Penetration Testing/IT Security/Network Security Engineer
MasterBullfrog
Member Posts: 28 ■□□□□□□□□□
Hi guys, have a question here.
I'm in my last year of a CIS degree at my uni and the fields in the thread title have been appealing my interests the most.
I've attended a few meetings/classes on ethical hacking, etc but was wondering, if there are any in this field already, can you confirm the results I have been seeing (that is, Penetration testers typically make a bit lower on the payscale)
Also, if I could get pointed to some good sources to read up on that would be great. Lately I've had 50+ tabs open on this stuff and it seems like everything I'm reading has been repetitious.
Thanks
I'm in my last year of a CIS degree at my uni and the fields in the thread title have been appealing my interests the most.
I've attended a few meetings/classes on ethical hacking, etc but was wondering, if there are any in this field already, can you confirm the results I have been seeing (that is, Penetration testers typically make a bit lower on the payscale)
Also, if I could get pointed to some good sources to read up on that would be great. Lately I've had 50+ tabs open on this stuff and it seems like everything I'm reading has been repetitious.
Thanks
Comments
-
docrice Member Posts: 1,706 ■■■■■■■■■■As usual, I think it highly depends on a number of factors such as experience, etc.. Have you taken a look at the 2008 SANS salary survey already?
http://www.sans.org/security-resources/salary_survey_2008.pdfHopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
MasterBullfrog Member Posts: 28 ■□□□□□□□□□As usual, I think it highly depends on a number of factors such as experience, etc.. Have you taken a look at the 2008 SANS salary survey already?
http://www.sans.org/security-resources/salary_survey_2008.pdf
Yes, checked this right before I posted this actually -
docrice Member Posts: 1,706 ■■■■■■■■■■I was under the impression that good pentesters are paid on the higher end of the scale, simply because they would need a solid background on networking, systems, applications, code, architecture, and communication (writing) skills for the documentation / reporting cycle. Requiring deep knowledge in all those areas makes this kind of work relatively specialized compared to being, say, a firewall / VPN admin.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
-
phantasm Member Posts: 995Time for my canned response. Your'e about to graduate from college, congratulations!! Well done. Now with that said, don't expect a silver platter in the IT field. You won't be a pentester or Network Security Engineer right out of school, expect to work with everyone else and start out on the helpdesk or in the NOC answering calls. If you're lucky, you might land in the SOC instead, but that is dependendant upon organization.
If you have no certs then I would look to the Security+, CCNA and CCNA Security. The higher end career certs in the infosec world are the CISSP and CEH plus a few others that elude me.
Yes top end Network Security Engineers and Pentesters get paid a good amount of money, but they have years and sometimes decades of experience. Don't let that disuade you, work hard and do your time and it'll come soon enough."No man ever steps in the same river twice, for it's not the same river and he's not the same man." -Heraclitus