Need help to enter Security field

Abhishek a.k.a Blackshiel

With a batchelor's degree in Business administration and background of commerce, i dream of entering into technology field of security. Looking forward to persue comptia sec+ (as an entrant certi) studies and finally giving exam for the same, will this get me a reputed job? What should i do? Am i going right? Are my qualifications appropriate for industrial needs? ( im from india ). What kindof job will i get.

pinkydapimp

Security is a huge field FYI. My suggestion is to learn your foundational skills. Networking, and OS for starters. Once you have a strong understanding of how networks and Operating Systems work, then you can start to learn their vulnerabilities and how to protect them. I think any direction you go in you will benefit from those skills. For the OS, Microsoft and linux i would recommend. And keep in mind there are rarely entry level roles in security, so they typically require you to have experience. So learn, get a job, get some experience and then start thinking about which area of security you want to venture in. These are just some of the different areas:

Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)

Confidentiality, integrity, and availability concepts
Security governance principles
Compliance Legal and regulatory issues
Professional ethic
Security policies, standards, procedures and guidelines

Asset Security (Protecting Security of Assets)

Information and asset classification Ownership (e.g. data owners, system owners)
Protect privacy Appropriate retention
Data security controls Handling requirements (e.g. markings, labels, storage)

Security Engineering (Engineering and Management of Security)

Engineering processes using secure design principles
Security models fundamental concepts
Security evaluation models
Security capabilities of information systems
Security architectures, designs, and solution elements vulnerabilities
Web-based systems vulnerabilities Mobile systems vulnerabilities
Embedded devices and cyber-physical systems vulnerabilities
Cryptography Site and facility design secure principles
Physical security

Communication and Network Security (Designing and Protecting Network Security)

Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
Secure network components
Secure communication channels
Network attacks

Identity and Access Management (Controlling Access and Managing Identity)

Physical and logical assets control
Identification and authentication of people and devices
Identity as a service (e.g. cloud identity)
Third-party identity services (e.g. on-premise)
Access control attacks
Identity and access provisioning lifecycle (e.g. provisioning review)

Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

Assessment and test strategies
Security process data (e.g. management and operational controls)
Security control testing Test outputs (e.g. automated, manual)
Security architectures vulnerabilities

Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery)

Investigations support and requirements
Logging and monitoring activities
Provisioning of resources
Foundational security operations concepts
Resource protection techniques
Incident management
Preventative measures
Patch and vulnerability management
Change management processes
Recovery strategies
Disaster recovery processes and plans
Business continuity planning and exercises
Physical security
Personnel safety concerns

Software Development Security (Understanding, Applying, and Enforcing Software Security)

Security in the software development lifecycle
Development environment security controls
Software security effectiveness
Acquired software security impact

twodogs62

Why did you not start out with Technical degree in Computer Science?