3 answers
Cody
Student
Bamberg, South Carolina
4
Questions
Asked
342 views
Which steps have you taken in order to become an information security analyst?
I understand that you need to at least have a bachelor's degree for the most part to fill this role, but I'm curious about how you went about furthering your career from the ground up to the career. Did you take another entry level job? Because I understand that a lot of companies require their information security analysts to have 4-5 years of experience in a related field in order to be employed.
Login to comment
3 answers
Wilson Ung
Cybersecurity
29
Answers
Los Angeles, California
Updated
Wilson’s Answer
I started in Cybersecurity with a Bachelor's Degree in Computer Information Systems. How I started Cybersecurity was with 2 classes that taught the book version and the practical version, each their own classes.
Once I got interested, I participated in Capture-the-Flag (CTF) competition to gain web application hacking skills and been to outside meetings that talk about Cybersecurity & IT Audit.
One of the organizations that held the outside meetings recommended me to participate in being their Webmaster for the time being. I agreed and applied what I learned in CTFs whenever we needed to protect our websites.
After I left the organization, I applied for an entry-level Cybersecurity Consultant position and got accepted later on. Currently, I'm working on that said position and I'm eager to learn new things, while helping clients in the process.
Once I got interested, I participated in Capture-the-Flag (CTF) competition to gain web application hacking skills and been to outside meetings that talk about Cybersecurity & IT Audit.
One of the organizations that held the outside meetings recommended me to participate in being their Webmaster for the time being. I agreed and applied what I learned in CTFs whenever we needed to protect our websites.
After I left the organization, I applied for an entry-level Cybersecurity Consultant position and got accepted later on. Currently, I'm working on that said position and I'm eager to learn new things, while helping clients in the process.
Casey Lems
Security Engineer
3
Answers
Littleton, Colorado
Updated
Casey’s Answer
I graduated with a BS in Information System Security, but spent the first 6-7 years in tech support jobs of various kinds. I obtained my A+, Net+, CCNA, and spent my time focused on simply learning technology. I've found over the years that once you've learned how something works, it's so much easier to find the ways to exploit it/attack it. This is the experience that people are looking for specifically.
Technology:
I would HIGHLY encourage you to dig into whatever technologies you want to become an expert in and try to find an administrator/engineer role in that field. This accomplishes two things:
1. As mentioned above, you become intimately familiar with the technology (and common connection points to it)
2. Lets you determine if you actually like that area of tech.
3. When you start taking courses for security of the technology, you aren't pulling double duty trying to learn the tech AND how to secure it. So you'll walk away with much more knowledge as a result.
If you are looking to find an area where the job market is looking at short-medium term high demand, I would recommend considering the following technology areas:
- Cloud Infrastructure (AWS, Azure, Google cloud)
- Containers
- Container Orchestration (Kubernetes)
- Application Security (OWASP, Static Code Analysis)
Security Role
Keep in mind what kind of job you want. Do you want to respond to incidents and chase down hackers? Do you want to put defenses/monitoring in place to detect? Do you want to PenTest and find the weaknesses from the offensive side?
Each of these areas will come with a knowledge set that is more or less useful to the role. Use this time to explore the tech, learn what you like and don't like, and do your best to absorb as much as you can (even from roles you don't like).
Skils
There are some 'skills' that are becoming more and more expected in roles, but some very general skills that are very very valuable to have include:
- Firm understanding of the OSI model (Network stack) and understanding how different security devices (IDS, Firewalls, Proxies, etc.) help with defending, and at what layers.
- Containers - All the things about them. This is not going away.
- Python (scripting in general, but python is certainly pretty 'default' for the moment at least with javascript being a close second)
Lastly, I want to echo the comment from Wilson in regards to CTFs. There's asynch CTFs like D**n (profanity filter doesn't like this i guess lol) Vulnerable Web App (https://github.com/digininja/DVWA) and Hack the Box (https://www.hackthebox.com/hacker/ctf). And there's a multitude of 'live' CTFs throughout the year, many times held during/in parallel to cyber security conferences, but sometimes not. https://www.sans.org/mlp/holiday-hack-challenge/ is a good holiday one.
CTFs are built with the beginner in mind and expose. you to several areas of cybersecurity to help you determine what you like and don't like doing/puzzling out. So it's another way to help you determine what area of security you want to be involved.
Mentorship:
Be on the lookout for someone that knows their stuff in your workplace. Don't be afraid to ask questions! Don't be afraid to setup time to ask them to walk you through / explain something to you that you don't understand.
I do this by trying to find positions where I'm the least knowledgable person on the team. Because then I can learn from everyone!
My takeaway:
Find a part of security you find fun and use that motivation to play around until you understand that technology better than anyone. Then tackle the security part :)
Best of luck!
Technology:
I would HIGHLY encourage you to dig into whatever technologies you want to become an expert in and try to find an administrator/engineer role in that field. This accomplishes two things:
1. As mentioned above, you become intimately familiar with the technology (and common connection points to it)
2. Lets you determine if you actually like that area of tech.
3. When you start taking courses for security of the technology, you aren't pulling double duty trying to learn the tech AND how to secure it. So you'll walk away with much more knowledge as a result.
If you are looking to find an area where the job market is looking at short-medium term high demand, I would recommend considering the following technology areas:
- Cloud Infrastructure (AWS, Azure, Google cloud)
- Containers
- Container Orchestration (Kubernetes)
- Application Security (OWASP, Static Code Analysis)
Security Role
Keep in mind what kind of job you want. Do you want to respond to incidents and chase down hackers? Do you want to put defenses/monitoring in place to detect? Do you want to PenTest and find the weaknesses from the offensive side?
Each of these areas will come with a knowledge set that is more or less useful to the role. Use this time to explore the tech, learn what you like and don't like, and do your best to absorb as much as you can (even from roles you don't like).
Skils
There are some 'skills' that are becoming more and more expected in roles, but some very general skills that are very very valuable to have include:
- Firm understanding of the OSI model (Network stack) and understanding how different security devices (IDS, Firewalls, Proxies, etc.) help with defending, and at what layers.
- Containers - All the things about them. This is not going away.
- Python (scripting in general, but python is certainly pretty 'default' for the moment at least with javascript being a close second)
Lastly, I want to echo the comment from Wilson in regards to CTFs. There's asynch CTFs like D**n (profanity filter doesn't like this i guess lol) Vulnerable Web App (https://github.com/digininja/DVWA) and Hack the Box (https://www.hackthebox.com/hacker/ctf). And there's a multitude of 'live' CTFs throughout the year, many times held during/in parallel to cyber security conferences, but sometimes not. https://www.sans.org/mlp/holiday-hack-challenge/ is a good holiday one.
CTFs are built with the beginner in mind and expose. you to several areas of cybersecurity to help you determine what you like and don't like doing/puzzling out. So it's another way to help you determine what area of security you want to be involved.
Mentorship:
Be on the lookout for someone that knows their stuff in your workplace. Don't be afraid to ask questions! Don't be afraid to setup time to ask them to walk you through / explain something to you that you don't understand.
I do this by trying to find positions where I'm the least knowledgable person on the team. Because then I can learn from everyone!
My takeaway:
Find a part of security you find fun and use that motivation to play around until you understand that technology better than anyone. Then tackle the security part :)
Best of luck!
Peter Huang
Security consultant
79
Answers
Cupertino, California
Updated
Peter’s Answer
the need for 4-5 years experience in security field is not uncommon and here is the reason why: In order to handle IOC (incident of comprise), one would need to have some background on operating system, network and environment when it happened, those take more time since it is not like programming which focus on a single problem. However, please do not let that to discourage you. Most of time, you're facing with lots of data and try to make sense of it. So learning some scripting skill python/powershell will reduce the work into smaller pieces. Also keep up some with some youtube channel (like SANS) on security topics, that will allow you to understand the approaches the professionals are taking. there are lots of github stuff that also prepare you in identify threats and issues. the focus should be more than just getting into the door but able to do well once you get in. the job can be stressful and will lead to burn out if not careful. Hope that help.