Getting Started In Info Sec

[mgcheung]

I thought I'd ask the Hak5 community for your thoughts and advice on getting started in Info Sec. I've watched the "From Couch to Career in 80 hours" and read the follow up on room362, but I still wonder how my background would be viewed in looking for a job. I have a fair amount of formal education in math and computer science and more specifically cryptography. I recently had an internship working on secure computation, specifically homomorphic encryption. I have been learning about pen testing topics and I have worked in an IT department before. I've thought about continuing in research type jobs, but I'm not sure if I would need a Ph.D. and I don't think I'll finish mine. Would my background in cryptography be interesting to pen testers?

Thanks for your feedback.

[Infiltrator]

Cryptography is with no doubt part of security, but when pen-testing a network you will need a lot more than just cryptography experience.

If you want to get into a pen-test job, you need experience. These are great places to start learning from, securitytube.net, irongeek.com and hak5.org

[Infiltrator]

I have to agree with this guy, certain certs won't mean much, but The security-offensive certs are definitely the one.

You should get OSCP and OSWP certified. More information about the certs can be obtained from this link,

http://www.offensive-security.com/information-security-certifications/