I recently obtained my CISSP and I am scheduled to take the CISA next month. My current job entails several aspects of InfoSec, but I am looking to move fully into a purely security role, possibly at a consulting or MSP company, initially. I feel that my skill gap is on the more technical areas, so that is where I would like to focus.
I also learn better when I have an end goal to focus on, hence the reason I want to seek out a certification, instead of independent study.
# Background:
* **IT Service Analyst (current):** 1.5 years: responsible for security baseline compliance, risk/vulnerability management compliance, audit compliance, managing vendor SLAs, and IT service costs/charge backs across the company.
* **Military Reserves Information Technician (current):** 3 years – Assigned to intel unit, created OSINT intelligence reports and threat assessments, with focus on information systems.
* **IT Project Management/PMO:** 4 years – Acted as PM for data retention projects, cloud roll-out projects; responsible for overall managing program/project governance as PMO.
* **Emergency Management Consulting**: 3 years – Assisted with disaster recovery assessment and FEMA claims for State/Local governments impacted by natural disasters
* CISSP
* Security+
* Numerous FEMA EM/COOP certifications
* MS Computer Information Systems w/ focus on InfoSec
* MA International Relations w/ focus on Eastern Europe
* BA Political Science w/ focus on Emergency Management