I’ve got a friend that asked me to post this. She graduated last December with a degree in information systems. She stumbled into a cybersec job right out of college with zero job experience whatsoever. Her title is “associates of cyber security in training”. She basically works for this huge company and has been doing classes for them back to back since January. They told her she’d be in training for a year before she will be placed “on a bench” and at that point, she’ll just wait for them to assign her projects.
Well she’s looking for certs to help push her along, but she isn’t quite sure what she fully wants or is even interested in. Part of her is kind of interested in digital forensics, the other part of her is into just standard defensive/blue teaming.
I myself am in cybersec and have been trying to help her figure this out. For most people, I just tell them to get the security+ cert to help get them in the door for csec, then more specific ones to push them in the direction they want. It’s difficult to give her any suggestions because she doesn’t know what she wants. And I’m trying to tell her that maybe she should figure that out before she commits to a cert/field.
Would the security+ cert benefit her? Or should she look for more specific certs in the two fields I mentioned?
What do you think of all of this?