What is the actual career path of becoming network security ?
davisromeo
Member Posts: 1 ■□□□□□□□□□
in Networking
It has been a long time for me hearing too many different view about the carrer path of becoming network security
Answers
-
JDMurray Admin Posts: 13,099 AdminThis is because every organization is different in its design, information, and people. Are you interested in NetSec architecture, engineering, or operations? In any case, a high-paying NetSec career path starts with a solid foundation in all three. You can't protect something that you don't understand how it's designed, built, and works. You also have to understand the information the network you are protecting is used to convey and the laws and regulations that enforce its protection.Having said all that, what's your baseline for knowledge and skills in IT networking and security?
-
E Double U Member Posts: 2,239 ■■■■■■■■■■You will always hear too many different views when you ask many people a vague question that has more than one right answer. Everyone's path is different so if you are looking for one definitive way then you simply will not find it. Here is my path:
I was in general IT (building computers, hardware refresh, support) before landing a networking position at a telco. After 5+ years spread across two networking teams (NOC, config) I landed a spot in the same company's SOC working on firewalls and proxies which lasted one year. Next I joined a financial institution's info sec team managing the firewalls, proxies, and VPN amonst other things for 3+ years. Then I joined another bank's SOC which inolved managing the NIDS solution and taking over the change management process. Being responsible for reviewing all changes made by our support provider on all network devices led to me growing into a lead role for a small team dedicated to securing the bank's perimeter. Since there was overlap with the work I was doing and another team it led to my group being merged with the network security team.
That is how it went for me as someone that did not aim for a career in network security. That is just how things unfolded.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
DatabaseHead Member Posts: 2,757 ■■■■■■■■■■E Double U said:You will always hear too many different views when you ask many people a vague question that has more than one right answer. Everyone's path is different so if you are looking for one definitive way then you simply will not find it. Here is my path:
I was in general IT (building computers, hardware refresh, support) before landing a networking position at a telco. After 5+ years spread across two networking teams (NOC, config) I landed a spot in the same company's SOC working on firewalls and proxies which lasted one year. Next I joined a financial institution's info sec team managing the firewalls, proxies, and VPN amonst other things for 3+ years. Then I joined another bank's SOC which inolved managing the NIDS solution and taking over the change management process. Being responsible for reviewing all changes made by our support provider on all network devices led to me growing into a lead role for a small team dedicated to securing the bank's perimeter. Since there was overlap with the work I was doing and another team it led to my group being merged with the network security team.
That is how I went for me as someone that did not aim for a career in network security. That is just how things unfolded.
If you want one word that will describe what you are looking for, attrition.
A little longer and my favorite is one of my former co-workers. Worked on the helpdesk for ~8 years two different companies. He moved up 1, 2 etc... Was approached by a security team member to do analyst work. Worked his way up to security manager while doing that they wanted him to get a cert so he did the CASP.
He is now a regulatory security specialist manager (know idea really) and does very well. -
herorabbit Member Posts: 2 ■□□□□□□□□□I would say you have 2 ways, first one is to learn by yourself with Youtube/Udemy and etc and the second one is to find a real practice in the office (even without salary) and get there a lot of practical knowledge. But the best way is to combile both ways