Where can I start for an infosec job?

cw3k

I have recently passed the Security + and working on the CISSP. Base on the CBK, I can fulfilled 2 out of the 4 years require experiences. The part I believe my experiences qualify is access control.

My background is IT support. I have been working in business/IT support positions in the last few years. I do support for in house and commercial (Peoplesoft, MS CRM) enterprise applications for front office and I also had experiences leading a helpdesk team.

The domains I wanted to go into are one or all of these: Telecommunications and Network Security, InfoSec governance and Risk Management, or Security Architecture and Design.

My questions:
Where can I start and what do I need to do to land a position in these domain?

What can I expect for the salary?

Thank you.

paul78

Those 3 domains are pretty different - at least from my perspective. You aren't likely to find entry-level security jobs that combine too many of those, unless you are an IT auditor. But that experience would be fairly superficial (not that it's bad , just different).

Perhaps if you have an interest in the telecommunications and network security, try to start by getting a job in a SOC or NOC. Maybe pick up your CCNA to help you land that job.

With Infosec governance and risk management, you do need quite a few years of experience. At least, where I work, folks that are in that role are at the Director or VP level.

As for Security Architecture and Design - again the folks that I am accustomed to working with tend to have many years of either software engineering experience or if they are on the infrastructure side, tend to be very seasoned veterans.

Try looking on the job boards to get a feel of what's out there - that's usually a good place to give you ideas.