Skip to main content
5 answers
7
Asked 707 views

What are some software skills I should be familiar with as an Information Security Engineer?

What programs or software should I get myself acquainted with when it comes to being an Information Security Engineer?

+25 Karma if successful
From: You
To: Friend
Subject: Career question for you

7

5 answers


1
Updated
Share a link to this answer
Share a link to this answer

Ashutosh’s Answer

Like Tom said, more than technology, it's about standards. Best to go over industry standard ways to check software security like OWASP.
Also, I have seen the most important security incidents coming in via web, as it's directly open to the public use. That's why I find it useful to know about one of the web technologies that includes browser side rendering such as HTML, Javascript, React or Angular and also server side processing of web components like Java has JSP/Servlets or ASP .NET. Knowing one of these technologies will help understand what web developers can do. It will help a great deal in becoming a software security expert.
Thank you comment icon Thank you for taking the time to help. Samuel
1
1
Updated
Share a link to this answer
Share a link to this answer

Tom’s Answer

Samuel,

It is not specific software or languages that you should focus on, but more of standards, application architecture and development techniques in general. As an IT security specialist you need to recognize how things are done and where risks cen exist. If you are familiar with development techniques and overall logic, you can identify what areas are more likely to be attacked and exploited.
Thank you comment icon Thank you so much for the advice. Samuel
1
0
Updated
Share a link to this answer
Share a link to this answer

Elliot’s Answer

Linux! Bash Shell! SSH! Python! These ought to keep you busy for while...
0
0
Updated
Share a link to this answer
Share a link to this answer

Edmond’s Answer

IMO nothing specific, however you should be knowledgeable about operating systems, scripting, how software is written, how it is maintained, standards like OWASP Top 10 (https://owasp.org/www-project-top-ten/). If you lookup the description of the "information security engineer" online you'd get a good idea, but since the title covers a broad spectrum of requirements, you'll notice posted job descriptions vary broadly. So first step is to decide what's interesting to you.

If you're just starting to learn about these topics, it would be really important that you have a good grasp of the fundamentals. More important than programs/software you must understand how the Internet and its underlying networks actually work. A good source is https://www.grc.com/securitynow.htm (scroll down and start from 2005) and listen/read the podcasts.

If you haven't already, do internships. One great resource is the "Students & Recent Graduates Employment Opportunities" page in CISA's website https://www.cisa.gov/students-recent-graduates-employment-opportunities
0
0
Updated
Share a link to this answer
Share a link to this answer

Timothy’s Answer

Usually, a college education in Computer Science focuses on programming, but most cyber security jobs are mainly about network infrastructure. It's a great idea to look into courses in this area and maybe even add certifications like Network+ or Security+ to your skillset. Some technical schools or community colleges that offer certificates might be just as good, or even better, at getting you ready for this field, depending on the institution and local connections. If you can choose which programming languages you learn at your university, I'd suggest going for more scripting languages like Python.
0