May 3, 2021

Transition from Sysadmin to Infosec risk manager, advisor or auditor.

I’m a sysadmin of 8+ years working for an MSP looking to transition into infosec particularly in risk management.

Experience is mostly technical but I did start our “security program” by applying NIST, ISO 27001/2 and CIS top 20 for selecting, implementing and assessing controls so familiar with these frameworks. Also helped some clients with achieving ISO27001 and GDPR compliance. I’d say I’ve been doing this for 5 years although it is not part of my day to day tasks.

Certs: A+, Net+, Sec+, AZ-500 and CISSP.

Is risk management / auditing a hard industry to get into if you have a more technical background?

Would getting a CISA hold more wait than my CISSP cert for this particular branch of infosec?

PS: I’m in Alberta, Canada if that helps.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.