security position
mallard20
Member Posts: 9 ■□□□□□□□□□
Here is some background. I work for a medium sized bank and have been in the help desk/network position for a year. Our Information Security Tech left the company and I have been asked to assumer that role. Only problem is....I have no idea what I am doing? Is there anyone out there in the forum that can point me in the right direction to get me started. Thanks in advance.
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□As far as certifications go, the Security+ is the obvious choice.
This sounds like a really bad situation. I would not want to be in charge of security for a financial institution if I didn't know what I was doing. You shouldn't let them force you into a role you're not comfortable with. -
iowatech Member Posts: 120http://www.microsoft.com/technet/solutionaccelerators/wssra/raguide/ArchitectureBlueprints/rbabsa_2.mspx#EMH
A lot to chew on but will give general concepts of everything to consider then you can go from there. -
mallard20 Member Posts: 9 ■□□□□□□□□□I'm not very comfy with it but I feel as if I can do it. I know it's a great start in the security field. I already have Security+ and they will be sending me to SANS Security 401 class for a week soon. I guess my real concern is the auditing part. Any help will be appreciated. Thanks.
-
seuss_ssues Member Posts: 629I dont want to sound negative, but truely learning security takes longer than a few weeks and reading a few books. It is without a doubt a journey.
You may be a very capable person and learn very quickly, but i would hate to be the person ultimately responsible for their security unless i knew without a doubt that i could more than easily handle the situation.
It would just be horrible to take on the challenge, have an incident occur that you cant handle then find yourserlf job searching again.
edit
****i missed your post about sec+ and going to SANS, so it does appear that you do have a good fundamental understanding of many of the concepts.
All i can say then is good luck and congrats on getting the foot in the door. -
empc4000xl Member Posts: 322Your back has other branches right? Well talk to those security guys and build relationships let them know you are the new security guy at your branch. Find the manuals for all the gear you are operating, and find out the e-mails and telephone numbers of tech support that support the new gear you have. Find out the companies policy and vison towards security. I have picked up a lot of equipment in my miitary time and that usually works when we have no idea what we are doing. Its better to say you need help at the beginning, and take action, rather than be exposed later on when you been at the job for a while
-
iowatech Member Posts: 120I'm not very comfy with it but I feel as if I can do it. I know it's a great start in the security field. I already have Security+ and they will be sending me to SANS Security 401 class for a week soon. I guess my real concern is the auditing part. Any help will be appreciated. Thanks.
In banking they have friendly "real" audits, and then the actual "government" audits usually this one is every 18 months the friendly every 6 months.
Is this how your bank functions? If so I have some details on auditing I could give you. -
networker050184 Mod Posts: 11,962 ModJust let them know you are wet behind the ears. If you try to BS then you might end up getting let go. Just be honest.An expert is a man who has made all the mistakes which can be made.