Over the past two years I’ve been schooling/certifying/working towards a career in cybersecurity. As of right now I have a AAS degree in Network Administration and am currently still in school for Cyber Operations Engineering with a certificate in Computer Forensics. I have also worked part-time as an IT lead for a financial services company and currently work part-time as an MSP technician. My career goal is to get into a purple team environment as I love aspects of both offensive and defensive security. However, I also love working on systems administration and infrastructure/engineering.
I spend a great deal of my free time labbing and working towards certifications. I have a physical lab environment consisting of several servers, routers, switches, firewalls, wireless stuff, etc. However, I haven’t really been working towards anything security specific. I have been doing some CTF-style learning on the side (TryHackMe), and work on fundamental programming with C, Python, PowerShell, and Assembly. Most of the time I work on infrastructure stuff. I spent all of last year certifying for the MCSA 2016 (Windows Server) and will be taking my CCNA exam very soon this year. After this I plan to continue learning up on firewalls and wireless security. Towards the end of this year I want to transition from networking to Linux, specifically, certifying for RHCSA and getting a grip on BASH and SELinux. After that I’d like to move onto the cloud; playing around with Azure, AWS, and VMware. Then somewhere down the line I want to really get into the cybersec stuff: pentesting, threat hunting, forensics, etc.
All of this is going to take **at least** two more years just to get a fundamental understanding in these areas. My current philosophy is that one has to understand core technological fundamentals before being able to apply security. As an example, I have several classmates in a network security course who do not understand fundamental routing or switching concepts, hence their ability for an overall understanding in network security is limited. I suppose my main concern is whether I am going about my career goals the right way. Am I making good use of my time to develop my skills to where I want them to be? I have a decent foundation in fundamental infrastructure such as networking or Windows Domain environments; but have almost no experience with security analysis, threat hunting, malware analysis, pentesting, or vulnerability assessing (all the security heavy stuff).
Based on your guys’ experiences, should I slow down my crusade for broadened IT knowledge and instead focus and develop one area of skills such as pentesting? I feel conflicted about what to do. I really do enjoy many aspects of IT and would like to have work experience in different areas. On the other side, I feel like I have to be realistic and develop a skill well enough to the point where I can market myself as an expert in something instead of attempting a jack-of-all-trades type of deal.
TLDR: Conflicted about how to properly transition into cybersecurity