Eric
What is the best path for a student of information technology or related field that wishes to start a career in Information Security?
I am graduating soon, and want to work in Information Security.
What certifications, if any, are required/appropriate?
Should I get programming work experience before attempting to move into Information Security?
Is there any other advice that you can give that might help me break into the field? #cyber-security #information-security #cybersecurity
9 answers
Jamie Chui
Jamie’s Answer
Apply for a job at a security company! There is a huge shortage of people working in information security and companies are constantly hiring! RSA Conference is the biggest security conference worldwide and all information security companies are there. So just go to the 2018 conference site and look at the exhibitor list, find some security companies you like and then go to the company web site and start applying!
https://www.rsaconference.com/events/us18/expo-sponsors/exhibitor-list
Doris Delgado
Doris’s Answer
Another certification to consider is the Offensive Security Certified Professional (OSCP).
https://www.tripwire.com/state-of-security/security-awareness/oscp-journey/
Definitely alot harder than most.
Best of luck!
Rob House
Rob’s Answer
James Constantine Frangos
James Constantine’s Answer
Best Path for a Student in Information Technology to Start a Career in Information Security
Starting a career in information security requires a strategic approach, especially for students of information technology or related fields. Here are some key steps to consider:
Education and Certifications:
Pursue a degree in information technology, computer science, or a related field. Many employers prefer candidates with a bachelor’s degree in computer science or information technology.
Obtain relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, and Certified Information Security Manager (CISM). These certifications demonstrate expertise and commitment to the field of information security.
Programming Work Experience:
While programming experience is not always mandatory for entry-level positions in information security, it can be beneficial. Understanding programming languages such as Python, Java, C/C++, and scripting languages like PowerShell can provide an advantage when dealing with security-related tasks and understanding vulnerabilities.
Internships and Entry-Level Positions:
Seek internships or entry-level positions in IT or cybersecurity to gain practical experience. This can provide exposure to real-world security challenges and help build a professional network within the industry.
Networking and Continuous Learning:
Join professional organizations such as ISACA, (ISC)², or CompTIA to network with professionals in the field and stay updated on industry trends.
Engage in continuous learning through online courses, workshops, and industry conferences to stay abreast of the latest developments in information security.
Other Advice:
Develop strong analytical and problem-solving skills, as these are essential for identifying and addressing security threats.
Stay informed about current cybersecurity issues and best practices by following reputable blogs, podcasts, and industry publications.
Consider pursuing advanced degrees such as a Master’s in Cybersecurity or related fields to enhance your expertise and career prospects.
Breaking into the field of information security requires dedication, continuous learning, and a proactive approach to skill development. By combining education, certifications, practical experience, networking, and ongoing learning, students of information technology can position themselves for a successful career in information security.
Top 3 Authoritative Sources Used in Answering this Question:
(ISC)² Official Website: The (ISC)² website provides authoritative information on certifications such as CISSP and offers valuable insights into the requirements for entering the field of information security.
CompTIA Official Website: CompTIA is a leading provider of IT certifications including Security+. Their website offers detailed information on certification paths and career opportunities in cybersecurity.
ISACA Official Website: ISACA is a global association that provides resources and guidance for professionals in IT governance, risk management, and cybersecurity. Their website offers valuable insights into the skills and certifications required for a career in information security.
These sources were chosen for their authority in the field of cybersecurity education, certification, and professional development.
GOD BLESS!
James.
Jarrett Hoffman
Jarrett’s Answer
All the aforementioned will give you a baseline information security overview which can further translate to entry level roles in big4 type technology advisory firms and analyst type roles within certain companies who need to fill InfoSec GRC type roles. These types of roles will give you broad perspective of the various confidentiality, integrity and availability type controls an organization needs to meet on an ongoing basis and thus further help provide and overview of various information security and engineering domains across the company.
Michael Daly - CISSP, CEH
Michael’s Answer
There are many paths to careers in Infosec, in my case I went back to school at 39 years old for Network Security Mgt from a 2 year college. Was the best decision I've ever made and have no regrets. I started off as a Unix support then pivoted into security performing vulnerability scans on servers. One path to consider is to work for a security vendor in their technical support group. This path you learn the appliance's plus meet and work with people in the field while growing your skills.
Intership: If your school offers an intership this is a great way into the field. Usually if a company is offering cyber in their intership they would also be hiring them as well.
Certificates: look for entry cyber certificates such as Certified Ethical Hacker (CEH), Security+ or Systems Security Certified Practitioner (SSCP).
Self learn: Continue learning and integrate these skills in your everyday life. Make Linux your everyday Operating System, code small jobs in Python, become familiar with github and test some popular cyber apps.
Richard Bhuleskar
Richard’s Answer
To go in an Information Security career, the first thing that you should do is to have atleast a bachelors degree from computer science or engineering. You should build a strong base and understand the basics of various components in computer science. There are certain university who provide some courses in cryptography, computer networks, network security. A professor or an academic advisor can better guide you on building a career in information security once you enroll in an university.
Research on various university which offers some info security programs before enrolling in one.
There are various Cisco certified courses like CCNA, CCNP etc. some of which focus on Computer Network and few courses are focussed on security as well. You can take a look at various Cisco courses here
https://learningnetwork.cisco.com/community/certifications
Good luck.
Thank you for this answer.
Eric
Ken Meier
Ken’s Answer
Jim Mcconnell
Jim’s Answer
Since information security can, in itself follow many paths, I would explore the different paths and see what catches your attention. Look at SANS Institute for samples of these paths. Also pursue the Security+ Certification to get you started. Pursue both your degree AND certifications. Look into internships that give you exposure to BOTH the technical side and business side of security.
Jim recommends the following next steps:
Another big certification (that's definitely harder than most) is the OSCP (Offensive Security Certified Professional). I've included a link with some information:
https://www.tripwire.com/state-of-security/security-awareness/oscp-journey/
Best of luck!
Doris Delgado