You can always put "Professional Fluffer" on your resume...it might not polish your resume, but it'll show you are experienced in polishing...
Originally posted by: pyonir
You can always put "Jenna Jameson's Professional Fluffer" on your resume...it might not polish your resume, but it'll show you are experienced in polishing...
Originally posted by: Platypus
Originally posted by: alkemyst
Originally posted by: Platypus
CISSP and RHCE would be good to get if you don't have a lot of work experience but they're not going to unlock magical new possibilities for you unless you're just starting out looking for a job or something.
WTF?
Just getting this cert alone opens up TONS of doors if you know how to look for jobs.
Yeah but it depends on WHAT you want to do which is my point in my original post. It is true that the CISSP is very well respected but it's kind of silly that it is so respected in my opinion.. you really don't have to know much about security other than memorizing the material for the exam and it frightens me that people who get this cert are given carte blanc to be in charge of security in corporations. If you don't have solid systems engineering/administration experience I think it's entirely worthless unless you're just looking for a job.
It is also my opinion that dedicated security teams are also extremely missing the point.. good systems engineering/administration is being proactive about security. Having that massive disconnect where one team does the systems and one team runs some bullshit auditing tool to test the security but having no reason WHY they are seeing the results they see is extremely harmful in my opinion.
My point all along was, know WHY you are doing what you're doing, asking what certs are currently in demand is kind of missing the point. Have a solid goal in mind before just grabbing certs in a wayward fashion.. most technical interviews will eat people alive who don't.
edit: Oops, I see a word I missed in my quoted portion which probably confused you. I meant to say "unless you're just starting out OR looking for a job or something.
Originally posted by: alkemyst
Originally posted by: Platypus
Originally posted by: alkemyst
Originally posted by: Platypus
CISSP and RHCE would be good to get if you don't have a lot of work experience but they're not going to unlock magical new possibilities for you unless you're just starting out looking for a job or something.
WTF?
Just getting this cert alone opens up TONS of doors if you know how to look for jobs.
Yeah but it depends on WHAT you want to do which is my point in my original post. It is true that the CISSP is very well respected but it's kind of silly that it is so respected in my opinion.. you really don't have to know much about security other than memorizing the material for the exam and it frightens me that people who get this cert are given carte blanc to be in charge of security in corporations. If you don't have solid systems engineering/administration experience I think it's entirely worthless unless you're just looking for a job.
It is also my opinion that dedicated security teams are also extremely missing the point.. good systems engineering/administration is being proactive about security. Having that massive disconnect where one team does the systems and one team runs some bullshit auditing tool to test the security but having no reason WHY they are seeing the results they see is extremely harmful in my opinion.
My point all along was, know WHY you are doing what you're doing, asking what certs are currently in demand is kind of missing the point. Have a solid goal in mind before just grabbing certs in a wayward fashion.. most technical interviews will eat people alive who don't.
edit: Oops, I see a word I missed in my quoted portion which probably confused you. I meant to say "unless you're just starting out OR looking for a job or something.
CISSP is not an easy cert.
If you say so, I'm preparing to get it as my job asked me to and so far it seems exactly like a college course, memorize and regurgitate. You don't have to have intimate knowledge of REAL security to get one. We differ in opinion on this obviously. I have no opinion on the CCIE as I don't have experience with it.
Your view on dedicated security vs just having a sys admin handle it are very small business oriented. Setting up a system is much different than managing it which is different from securing it which is different from building the infrastructure it all talks to each other with. Heck even desktop support is EXTREMELY different from server oriented management.
One guy can easily do it all 'good enough' in a small business, but take an enterprise of 1000+ machines spread over just a few states/cities yet alone continents and you then see the value in a team focused on each part of the structure.
I think that summation is incorrect personally and I've been in charge of massive networks and servers spanning the globe before. I've been on teams that maintain ~4000 unique UNIX instances of different architectures and operating systems spread across every continent. My personal experience is that a good systems engineer or administrator needs to be proactive about security from every step of the process. That means taking out software/packages that come in default operating system installs to tailor to the business and security needs, applying new patches and firmware revisions as necessary, making sane routing architecture, ensuring data protection at the SAN level, etc.... it does NOT mean running some out of the box auditing tool and calling it security. These systems I mention are not the kind of systems you want to be vulnerable, I assure you of that.
A MAJOR corporation that I will not name here that I used to work for had dedicated security teams and they were a joke. Every single company I have worked for that had a dedicated security team was filled to the brim with people who got booksmart certs but had no idea how to properly administer networks or systems. That is a HUGE disconnect in my opinion and one of the biggest reasons why corporate security is the joke that it is today and companies have to hire out penn testing firms to point out how infantile their security really is.
I'm not suggesting that systems admins handle security by themselves but I am suggesting that having one dedicated team who work together is far more productive and proactive than having some looming 'security organization' that emails whatever their lapdog software tools do for them and pretend they're competent about the topic
If you think my view is 'small business oriented,' that is certainly your opinion but I think based on my experience that this model is absurd and the reason why security is such big business.
Originally posted by: Platypus
I think that summation is incorrect personally and I've been in charge of massive networks and servers spanning the globe before. I've been on teams that maintain ~4000 unique UNIX instances of different architectures and operating systems spread across every continent. My personal experience is that a good systems engineer or administrator needs to be proactive about security from every step of the process. That means taking out software/packages that come in default operating system installs to tailor to the business and security needs, applying new patches and firmware revisions as necessary, making sane routing architecture, ensuring data protection at the SAN level, etc.... it does NOT mean running some out of the box auditing tool and calling it security. These systems I mention are not the kind of systems you want to be vulnerable, I assure you of that.
A MAJOR corporation that I will not name here that I used to work for had dedicated security teams and they were a joke. Every single company I have worked for that had a dedicated security team was filled to the brim with people who got booksmart certs but had no idea how to properly administer networks or systems. That is a HUGE disconnect in my opinion and one of the biggest reasons why corporate security is the joke that it is today and companies have to hire out penn testing firms to point out how infantile their security really is.
I'm not suggesting that systems admins handle security by themselves but I am suggesting that having one dedicated team who work together is far more productive and proactive than having some looming 'security organization' that emails whatever their lapdog software tools do for them and pretend they're competent about the topic
If you think my view is 'small business oriented,' that is certainly your opinion but I think based on my experience that this model is absurd and the reason why security is such big business.
Oh snap. lolOriginally posted by: duragezic
Computer TrainingOriginally posted by: clamum
clamum is interested in this also.
Originally posted by: Platypus
edit: not worth my time justifying myself to someone who responds like that, lol
Originally posted by: spidey07
A buddy of mine just got a 240K a year gig specifically for blade servers, data center virtualization and how to architect it.
He's like the guy you see in the IBM commercials. Only he's a lot sharper and a lot more marketable.
Modern IT moves so fast that you really have to pick a specialty and do that and nothing else and swing with the changes in that specialty. That "jack of all trades" is replaced by a "master of one trade".
Originally posted by: Schloonce
Take a look at the VMware cert (VCP, I think)...virtualization is "the next big thing" (that started several years ago) and VMware ESX is a very powerful solution.
Originally posted by: spidey07
A buddy of mine just got a 240K a year gig specifically for blade servers, data center virtualization and how to architect it.
He's like the guy you see in the IBM commercials. Only he's a lot sharper and a lot more marketable.
Modern IT moves so fast that you really have to pick a specialty and do that and nothing else and swing with the changes in that specialty. That "jack of all trades" is replaced by a "master of one trade".
Originally posted by: child of wonder
I'm also looking to get a cert soon. Right now I do Novell, Windows, and Linux server administration with some networking thrown in for good measure. We recently got an HP Blade center, EVA, and VMWare and are beginning to go to virtual.
So far I have just under 2 years experience working FT and 3.5 years working as a consultant for a small business doing PC and Linux server support.
My plan is to pursue a VCP this May then go after a Linux cert.