Confused About Security Career

cyberguypr · June 2011

Sahil Arora wrote: »

Ok,but what about my Query?
Through search on Google,i found that Computer Crime Investigator is the top position in iNFORMATION Security field,is it right?

Can you point us to your source that says Computer Crime Investigator is the top position in InfoSec?

Sahil Arora · June 2011

Ok i accept that i was Wrong,it was mentioned that Computer Crime Investigation is the Top Position in IT.
And that means there is no top Position in Information Security field??
for example for networking we have it;Network Architect!and for Cisco:Cisco Architecture!

ipchain · June 2011

Okay, I see the pattern. What you are looking for is called 'Security Architect'.

Sahil Arora · June 2011

That means this Position is Top Level among Security Professionals?

Cisco Inferno · June 2011

i love this thread.

JDMurray · June 2011

Cisco Inferno wrote: »

i love this thread.

We're just doing our part to help shore-up someone's self-esteem by getting him started with a career in IT.

<-- Couldn't say that and keep a straight face.

JDMurray · June 2011

Sahil, I admire your great desire to become "Top Level among Security Professionals." More IT people should have this goal and the drive to get there. However, you can't climb Mt. Everest by first thinking about the top. There are many paths to the "Top Level," so you must start at the bottom with a few Sherpas to guide you. Ask the Sherpas here at TechExams how you should first start up the path to the top.

cyberguypr · June 2011

JDMurray wrote: »

Sahil, I admire your great desire to become "Top Level among Security Professionals." More IT people should have this goal and the drive to get there. However, you can't climb Mt. Everest by first thinking about the top. There are many paths to the "Top Level," so you must start at the bottom with a few Sherpas to guide you. Ask the Sherpas here at TechExams how you should first start up the path to the top.

Two things: JD is a very wise man and has way more patience that me.

JDMurray · June 2011

cyberguypr wrote: »

Two things: JD is a very wise man and has way more patience that me.

Clicks on my post's rep button are always appreciated!

instant000 · June 2011

Sahil Arora wrote: »

Hey Buddies!
I am From India,Sahil Currently Pursuin Graduation(BCA 2nd year) alongwith GNIIT in Hardware and Networking Domain.
Please help me in my Career:
1.I want to be on the top Position among Information Security Professionals.Please help me where to i start with,i searched a lot of Internet but didn't found anything Worth.
2.I don't have even Comptia A+ Certification since i just got only training from GNIIT.
Please give me Suggestions so that i can make my "Lovely Dream Become True"
Also i do have Questions regarding Servers,please help me in that too.
Please guys help me,i am really Confused

Read this thread, it should get you going in the right direction. Especially highlight any posts from a guy called "keatron"

http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

Sahil Arora · June 2011

Thanks a Lot to All you Guys who really helped and Motivated me,"A Special Thanks to JdMurray" who helped me to get started,i just really want to know that if there is any Specific field/Position in Information Security which is called as top,i have given Network Architect as an Example for the masters in Networks,please tell me if it is there.

docrice · June 2011

Sahil Arora wrote: »

i just really want to know that if there is any Specific field/Position in Information Security which is called as top.

There is no top. Only many mountains.

Sahil Arora · June 2011

Means there is no any such Position??

JDMurray · June 2011

Sahil Arora wrote: »

Means there is no any such Position??

There are many fields in Information Security, and each field has its top position. Top system security architect, top network security analyst, top Chief Security Officer, top digital forensics specialist, top risk manager, top penetration tester, and so forth. Pick your mountain, Sahil, and start climbing from the bottom.

If you must single out one InfoSec field that is above the other fields, I would say choose risk management. It is the presence of risk that makes security necessary; no other InfoSec field can come into play until risk management and assessment has been performed. I'm guessing that in India, choosing risk management as your profession will most likely find you working for an insurance (assurance) company.

Sahil Arora · June 2011

You mean to say that Risk management is top over all Security fields??

JDMurray · June 2011

Sahil Arora wrote: »

You mean to say that Risk management is top over all Security fields??

In my opinion it is; others may disagree.

cyberguypr · June 2011

OK, I will try one more time. I refuse to give up.

Let's take the medical field as an example. You can be the "top" surgeon, "top" gynecologist, "top" podiatrist, "top" pediatrician, etc. See the pattern? All of those "top" professionals are specialized in what they do. There is no "top" doctor. You just can't be a master of everything. You can't measure one "top" specialized doctor as being better or worse than another "top" specialized doctor.

As docrice said, "There is no top. Only many mountains."

As I said a few posts back, There is no universally recognizable "Top Security" position.

You can be a Forensics expert, a Penetration expert, Auditing expert, InfoSec Director, you name it. Security positions cover different areas of responsibility. There is no definitive hierarchy that will establish one position as being above any other. Besides, beauty is in the eye of the beholder. For me, the "top" security position may be pen testing. For others it may be Intrusion Analysis.

Takeaway: There is NO "top" position in InfoSec. Choose what you like and try to be the best.

Sahil Arora · June 2011

That's what the reply i want thanks a Ton for the Reply,now one Question left is that is there any Particular Information Technology degree/certification/course/Program which can have control above all others,i mean which can control others such as a Person who can go and ask anyone what are you doing this,why are you doing this and by whom permission you are doing this?

JDMurray · June 2011

Sahil Arora wrote: »

That's what the reply i want thanks a Ton for the Reply,now one Question left is that is there any Particular Information Technology degree/certification/course/Program which can have control above all others,i mean which can control others such as a Person who can go and ask anyone what are you doing this,why are you doing this and by whom permission you are doing this?

If there was such a thing today, it would change and not be on top tomorrow. Survival of the fittest is the way things are here in the Capitalistic Western world. Nothing can stay on top for very long (depending on what you consider "long" to be). The top one day is the middle-of-the-pack-and-falling the next.

Getting a degree starts not at the top, but with how much money can you afford to borrow. Then you can decide where "the top" is for you.

Sahil Arora · June 2011

i agree with you cyberguypr,but read post number 47,the Admin told me that Risk Management is the top Position among all Infosec Fields,what reply you want to give me now?
And in your post i found this line:

InfoSec Director, you name it.

what do you mean by this line?

pzero · June 2011

This thread is cracking me up. To me it seems like your looking for the highest paying job and want to get there in the quickest amount of time with the smallest of efforts. It just wont happen. Its a long path to travel.

There is ample information in the forum to discover the different areas of infosec and what certifications and study paths to persue. Theres no point working a job you dont enjoy as you wont be motivated to excel at it.

If your just starting out then study the Security+ materials, at that stage you should have a better idea of what areas you want to persue, take it one step at a time buddy your a long way from "top".

Sahil Arora · June 2011

No actually hold on,i was waiting for Jd and cyberguypr to reply!

onesaint · June 2011

Sahil Arora wrote: »

No actually hold on,i was waiting for Jd and cyberguypr to reply!

I think you've got us all going on this one.

Honestly, I would make sure you've read though

here:
http://www.techexams.net/forums/security-certifications/24759-need-helping-chosing-security-certification.html

here:
http://www.techexams.net/forums/security-certifications/61252-computer-forensics-certifications.html

here:
http://www.techexams.net/forums/security-certifications/17522-career-advice-needed.html

and here:
http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

before going further. Possibly your question of one supreme infosec leader can be answered in there.

After that, any question of translation or meaning I'm sure would be answered happily.

cyberguypr · June 2011

Time to start a poll for Best Thread of 2011. Although we all know how that's gonna go.

ipchain · June 2011

From my experience, classifications, titles and positions vary from organization to organization. What an organization might consider a 'Security Architect' another one might consider a 'Network Security Architect' or a 'Sr. Security Analyst'.

From the technical point of view, your "Top" position might be "Security Architect", "Network Security Architect", "Sr. Security Analyst" or "Sr. Security Systems Engineer", but again, the title is relative to the organization in question.

From a managerial point of view, your "Top" position might the "Chief Security Officer (CSO)", "Chief Information Security Officer (CISO), "Information Security Officer (ISO)" or "Security Manager".

Many other titles apply to "Top" positions in other areas, but I suggest you do a bit of research on the area that attracts you the most. Moreover, there are mountains to climb as others have already suggested, so expect to start as a 'Security Analyst' or 'Jr Security Analyst", maybe even as an 'Intern'.

Sahil Arora · July 2011

I hope i won't get answer of post number 51,rest all you guys said is right,i Accept that,but still post number 51 is Unanswered by 2 Individuals!!

JDMurray · July 2011

A Directory of Information Security, or Chief Security Officer, is someone who controls the policies, procedures, operations, and future direction of information security within the business and infrastructure of an organization. This position takes not only an understanding of InfoSec, but also of business, team building, project management, and corporate politics.

New potental best-thread-of-2011 here: http://www.techexams.net/forums/virtualization/67716-commencing-virtualization-certifications.html

Sahil Arora · July 2011

You guys help me with a Great way;
First of all help me with easy going moods and then humiliate me with the words like this thread should be treated as best thread and New potental best-thread-of-2011 here: Commencing Virtualization Certifications
Very nice,good way of helping me!!
And also,Chief Information Officers/Directors jobs are co-related with Computer Forensics,i mean these Directors/Officers can do the legal work too?

MechaniX · July 2011

darkladdie · July 2011

Sahil Arora wrote: »

You guys help me with a Great way;
First of all help me with easy going moods and then humiliate me with the words like this thread should be treated as best thread and New potental best-thread-of-2011 here: Commencing Virtualization Certifications
Very nice,good way of helping me!!
And also,Chief Information Officers/Directors jobs are co-related with Computer Forensics,i mean these Directors/Officers can do the legal work too?

Sahil, I am hoping all that we are dealing with here in this thread is a language barrier. But on to your question about CIO(Chief Information Officer)/Director level jobs being co-related with Computer Forsensics and that these Directors/Officers doing the legal work too? It depends, if you are dealing with a small company (less than 100 employees in my experience) then yes this can happen. But for larger companies this is not usually the case. CIO/Director level jobs would usually not be doing this work. They might be reviewing the work, reports or just get updates about the status of the work being performed by Computer Forsensics Investigators. As it seems you are just finishing up with school or just graduated, you should be aware that CIO/Directors level jobs are Management level jobs and that Computer Forensic Investigators are Operational jobs. In other words Computer Forensic Investigators are where the grunt or low level work occurs. As you move up in Security field, you will realize at one point or another that you will have a choice to make. That choice being, Do you want go on the Management or Technical path for you career? The technical path being that you still get your "hands dirty" in handling security events, configuring devices and/or software and performing investigations. While the management path involves more managing people and projects, setting budgets, setting corporate policy and strategy and looking for ways to generate revenue (more so with corporations than with government). When thinking about the management path refer to Bill Gates as an example. But either way, learning to communicate effectively will be essential in either path you choose. So keep posting questions and responding to posts on this and many other forums on the Internet to improve this valuable skill. You may find at some point, poor communication skills will limit the options available for career growth more so than technical knowledge. I hope this helps you out as I am still working on being a more effective communicator myself.

)

Confused About Security Career

Comments