| In a 2009 ranking of the 50 best jobs in America, the | | | | by participating in activities such as forums and |
| information technology sector accounted for 17 slots. | | | | conferences. Many of these organizations also |
| Of these, information security jobs enjoyed some of | | | | promote study groups to help members earn their |
| the highest job growth, seeing a 27% increase in jobs | | | | security certification. This will bring up another dilemma |
| over the past ten years, which should not be surprising | | | | frequently discussed among Infosec Professionals: Will |
| since security threats and consequently stricter | | | | a certificate grant me a job? My personal answer to |
| regulations are emerging all the time, all over the world. | | | | that one is no, but the trick I learnt was: If you absorb |
| An information security career basically involves | | | | the information studied to achieve the certification |
| protecting one of the most valuable assets of a | | | | rather than just memorizing it for the test, you get a |
| company or organization: Its information. The threats | | | | head start when pursuing the first Information Security |
| are countless: from malware to | | | | job and demonstrates that you’re a self-learner |
| hackers, and unhappy employees to natural | | | | and proactive professional, two qualities very |
| disasters. The career requires fine skills and can be | | | | appreciated by organizations nowadays. |
| very lucrative, with the top IT security professionals | | | | - Another way to begin an information security career |
| able to command big paychecks. | | | | is to start your own security consulting firm. This is the |
| One good thing about an information security career is | | | | route many former self taught hackers/crackers have |
| that the barriers to entry are fairly low, since the skills | | | | taken after they’ve established that they have the |
| can be self-taught. However, while a formal degree in | | | | skill set to do computer security. Even being convicted |
| computer science is not an absolute necessity, having | | | | of a crime is not a bar (sometimes it even boosts your |
| one may prove to be a major factor in a firm’s | | | | career ) to getting an information security job , since |
| decision to hire you. Many potential employers will also | | | | many of those who have served jail time have |
| ask you for a professional certification in information | | | | successfully gone straight and rehabilitated themselves, |
| systems security. But nowadays, the main obstacle to | | | | going on to become successful security consultants. |
| get into the Security field is experience. To be | | | | Free-lance IT security professionals, in particular, should |
| considered for any Information Security Job most | | | | expect to see job growth, since many companies are |
| companies will want several years of experience | | | | trimming down their IT costs by outsourcing their |
| (around five is preferred). This might sound a bit like the | | | | computer security needs. |
| chicken and the egg problem: how to have experience | | | | Once you’ve established that you have the |
| if you can’t get the job, and vice versa? As I said | | | | qualifications for an information security career, you |
| before, you just need to plan. | | | | can begin looking for positions online. In my case, being |
| Fortunately, there are alternative ways you can start | | | | an Information Security Professional with experience |
| your information security career: | | | | plus certifications opened some doors abroad, and |
| - One is to establish your credentials in a related | | | | that’s definitely achievable if you plan. If you |
| information technology career before applying for | | | | don’t want to relocate, you may be able to find |
| information security jobs. For example, you can begin | | | | jobs locally by networking through your contacts in the |
| as a network administrator, gaining experience in how | | | | security association that you have joined. |
| to secure networks as well as how they can be | | | | I would appreciate to hear your comments and |
| penetrated, before moving on to become an | | | | experiences in the topic! |
| information security engineer. That’s exactly how I | | | | Good luck! |
| started my career around 14 years ago. | | | | PS: Although using the words “Information |
| - You can also begin actively networking by joining a | | | | Security”, the same rules apply when searching for |
| local chapter of a computer security association such | | | | IT Security, Compliance and Risk Management jobs. |
| as the Information Systems Security Association and | | | | |