|
|
|
|
|
|
by bawolff
1699 days ago
|
|
|
The easiest way to transition is to transfer internally in a company you already work for. However that doesn't seem like something available to you. Try maybe looking for roles labelled "software security engineer" - those might be more likely to take a pure software background. > I’m currently trying to get a CompTIS Security+ certificate. Certs are not respected in the security industry, especially the easier ones like security+, to the point wherr its almost considered negative signal on a resume. Some of the harder ones like cssip are controversial in that it depends where you're applying whether or not its worth anything. As a general rule, i would not bother with certs, but they can be useful as a general study guide sometimes, if you're not sure where to start. |
|
|
I'm a software engineer, but have no certs myself however I'm familiar with the security-related certs. I find it bizarre that an industry would find the certs useless, as certs at least give a baseline. You can give someone a bunch of tests at interview, but there's no way you can check someone's knowledge in just a few hours - unless your tests look something like the questions you'd be asked to gain a cert! I'm trying to get a Network+ cert, but it's taking me awhile due to the massive amount of stuff you have to learn...and Security+ is seen as the next cert after that. I've learnt a massive amount already, so cannot see why it would be useless or seen as a negative. It's almost like saying "nah we won't use this standard baseline, we'll be the judge!"
I wish the software dev industry would embrace certs a bit more. Hiring is basically a massive gamble. Recent example: chap I worked with who had been a programmer for decades...didn't know what Base64 was, and used globals a lot. This is basic stuff.