Results 1 to 7 of 7

Thread: Getting Into Information Security Field..

  1. #1
    Junior Member
    Join Date
    Oct 2006

    Getting Into Information Security Field..

    Hi, I'm currently a student gaining an AS degree in information security (No work experience other than school), I am wondering what employers in the IS market look for when hiring potential employees and what would be a position to seek out that would allow me to expand my knowledge / pay grade. As far as certifications go I only have Net +, considering CCNA and Security +. Also I have completed various MOAC courses. To clarify my long term goal is to stay away from help desk / admin type work, and move into something similar to penetration testing or forensics. Any suggestions on how accomplish this goal?


  2. #2
    Senior Member
    Join Date
    Feb 2003
    Memphis, TN
    Theres quite a few positions out there that deal with "Information Security"

    If you search for that, you'll find quite a few jobs.

    You'll start out small probably, getting your feet wet, as experience is the best knowledge. School just helps you to know what to look for.

    I would recommend looking into a CCSP(Cisco Certified Security Professional), most jobs I see look at having that cert as a plus. It would definitely help you to get your foot in the door.

    Ultimately, work at getting the security certs you mentioned, and the CCSP if you can. Realize that with no work experience in Information Experience it will take you a bit to build up the experience/knowledge to get a more established company to look into you seriously. But ultimately, I believe it is all worth it. If your good, and know what your doing, pay can be pretty good.

    Good Luck

  3. #3
    Junior Member
    Join Date
    Oct 2006
    Thanks for the reply, So where should I put most of my time:


    I know I probably need a little bit of them all, but I dont want to spend hundreds of dollars on these certifications if they wont really count for much. Also I am a veteran and still have a security clearance, will that count for anything?


  4. #4
    Your university quals will show you have a good knowledge to start, the ability to learn and as already stated you know where to look for information.

    Qualifications are definitely a bonus, depending on how technical you want to be (from what you have said you want to be quite technical) there is a broad range. I think:

    CISSP form isc2 is well regarded
    GIAC qualifications from SANS

    It is also worth checking out individual courses on the area of security you want to specialise in because the variety of jobs in IT security is enormous.

    But generally in my experience employers are most interested in experience. Be prepared to take a lower paying job initially if it is going to provide you with the experience you need in the future, It may be worth seeing if you can find some intern/work experience type work whilst at uni to get your foot in the door (this is what I did) as graduate employers really respect that.

    Good luck - a good mixture is the key but definitely if you can get some useful work experience you will be in a great position.

    A security clearance definitely wont hurt!

  5. #5
    Senior Member linuxcomando's Avatar
    Join Date
    Sep 2001
    Hey bnations,

    I agree with cabby that both CISSP and GIAC are creditable certs. The CCSP is great if you plan on working with Cisco equipment. However, you will soon find out that you will never truly move out of the "help desk" area. The only difference will be how complex the problems are lol.

    I'll give you a look at what I have done and where its gotten me. Perhaps it will give you a baseline. Currently Im a Sr. Software Security Architect. I work for a company that has about 300+ employees and I make a very good living. Now, Im not saying that my certs and degrees have been the only thing that has gotten me this far. I can say that having them has helped. You have to remember that experience is truly worth its weight in gold; moreover, having a top notch reputation.

    So basically my job is this:

    Essentially my company offers a solution to banks, and Im in charge of making sure its secure. So Its my job to break ithelp fix it Break it again help fix it Break it again help fix it --(you can see a pattern here lol ).

    As far as Work experience goes I have about 7 years of applicable experience. I started out in IT. Ive been a network administrator, project manager, and everything in between.

    I have the following degrees
    B.S Computer Science
    A.S CIS

    I have the following certs:
    CompTia certs

    So hopefully this will give you an idea as to what it takes to become a security professional. My last point is this, learning to pass test or get through college is not enough. You will have a hard time getting by in this field if you are truly not comfortable with the material you are claiming to be an expert in.

    As a side note:
    but I dont want to spend hundreds of dollars on these certifications
    It could potentially be in the 10s of thousands of dollars range. That just for certification--not including a college. I mean heck, most alot of the Sans classes are around 3 grand a pop.
    I toor\'d YOU!

  6. #6
    Junior Member
    Join Date
    Oct 2006
    I just wanted to say thanks for the replies, it's good to talk to those with experiance in the field and get a sense of direction. I guess my best bet is to finish up school, gaining as many cert's as I can along the way and then try to work my way up in the industry.


  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    Hi bnations might I just throw you a curved ball or two here?

    If you can fit it in, I would suggest getting some sort of accountancy course in, and possibly a reasonably specific legal one (statutory compliance).

    You see as you progress you will have to look at quotations/proposals, budgets and managing your project's finances I am afraid that as you progress............or more if you want to progress, you will not be able to avoid administerial responsibilities...........It goes with the territory called "management"

    Hey, as a vet you must have noticed all the crap on the CO and Exec's desks?

    Just a thought?

    Oh! your SC would get you into the armaments takes at least 3-6 months to get one from scratch, and they don't want to wait that long before filling a post?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts