As most of you know I like talking about all this fun infosec career stuff. And so I continue with an article that I came across last night that I thought I’d pass along. InformationWeek.com’s Cindy Waxer conducted an interview with Brian Duckering of Symantec and provided “4 Tips: How To Land An IT Security Job.”
The interesting slant about this piece is that it assumes you are trying to migrate from being a “seasoned IT generalist” to a “seasoned security specialist,” which is a little different in terms of the typical “how to get started in infosec” posts. In summary the article recommends the following four tips to get started.
Go Back To School: They recommend getting an MBA. Really? Never heard anyone mention this approach before. The author did mention an MBA in Information Systems … ok that’s a little better if you want to become someone at the CXO level. Personally for most of those that probably read this blog, getting a masters or a graduate certificate in IA, cyber, or whatever the term de’ jour is, would be best.
Delve Into Mobile: Yes, this is one way. Of course you could also focus on any of today’s security fads … like Cloud and Big Data. He does recommend “writing some apps,” which is a great suggestion (and something I desperately need to do).
Mingle: Call it networking, mingling, whatever … this is very important even for those that have decades of experience in infosec. Our field is always changing and at least I find “mingling” the easiest (and most fun) way to keep up. If you are local to the Metro DC area check out our meetups page or event calendar for some opportunities to meet some cool people.
Enter the keywords “IT security” into the search field on the popular job board site Monster.com and 1,000-plus job postings will quickly populate the page. Enforcing security policies, outwitting hackers, preventing data breaches, snuffing out cyber threats–enterprises need all the security help that they can get. And IT security pros earned a median pay bump of $7,000 this year, according to InformationWeek’s most recent salary survey.
The recession has not dampened the will of cyber crooks. According to Symantec’s 2011 Cost of Data Breach Study, conducted by the Ponemon Institute, the cost associated with a breach was $194 per record in 2011, amounting to a total of $5.5 million dollars.
In fact, as more and more mobile devices find their way into corporate offices, security threats are only becoming more complex. And that’s broadening the job definition of a cyber-sleuth to include everything from protecting sensitive data to establishing incident response procedures.
So how can an IT professional with general experience become a seasoned security specialist?
Beyond some of my minor nits above, I think this article provides some great insights. Also consider that if you are already an expert in a “specific” IT field, I’d also advise transitioning into infosec by simply migrating from that specific IT area to doing security in that specific IT area.
Any thoughts on other options to consider? Today’s post pic is from Liz-Green.com. See ya!