Hi all,
I'm looking for feedback on reentering the technology field by learning Splunk and getting certified. I have already completed Splunk Fundamentals, Part 1 and enjoyed the platform so far.
I have two main questions and have written further background information below
1. Is having Splunk certifications enough to gain an entry level job in splunk administration. Bearing in mind I have no other in depth technical skills. e.g. scripting, linux etc. If not then what other skills would be necessary as well.
2. What is the best way to get real world experience using Splunk if its not possible in your current role.
I have a IT degree from over ten years ago and have the spent the last 15 years on the business side of IT. So I have an understanding of how technology, especially cyber security works at a high level - but can't program or use linux or networking.
I spent a few years, at the beginning of my career as an AD engineer and also used SPSS for data analysis and enjoyed it and am motivated to train to get back on the technical side.
Which certificates should I aim for first to gain employment? I have a British passport and am willing to travel anywhere in the world for the right job.
Thanks in advance for your feedback and I hope I don't get ripped apart for what might seem like a crazy idea.
I have read all replies about the Splunk certification pathway suggested by fellow community members for Mr.Iger.
I am also new, like Mr Iger, but I have an IT background. Currently, I am doing a cyber security boot camp program with Monash University. I look forward to doing a Splunk certification to help me in my cyber security career. Therefore, please suggest me a Splunk certification for a cyber security engineer role.
I'd say there are two different paths if you wanna advance in cybersec.
1. Start from low-level SOC positions and gain technical expertise. This way you start from the organizational perspective and work gradually on your technical skill which allows you to understand the processes first and gain technical insight later
2. Start from IT-related experience and apply your knowledge to security matters. Here you typically start with a technical expertise in administration and/or programming and apply your understanding of technical stuff in a security context.
There is no single "one size fits all" response.
And there is no shortcut for experience.
Hi,
I have prepared some useful info for you. Go through all of these.
Splunk certification can certainly help demonstrate your knowledge and understanding of the platform, but it's not the only factor that employers consider when hiring for Splunk administration positions. Other skills such as scripting, linux, networking, and data analysis can also be important, depending on the role and organization. You may want to consider enhancing your skills in these areas to increase your chances of securing an entry-level job in Splunk administration.
To gain real-world experience with Splunk, you can explore the following options:
In terms of which certifications to aim for first, the following may be a good starting point:
Good luck in your journey back to the technology field!
As with any certification, it's a good start but on its own it doesn't guarantee anything.
Also, don't forget that there are two "sides" of working with Splunk.
One - covered by the Fundamentals (or corresponding single-subject trainings) path appended by some dashboard creation trainings and ending with User/Power User/Advanced Power User covers the user/analyst/knowledge manager aspect of Splunk and here - to some extent you might do relatively well without much of the "very technical" knowledge about OS administration, software installation, scripting and such.
Another one - covered additionally by the "admin" path and ending with Admin/Architect/Consultant - is the stuff you do designing/deploying/monitoring/maintaining your Splunk infrastructure (which covers many aspects that are often outsourced to Splunk Partners and/or Professional Services).
Anyway, to get a completely entry-level job involving Splunk it might be enough to gain the knowledge (not just learn, pass exam and forget ;-)) on the Splunk Certified User level but that will probably be a very entry-level position and most likely it would involve just using splunk as a source of data but the position itself would be focused somewhere else (i.e. a SOC security analyst) so you'd also need a knowledge/expertise in a completely different area.
IMO, it's not enough to have a certificate. Certification may get your CV reviewed and may even get you an interview, but without real experience you're unlikely to get the job or succeed at it.
You can get some practical experience by working with Splunk at home. It's free to download and run on your laptop or on a few trial AWS instances. Download a publicly-available data set and create a dashboard with it. Think back to some of the problems you had to solve with AD or SPSS and figure out how to solve them with Splunk.
Perhaps there is someone else in your company you can work with to get some experience with Splunk.