Skip to main content
8 answers
9
Asked 958 views Translate

What is the best path for a student of information technology or related field that wishes to start a career in Information Security?

I am graduating soon, and want to work in Information Security.

What certifications, if any, are required/appropriate?
Should I get programming work experience before attempting to move into Information Security?
Is there any other advice that you can give that might help me break into the field? #cyber-security #information-security #cybersecurity

+25 Karma if successful
From: You
To: Friend
Subject: Career question for you

9

8 answers


0
Updated Translate

Jarrett’s Answer

It really all depends upon your interests in security. If you are seeking more of an information security governance risk compliance type role I would highly suggest looking into the following certifications: CISM, CISA, CISSP, Security+ . While costs and time vary per certification; it may help through the interviewing process for an entry level role.

All the aforementioned will give you a baseline information security overview which can further translate to entry level roles in big4 type technology advisory firms and analyst type roles within certain companies who need to fill InfoSec GRC type roles. These types of roles will give you broad perspective of the various confidentiality, integrity and availability type controls an organization needs to meet on an ongoing basis and thus further help provide and overview of various information security and engineering domains across the company.
0
0
Updated Translate

Michael’s Answer

There are many paths to careers in Infosec, in my case I went back to school at 39 years old for Network Security Mgt from a 2 year college. Was the best decision I've ever made and have no regrets. I started off as a Unix support then pivoted into security performing vulnerability scans on servers. One path to consider is to work for a security vendor in their technical support group. This path you learn the appliance's plus meet and work with people in the field while growing your skills.

Intership: If your school offers an intership this is a great way into the field. Usually if a company is offering cyber in their intership they would also be hiring them as well.

Certificates: look for entry cyber certificates such as Certified Ethical Hacker (CEH), Security+ or Systems Security Certified Practitioner (SSCP).

Self learn: Continue learning and integrate these skills in your everyday life. Make Linux your everyday Operating System, code small jobs in Python, become familiar with github and test some popular cyber apps.

0
0
Updated Translate

Ken’s Answer

If you are graduating high school soon and planning to go to college, study computer science and get the CompTIA Security+ certification. If you are going to try to dive in without going to college, get a job at a company you find interesting and don't worry as much about it being the job of your dreams. Take a help desk or other support position and learn what the work environment is like. Make friends and network with professionals on the teams you're interested in. If they already like you and you are helping them you'll be a great candidate when a position opens.
0
0
Updated Translate

Rob’s Answer

I would highly recommend getting some sort of technology degree or background. Whether it's programming, network administration, system administration, etc., having a "hard" technology background will be helpful in making you stand out, and also being able to add value on your first day at work. Most importantly, get that background in something that really *interests* you, so that you enjoy the "doing" of the work.
0
0
Updated Translate

Jim’s Answer

Since information security can, in itself follow many paths, I would explore the different paths and see what catches your attention. Look at SANS Institute for samples of these paths. Also pursue the Security+ Certification to get you started.  Pursue both your degree AND certifications.  Look into internships that give you exposure to BOTH the technical side and business side of security.

Jim recommends the following next steps:

Review SANS Institute's website
Obtain Security+ certification
Look into internships for security
Thank you comment icon Another big certification (that's definitely harder than most) is the OSCP (Offensive Security Certified Professional). I've included a link with some information: https://www.tripwire.com/state-of-security/security-awareness/oscp-journey/ Best of luck! Doris Delgado
0
0
Updated Translate

Doris’s Answer

Another certification to consider is the Offensive Security Certified Professional (OSCP).

https://www.tripwire.com/state-of-security/security-awareness/oscp-journey/

Definitely alot harder than most.

Best of luck!

0
0
Updated Translate

Jamie’s Answer

Apply for a job at a security company! There is a huge shortage of people working in information security and companies are constantly hiring! RSA Conference is the biggest security conference worldwide and all information security companies are there. So just go to the 2018 conference site and look at the exhibitor list, find some security companies you like and then go to the company web site and start applying!

https://www.rsaconference.com/events/us18/expo-sponsors/exhibitor-list


0
0
Updated Translate

Richard’s Answer

To go in an Information Security career, the first thing that you should do is to have atleast a bachelors degree from computer science or engineering. You should build a strong base and understand the basics of various components in computer science. There are certain university who provide some courses in cryptography, computer networks, network security. A professor or an academic advisor can better guide you on building a career in information security once you enroll in an university.
Research on various university which offers some info security programs before enrolling in one.
There are various Cisco certified courses like CCNA, CCNP etc. some of which focus on Computer Network and few courses are focussed on security as well. You can take a look at various Cisco courses here
https://learningnetwork.cisco.com/community/certifications


Good luck.

Thank you comment icon Thank you for this answer. Eric B.
0