How does one "break" into the IS Security industry?

MSP-ITMSP-IT Member Posts: 752 ■■■□□□□□□□
in IT Jobs / Degrees
By 2014, I'll have my B.S. in IT Security from WGU and will hopefully have the C|EH and SSCP alongside my Security+ and CCNA Security. Basically, I will want a job that can contribute towards the 5 years required experience for the CISSP. I would like to get into the industry as soon as possible. What type of entry level jobs are there? I searched for entry level network security, but not much came up.

Ideas?
· Share on FacebookShare on Twitter

Comments

  • dbrinkdbrink Member Posts: 180
    My advice would be to find an internship as soon as possible to get experience.
    Currently Reading: Learn Python The Hard Way
    http://defendyoursystems.blogspot.com/
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    This has come up a lot lately. I would recommend a forum search.
    · Share on FacebookShare on Twitter
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    One of the unspoken tests of your potential as a future infosec professional is your ability to research and figure out the details on your own. Searching this forum should yield many results.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
    · Share on FacebookShare on Twitter
  • dontstopdontstop Member Posts: 579 ■■■■□□□□□□
    via a Buffer Overflow
    · Share on FacebookShare on Twitter
  • zrockstarzrockstar Member Posts: 378
    1HeAJ.jpg

    Man I'm sorry, I just read the title and couldn't resist :P
    · Share on FacebookShare on Twitter
  • ChooseLifeChooseLife Member Posts: 941 ■■■■■■■□□□
    zrockstar wrote: »
    Man I'm sorry, I just read the title and couldn't resist :P
    ROFL, I just watched the FotR a few days ago, and so this one was right on
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    GetCertified4Less     - discounted vouchers for certs
    · Share on FacebookShare on Twitter
  • ChooseLifeChooseLife Member Posts: 941 ■■■■■■■□□□
    MSP-IT wrote: »
    Ideas?
    There are dozens if not hundreds of threads on TE started with a question just like this, with some extremely valuable and detailed responses from some very respectable people. I trust you can find them easily.
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    GetCertified4Less     - discounted vouchers for certs
    · Share on FacebookShare on Twitter
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I nominate that picture to be the official infosec sticky.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
    · Share on FacebookShare on Twitter
  • ChooseLifeChooseLife Member Posts: 941 ■■■■■■■□□□
    docrice wrote: »
    I nominate that picture to be the official infosec sticky.
    I absolutely second that
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    GetCertified4Less     - discounted vouchers for certs
    · Share on FacebookShare on Twitter
  • MSP-ITMSP-IT Member Posts: 752 ■■■□□□□□□□
    zrockstar wrote: »
    1HeAJ.jpg

    That is truly wonderful.
    · Share on FacebookShare on Twitter
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Oh, that's just too good :)
    · Share on FacebookShare on Twitter
  • About7NarwhalAbout7Narwhal Member Posts: 761
    Guess everyone beat me to the punch on the "Break" play, huh? Well, on a more serious note: Does security really have that high of a demand? While I understand that things need to be secured, and businesses are looking for specialists to fill those roles, it seems to me like the flooding of Security Specialists will eventually result in a recession. How common is it for a company to need more or new security techs?
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    ^ From what I have seen in my own organization, Security Operations has relatively high turnover due to burnout and/or leadership changes. I don't have statistics on the supply/demand of Security, so take that for what it's worth.

    I did want to bring a different perspective to the table as someone who just accepted his first security role. I recently obtained a job as a Security Analyst working in a SOC and here are a few things that stuck out in my interview:

    +Broad knowledge: I was asked about OS's, malware, networking theory, network devices, etc. While I may start off in a network-related role in the SOC, it seemed important that I had a broad range of knowledge covering a large amount of IT.

    +Mindset: I believe it was docrice who in another thread said security is a mindset. Absolutely correct. I was asked questions that would force me to convey my philosophy of information security.

    +Interest/Passion: Last but not least, it was blatantly apparent that my hiring manager was looking for someone who geeks out on this stuff. 'Who do you look up to in this field?' 'What infosec publications do you stay current with?' 'What have you done to prepare yourself for work in security?' 'What related formal training have you taken part in?'

    My two cents.
    · Share on FacebookShare on Twitter
  • dnvs1dnvs1 Registered Users Posts: 1 ■□□□□□□□□□
    Hey thank you for your input. I have been in he'll desk/Jr admin positions for 6 years. I have been planning to move on this to move on to security. However I have been struggling with scheduling time to study and the demands of home, office, and r&r. I am a geek on technology and have a natural sponge when it comes to technology. Hard wired that way I guess. Where would suggest I start? Security+?
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Security+ is a nice jumping off point because it touches many different domains from a bird's-eye view. I also think networking is important because the network is the backdrop for legitimate business activity in most organizations. Protecting it is important. As far as networking is concerned, Net+ is a nice start and if you want to go deeper CCNA or the Juniper equivalent is the next step - CCNA is also the prerequisite certification for CCNA: Security so it has value there too.

    This is starting to look like a you-should-do-what-I-did post, so I'll stop here. In the end we all instinctively do what we believe is best, and if you work hard I like to believe it will pan out for you. I don't have any connections in this field and nobody handed me anything. It is something you have to earn and take.
    · Share on FacebookShare on Twitter
  • SimberTarianSimberTarian Registered Users Posts: 1 ■□□□□□□□□□
    I have always known the term "It is not what you know, it is who you know". For instance, getting your Ethical Hacker Cert, go find some other hackers and network. Go to the conferences and network (whilst having a blast and learning), volunteer at security organizations (sometimes they really do just need grunts to gopher things), join hacker groups (hackerspaces, local Defcon groups, etc), network with them on twitter, do some things that add value.
    Be a part of the InfoSec community. Before you know it you are inherently sitting next to a senior VP who happens to be hiring or knows one of his buddies who is and has taken a liking to you. Heck, maybe you get a mentor at the least and who wouldn't want that?

    What do hackers do? Solve puzzles and find another way in.....
    · Share on FacebookShare on Twitter
  • LinuxNerdLinuxNerd Member Posts: 83 ■■□□□□□□□□
    SimberTarian wrote: »
    I have always known the term "It is not what you know, it is who you know". For instance, getting your Ethical Hacker Cert, go find some other hackers and network. Go to the conferences and network (whilst having a blast and learning), volunteer at security organizations (sometimes they really do just need grunts to gopher things), join hacker groups (hackerspaces, local Defcon groups, etc), network with them on twitter, do some things that add value.
    Be a part of the InfoSec community. Before you know it you are inherently sitting next to a senior VP who happens to be hiring or knows one of his buddies who is and has taken a liking to you. Heck, maybe you get a mentor at the least and who wouldn't want that?

    What do hackers do? Solve puzzles and find another way in.....

    There is this ^ and there is also straight knowing your stuff. Coding some programs, writing a few white papers. Both are paths.

    It's never a requirement to know people, although it is one path.

    The Industry is in a bubble and will pop in 5 years, but until then the going is good and there's lots of money to be made. In 5 years time be prepared to already transition into something else or be the top in your field else it's the unemployment line.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.