Do you need to know programming to work in IT security?

jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
I know IT security is broad, but for things like defensive security? Stuff that a Security Analyst with a CEH/Security+. I'm starting to work on AirWatch at my current job, and since it's security related, I'd like to learn more about security as a whole. The big question is though, do you need to know programming?

Comments

  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    It depends on type of security job you want, there is technical and nontechnical security roles.

    Generally should know a scripting language or two, ie powershell python ect..

    Now if only there was a few websites where can look at job descriptions and the skills required for those jobs...
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • aftereffectoraftereffector Member Posts: 525 ■■■■□□□□□□
    Even if you don't need programming knowledge at your current or projected next job, I would highly recommend picking up scripting and programming techniques. I need to learn some Python myself...
    CCIE Security - this one might take a while...
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    iBrokeIT wrote: »
    It depends on type of security job you want, there is technical and nontechnical security roles.

    Generally should know a scripting language or two, ie powershell python ect..

    Now if only there was a few websites where can look at job descriptions and the skills required for those jobs...

    I think as we all know, job descriptions aren't exactly accurate all of the time. That's why I ask in forums ;). It also helps to talk to real world techies about their experience :)
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    Even if you don't need programming knowledge at your current or projected next job, I would highly recommend picking up scripting and programming techniques. I need to learn some Python myself...

    So pretty much scripting? But not actual programming? What scripting do you know? I ask because it looks like you have some solid security certs my friend!
  • aftereffectoraftereffector Member Posts: 525 ■■■■□□□□□□
    I need to know scripting more than programming in my current role. Programming knowledge would help to set a baseline of knowledge for how software works, and that is never a bad thing (especially in security!). For me, I don't actually know any scripting OR programming, unfortunately, even though I have had a couple of Python books on my desk for the better part of a year now.
    CCIE Security - this one might take a while...
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    I need to know scripting more than programming in my current role. Programming knowledge would help to set a baseline of knowledge for how software works, and that is never a bad thing (especially in security!). For me, I don't actually know any scripting OR programming, unfortunately, even though I have had a couple of Python books on my desk for the better part of a year now.

    May I ask what role you're currently in?
  • TomkoTechTomkoTech Member Posts: 438
    You don't need to know how to sit down and write a program no. But command line in windows or linux and scripting is very helpful knowledge.
  • aftereffectoraftereffector Member Posts: 525 ■■■■□□□□□□
    Currently I am a systems engineer focused on endpoint security.
    CCIE Security - this one might take a while...
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    Currently I am a systems engineer focused on endpoint security.

    Nice! Thanks for the help man.
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    Thank you all for the help! May I ask one more question? Since I'm doing AirWatch and being thrown intosecurity.. where's a good place for me to start? Security+?
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Depending on what you are working on and doing, scripting can make life alot easier. Also, managers are usually pretty impressed when you make a script that saves a bunch of time. Just think of the things you do during the day, then figure out if it can automate or speed up in anyway. Usually a scripting/programming language out there that can make almost anything happen.


    And Sec+ is a good place to start for general security knowledge.
  • jeremywatts2005jeremywatts2005 Member Posts: 347 ■■■■□□□□□□
    I know for myself I rarely write anything. I use precanned stuff, I am too busy chasing down alerts, hunting and so on to spend time writing. This is why we have a guy (s) on our team who do those things. We tell them the correlations we want and then they build it for us.
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    I know for myself I rarely write anything. I use precanned stuff, I am too busy chasing down alerts, hunting and so on to spend time writing. This is why we have a guy (s) on our team who do those things. We tell them the correlations we want and then they build it for us.

    May I ask your job title/years of experience?
  • TLeTourneauTLeTourneau Member Posts: 616 ■■■■■■■■□□
    I'm with most others, it helps to know a scripting language or two. I'm fair to middling with VBS and Power Shell. Although we also have others in our enterprise that are actual programmers and better scripters than I that can be leveraged if needed.

    Preemptively - Senior Systems Engineer with around 18 years experience in IT.
    Thanks, Tom

    M.S. - Cybersecurity and Information Assurance
    B.S: IT - Network Design & Management
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Having some background in programming it will help you a lot with scripting and having some scripting knowledge it will help you a lot in security. You will not be required to write complicated scripts too often as many scripts already exist out there. What you need to know is how to modify them to work in your environment or do something specific that you want and that requires some knowledge of scripting. The other benefit of knowing some programming or scripting is that a lot of automated solution now use Boolean operators or logical operators to create rules for ACL's, reports, alerts etc. That is knowledge that you will be able to transfer to those solutions if you know how to use the operators.
  • wes allenwes allen Member Posts: 540 ■■■■■□□□□□
    Scripting in general is good (bash, python), but more and more, Powershell is a key skill. I would also add that understanding how API's work and being able to interact with them and parse the output (usually JSON /XML) is also very useful in today's automated world.
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    It's honestly annoying how many postings I see for this huge laundry list for security prospects. I get it for a senior position but when it's a 60k juniorish security role, it's like people are just fishing for over qualified people to do this role. Some scripting experience is obviously good but I shouldn't need to be an expert programmer on top of years of windows sys admin experience, Linux sys admin experience, years of networking admin experience, and obviously tons of incident response and pen testing.

    If I have all that after 10 years of experience plus a degree and certs I'm not working for 5 figures.

    Leave the heavy programming to programmers.
  • OctalDumpOctalDump Member Posts: 1,722
    No, but it helps.

    There's two kind of areas it helps in. One is understanding how stuff works under the hood, like knowing what opcodes are, what stack and heap are, how memory is managed, privileged mode, maybe even algorithm theory, discrete maths and lots of other bits and pieces. The other is as a skill to automate tasks and modify other people's code.

    For the first, go study computer science. For the second, just learn Python and then try out other languages from there.

    But there's enough niches that you can get away without knowing much of anything for a long time.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    OctalDump wrote: »
    No, but it helps.

    There's two kind of areas it helps in. One is understanding how stuff works under the hood, like knowing what opcodes are, what stack and heap are, how memory is managed, privileged mode, maybe even algorithm theory, discrete maths and lots of other bits and pieces. The other is as a skill to automate tasks and modify other people's code.

    For the first, go study computer science. For the second, just learn Python and then try out other languages from there.

    But there's enough niches that you can get away without knowing much of anything for a long time.

    I'm really terrible at math unfortunately, so computer science won't be best for me.

    Thank you all for the responses! I appreciate it so much.
  • bluejellorabbitbluejellorabbit Member Posts: 43 ■■□□□□□□□□
    As other people have mentioned, scripting is good, if not for anything but doing some tasks more efficiently. Personally, I don't think it's as important to be a good code writer as it is to be able to follow code and understand low level operations. I can code, but I don't like it at all. That said, I wouldn't want a job where code writing was a primary facet.

    When I was younger, I went through this little document many times trying to learn and appreciate everything that was happening. I'd say if you want to work in security, challenge yourself to go through some malicious code and try to understand exactly what's happening.

    Take what I say with a grain of salt as I don't actually work in security. I do have some friends in the field, and they often work long hours and sometimes seem a bit stressed. It's too much responsibility for my tastes.
  • RemedympRemedymp Member Posts: 834 ■■■■□□□□□□
    I know for myself I rarely write anything. I use precanned stuff, I am too busy chasing down alerts, hunting and so on to spend time writing. This is why we have a guy (s) on our team who do those things. We tell them the correlations we want and then they build it for us.

    Echo that.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    It all depends on the role. I split my time between incident response, risk assessment, policy work, and architecture. I do zero programming, script zero from scratch, and modify a negligible amount of scripts when necessary. Works perfect for me because I really do not enjoy it one tiny bit and try to avoid it at all cost. Like jeremywatts2005 said, we have people better suited for that and I always make sure I'm surrounded by them so I don't have to do it. It helps that I'm at a somewhat large organization where I can chose what I work on. In a smaller shop, you need to do whatever comes your way so scripting abilities would be expected.
  • Node ManNode Man Member Posts: 668 ■■■□□□□□□□
    As an avid programmer, I am reluctant to say someone in IT needs to be a programmer. However, solid scripting skills (i use Python), are a great way to make a job easier. I dont even tell my co workers or bosses that I use scripts, I just handle work quickly icon_smile.gif

    But to tie it back, IMO programming is more like making GUI's and applications, and scripting is more like sets of commands you run from a jump box.
  • jerseytechjerseytech Member Posts: 59 ■■□□□□□□□□
    Just ordered the Security+ by Daril Gibson and studying AirWatch. I'm on my way!
Sign In or Register to comment.