What It Takes to Succeed in Information Security
A checklist for professionals aspiring to be Leaders and Security Rock Stars.Love What You Do - Have a passion for information security. Do not consider getting in the field because earning potential is high or because your friend is in security. You truly need to love what you do in order to succeed as you will need to put in effort to stay current on a regular basis and going a long way is only possible if you are enjoying the journey and willing to go beyond.
Think from a Business Perspective - You need to understand that today information security is not just about technology, it's about people and protecting information wherever it is. Besides knowing how to operate and excel in security tools and solve problems from an engineering background one needs to focus on how these solutions affect the organization from risk and compliance perspective and also direct efforts in making security a business driver. Give emphasis to Risk Management and Governing Regulations which are vital to keep businesses running.
Get Specialized - If you get into information security and do not know where your interest lies, you might get lost. Ask yourself, what attracted you to this field? Governance? Network Security? Forensics? Pen testing? Audits? Compliance? Risk Management? and more... Specializing in few related areas within security is key to get to the top.
Standard job titles include -
¢ Security Auditor
¢ Security Engineer
¢ Security Consultant
¢ IT Auditor
¢ Security Administrator
¢ Security Analyst
¢ Compliance Officer/ Risk Manager
¢ Director/manager of security
¢ Chief Security officer (CSO)/Chief Information Security Officer (CISO)/Chief Compliance Officer(CCO)
Consider Earning a Graduate Degree - Look for programs that combine technical training with business strategy courses; if you're looking for sound academic programs in information security, research the universities recognized by the National Security Agency as Centers of Academic Excellence in Information Assurance Education.
That list with specific links to their IT security department is available at: click here.
Classic job path includes -
¢ 2 + years- Information Security Administrator/ Network Security Engineer
¢ 5+ years- Information Security Analyst/ Engineer/ IT Auditor
¢ 7 + years- Information Security Manager, VP Information Security/Compliance
¢ 9 + years- Chief Security Officer (CSO)
Set up a Home Laboratory and get Hands on Experience - Security professionals should invest in a serious lab environment and implement what they find interesting during their studies especially with readily available freeware versions of technologies/software used. This gives IT professionals the opportunity to acquire knowledge of the underlying theories and provides them with an outlet to implement security practices in real world situations.
Take up an Internship in IT Security - if you are still in school. This will help provide you an opportunity to get hands-on real-world security experience and also help you network within the security market for future job prospects. Security has become significant in every industry today and there are decent entry level positions available for young job seekers.
To get started click on http://careers.bankinfosecurity.com/ and post your resume today to start exploring an innumerable amount of opportunities!
Get Certified - Get the right certifications. There are basically three types: vendor- and technology-specific, skills-based, and knowledge-based. Most professionals need all three at different places and point in their career. For entry to mid level positions' getting certified in a specific technology and skill by a specific vendor such as Check Point, Cisco or Microsoft is a good starting point. For a broad based knowledge security professionals should look into certifications like Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), certification, or Global Information Assurance Certification (GIAC).
Average salary includes -
¢ Chief Security Officer/ Chief Compliance Officer/Chief Privacy Officer- $132.9 K
¢ Director of Information Security/Information Assurance-$139.3K
¢ Manager Information Security/ Compliance- $105.2K
¢ IT Security Engineer/ IT Auditor-$105.5 K
¢ Security Analyst-$91.3K
¢ IT/Network Engineer-$76.5 K
Average Base Salary (U.S. National) Source - 2007 Salary Survey by SC Magazine & EC-Council
Learn & Contribute - For continuous training and education, join a professional security group and work together to enhance and develop best security practices. Attend security seminars; be active in online discussion forums and publications.