Next SANS Cert GCWN or GRID

azkh18azkh18 Posts: 1Registered Users ■□□□□□□□□□
Hello all,
I have an opportunity coming up where I can get sponsored to take on another SANS course. I already have the GICSP cert under my belt this year and am looking to build up my resume a bit more. Unfortunately I can only take OnDemand or Self Study courses at this time so that already whittles down the list quite a bit.
I was eyeing either the ICS515 (GRID) or SEC505(GCWN) certs. It seemed to me that there is a lot of hype built up around ICS515 because it comes recommended by Robert Lee. However, I don't see a lot of demand or job postings for that in the industry. Not that I see a lot of job postings for GCWN certs either but i get the feel that it has more useful practical material. Anyway, Just wanted to take a quick poll from the community on their thoughts on the matter. What has your experience been in the industry as to what's considered more valuable to employers? Any thoughts or feedback or alternative suggestions for SANS courses would be much appreciated.
Thank you all in advance!

Comments

  • markmorowmarkmorow Posts: 30Member ■■□□□□□□□□
    If you work in ICS area then that one would make more sense to me. If you dont then do GCWN. I just did that one a month ago and it was very very good. You come away with lots of actionable practicable things to do in an Windows/AD environment. If you aren't working in that space or trying to get into that space though that doesn't make sense for you to take.
  • LonerVampLonerVamp Senior Member Posts: 221Member ■■■□□□□□□□
    Basically two questions, what do you want to do and what do you do today? If you already have a job that meets ICS/SCADA types of duties, cool! If not, I can't say in my neck of the woods I'd have seen any jobs related to it, ever. If you're looking to land somewhere, GCWN is going to be more interesting to more employers, though honestly GCIH/GCIA may be a little more universal and recognized.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, CISSP, OSWP, CCNA Cyber Ops, Sec+
    2019 goals: GWAPT, Linux+, SLAE (possible: SEC573, CCSP, Splunk F&PU)
  • c5rookiec5rookie Junior Member U.S.Posts: 28Member ■■■□□□□□□□
    I haven't taken ICS515, so I can't speak to that course. However, I thought that SEC505 was a great learning experience. Windows is a complex beast and I learned a lot from the course. Being able to apply the techniques to my work environment and home network was quite valuable.
  • noble13noble13 Posts: 1Registered Users ■□□□□□□□□□
    I took ICS 515 and passed the GRID in August. The course focuses on incident handling and using threat intelligence within ICS networks. There was a bunch on forensics such as redline and volatility so if you are looking for something with a forensics flair then it may be what you are seeking. I had completed FOR578 (Cyber threat intel) before taking it and found there to be overlap in around a third of the materials.

    I enjoyed the course and learned a bunch coming from a non-ICS background. I took ICS 515 hoping to take ICS410 next and think it was a good intro as far as how ICS/SCADA systems go.
Sign In or Register to comment.