get hired at a new company. I haven’t checked how much they cost, but maybe you can try some of the Cisco certs as well?