I’ll apologize right off the bat for making an advice post but I’m in a unique position and would really appreciate some advice from some people more senior than me in the field on how to approach my future.
I am a junior security analyst with about a year and a half under my belt. Surprisingly enough I got taken on as a member of a red team immediately and have been working in a penetration testing mindset for my entire security career, working closely with our blue team to remediate issues highlighted in our testing.
The issues lies in my education. I have a 3 year degree in computing systems engineering and was shocked to be able to make my way into the offensive security field with only this. I love my job and what I do but I am very young and very green. I’m looking to get certified in my field but with a large abundance of online certs I’d love some advice on where to start.
I’ve been training in OffSec’s proving grounds for 6 months now and also using pluralsight as a fantastic resource on learning specific topics. The main reason I got the job was because I expressed a lot of interest and had studied cyber security independently for a couple years.
I seem to thoroughly enjoy malware analysis and web based attacks and environments. Being that I have no formal cyber security certifications I was wondering where would be my best starting points for building up my certifications for my field and interests.