[OT?] call for info on security professional certifications
Alan Johnson
alan at datdec.com
Tue Apr 6 12:23:30 EDT 2010
On Tue, Apr 6, 2010 at 11:23 AM, Benjamin Scott <dragonhawk at gmail.com>wrote:
> On Tue, Apr 6, 2010 at 10:30 AM, Alan Johnson <alan at datdec.com> wrote:
> > What we are trying to figure out is if we
> > should included any certifications in either the "required" or "desired"
> > qualifications.
>
> Some of this depends on what the job duties will really entail.
> That is, whether the "IT Security Officer" going to be more about
> managing people and workloads than actually vetting the technical
> aspects of security. You emphasize production systems; in that case,
> I presume more technical stuff. Tech certs are, of course, more
> applicable for tech stuff.
>
I had tech certs in mind, but if this jobs is done right, it will required a
lot of upwards management, IMHO. I didn't think "certified boss manager"
was an option, but I like to check it out if it is! =) Seriously though, I
don't believe downward management skills are an issue here, but policy
creation, implementation, and enforcement are sure to be at the heart of the
job.
> The DoD is now requiring all staff who work in an Information
> Assurance role to maintain security certifications. That includes
> staff of commercial contractors.
>
You mean, like clearance levels, or some tech security cert?
> I have yet to see tests or courseware, but looking at the
> brochureware, the GIAC/SANS and ISC^2 certifications describe what
> look like good programs, once you get beyond the fundamental levels.
>
Thanks!
> Personally, while I place relatively little value on fancy pieces of
> paper, I don't think they're worthless, either.
>
> Certifications are commonly used as part of a resume screening
> process. If you get 1000 applications, narrowing the field is
> difficult. So require a certification, and you at least filter out
> the people who spam every tech job they see.
>
Yes, I expect it will only be used as a filter if the volume is significant.
>
> Full disclosure: I have no college degree and no major
> certifications. [However, on several occasions, I've been told I'm
> "certifiable". ;-) ]
>
As are many of the best techs I know. =)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20100406/9cfdba19/attachment.html
More information about the gnhlug-discuss
mailing list