The Infosec Trinity
Well, I just passed the final exam for the GIAC GSEC credential from SANS, and I have to say it’s a pretty good feeling. It’s still less respected in most circles than the CISSP, but that’s because less people know about it. I think that’s likely to start changing very soon, though.
If I were to go for another SANS cert, I think it’d be the GSFW, but right now finishing my bachelors is the top priority. With my two most-desired certs taken care of, I can now focus completely on that task. Ultimately, I think employability comes down to a special combination of the following:
It seems that 2 and 3 have been switching places as of late due to a number of factors. Perhaps the biggest one is the lack of quality control in today’s universities. To put it bluntly, an employer cannot any longer be sure that someone with a bachelors in computers is going to be valuable to his/her organization.
There are great IT people out there with degrees, and great ones without them. It’s hit or miss really. I still think there’s a higher chance that the person will be decent at something if they have the degree, but it’s not the kind of indicator it used to be.
As for me, I choose to have all three — experience, certs, and the degree. Can’t go wrong there.