Microsoft-free Careers Possible?

[zerothz]

Hi there. I'm soon to be receiving my BS in computer science, and I'm hoping to launch an interesting (and maybe even well-paying) career in InfoSec/network security.

So I have a question for the pros out there: how many jobs exist in which a security admin does not need to deal with Windoze? I really do not enjoy using Microsoft products (I've managed to rid my personal computing life of them,) and I'd like to stay as far away from Windows security as possible.

Is this going to put me at a disadvantage in the field? Can I specialize in UNIX-based OSes and still find jobs?

[morganlefay]

Personally

I dont think you should limit yourself to one OS

Seeing that 90% of the computers run MS .......if you limit yourself to no MS products...you will limit your job market.

you can place *nix oses in ms environments......but you will have to have knowledge of both...to be successful

Depending on the business apps that companies are running...will determine what os you will need to use.

IMHO....its not the os that makes it secure.....its the admin

No matter what the os..you will have to patch, update and monitor..regularly

Just my .02 cdn

MLF

Edit> as for your poll....you have to deal with security issues....no matter the os

[zencoder]

Well, you ask (and pose) more than one point, so I'll stab at them individually.

"How many jobs exist in which a security admin does not need to deal with Windows?"
- VERY few. Windows has a lot of vulnerabilities that are known because Microsoft has a lions share of the market; therefore, there is a lot of need for security types to have some sort of Windows skills and interaction.

(I'll bundle both of these together...)
"Is this going to put me at a disadvantage in the field? Can I specialize in UNIX-based OSes and still find jobs?"
Yes to both. It will put you at a large disadvantage. Please don't take this personally, because I don't know you, but...if I was interviewing an applicant who told me he prefers not to work with Windows and does not want to, I will politely thank him, complete the interview, and almost certainly automatically trashcan the file. Sorry, we have no time for attitudes like that. In the industry, there are not enough people, not enough funding, and not enough time to suffer an attitude like that. That's the blunt truth. Sorry, but it's true. If you can't be flexible, you won't advance.

That being said, if you specialize in *NIX security, you can find a PLETHORA of jobs, and if you are good, you could have an amazingly lucrative career, if you have the right skills, make the right choices, and get a touch lukcy.

Ok, so maybe you got my point. Your goal is an admirable one in your opinion, I'm sure. Many others will agree...I would to a point, but I have some reservations as well. But the reality is, that sort of attitude is not what a job seeker should display. With the outsourcing of a the droves of IT jobs in the US to foreign soil, there is a surplus of people willing to work. The few fields that have remained mostly 'in country' have not gone unnoticed, and those fields have had a lot of immigrants (if I meet one more DBA who claims to be a security guy... )

I think you could do really, really well with the *NIX focus. Especially with SELinux becoming more popular...there is a HUGE potential there. But saying you don't want to work with Windows is closing the door on a large portion of potential work. I'd suggest you table that thought until you've got a career started, some reputability, and can then make some choices that your managers may just concede to.

Best of luck, and Welcome to AO.

[mmkhan]

hi,

you can place *nix oses in ms environments......but you will have to have knowledge of both...to be successful

Depending on the business apps that companies are running...will determine what os you will need to use.

IMHO....its not the os that makes it secure.....its the admin

No matter what the os..you will have to patch, update and monitor..regularly

100% agreed. Its admin who is going to secure the os and its the fact that each and every os has advantages and some drawbacks. As a security admin you must have the broad overview of the field because you would came across different type of challenges very rapidly. Sticking to just one thing would not be benfecial for a security administrator.


Thanks

[rowdy_yates]

Edited: I meant to vote "All the time"! :-)

We have some very large departments that maintain DNS, e-mail services e.t.c. that run on Unix, BSD, and Linux; and even those guys are relegated to using Windows to do some of their work.

From a security standpoint, a lot of Windows servers and workstations get compromised. If you neglet to use Windows, you will have a tougher time finding your way around. You probably want to use all operating systems available.

[pennconservativ]

My question would be why would you want to stay away from MS products? I realize that this opinion is a little different than what others posted, but I think that you're best served, and will be a better InfoSec professional, if you work with both. I would want to be in a heterogeneous environment so that I get to work with, and keep my knowledge current on, as many OSs as possible.

The problem with staying completely away from MS security is that a significant number, if not most, of the vulnerabilities seen on the Internet today are designed to exploit MS products. If you stay away from Windows entirely, you'll be at a disadvantage when it comes to intelligence gathering, incident response and management. Whereas a Windows/Unix admin might recognize a scan on X port as being a scan for a Microsoft-specific vulnerability and react accordingly, a purely Unix admin may be less quick to realize that, considering that they have little or no Windows experience.

Granted, there are other ways to stay up on threats, but I guess I don't see the point. WIthout sounding offensive, this sounds like nothing but elitism. I want to learn as much as I can about as many OSs as possible, and you can't do that by saying that you're only willing to work with one OS. I honestly believe that this could put you at a HUGE disadvantage, not just in the job market but in your ability to do your job.

[nihil]

I think you will have difficulty, as you want to go into security. Those specialists are rather thin on the ground, and are expected to look at the whole picture. If you were interested in development, systems or applications support you would have a much better chance.

At least that still seems to be the picture over here.

[SirDice]

If you want to be a good security specialist you'll need a good and solid understanding of as much of the current and past OSs as possible. You'll be rewarded with great insight into what works and what not. Learn from mistakes others have made before you (MS should have done this ). Securing one platform is one thing, it's the interaction between 2 or more different platforms that can create some interesting pitfalls.

[cacosapo]

Well, i think if you want to stay on "distributed platform", you will be asked to master Windows AND *NIX. Although you can get a very good job as *NIX secadmin only, i believe that is not what the "market" wants. And you will compete with a lof of guys that have 10 or more years of experience on this area (*nix). For example, if i need a *nix jedi, i will look for an experience of 5 years or more. So will be tough.
But there is some other platforms where people there give a s... for your windows experience. Mainframes, for example. If you are a RACF Yoda, you will have a large number of companies to work on.

My advice? If you dont like MS, master on *NIX but learn Windows too as a "Hobby".
Maybe if have your opinion about Windows ...

[rowdy_yates]

Originally posted here by cacosapo
.. you will compete with a lof of guys that have 10 or more years of experience on this area (*nix).

The security guy that I deal with has been doing it since 1976. He's very good.