Background to get into Security

veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
Question,

I just attended an ISSA meeting in my area. I enjoyed talking to some of security people at the meeting. This brought up a question that I didn't not have the oppurtunity to ask due to time constraints. What kind of professional background do you need to get into security? Do you need to have been a Network Administrator at one time?
Currently working on: Linux and Python

Comments

  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Question,

    I just attended an ISSA meeting in my area. I enjoyed talking to some of security people at the meeting. This brought up a question that I didn't not have the oppurtunity to ask due to time constraints. What kind of professional background do you need to get into security? Do you need to have been a Network Administrator at one time?


    Security is broken down into many specialized segments. You don't necessarily have to be a network admin to do all security jobs. If you were going to admin firewalls or IDS sensors then yes a background in network administration would help you out a lot. If you were a systems auditor, you may have a specific type of system you audit. I know when I've tried out for auditing positions they generally wanted you for a specific role, whether that be MS products, *nix, or networking. I will say a background with some networking will help you period.
    I bring nothing useful to the table...
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    Security is broken down into many specialized segments. You don't necessarily have to be a network admin to do all security jobs. If you were going to admin firewalls or IDS sensors then yes a background in network administration would help you out a lot. If you were a systems auditor, you may have a specific type of system you audit. I know when I've tried out for auditing positions they generally wanted you for a specific role, whether that be MS products, *nix, or networking. I will say a background with some networking will help you period.

    Sorry I didn't clarify what I was thinking better. Do I have to start out as a Network Admin / Sys Admin before I can get into security?
    Currently working on: Linux and Python
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,732 Admin
    There are many different facets of Information Security, many of which do not involve system administration or network administration. In decades past, most of InfoSec had nothing to do with computers or electronic storage systems. So no, you don't need to be a sysadmin or netadmin. But you do need experience in area(s) that require the application of InfoSec.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    JDMurray wrote: »
    There are many different facets of Information Security, many of which do not involve system administration or network administration. In decades past, most of InfoSec had nothing to do with computers or electronic storage systems. So no, you don't need to be a sysadmin or netadmin. But you do need experience in area(s) that require the application of InfoSec.

    Okay, I was wondering whether or not I should start out trying to get into a SysAdmin / NetwkAdmin job, and then later try to get a Security Analyst type of job using my SysAdmin /NetwkAdmin job, and security certs. So you guys don't think I have to have the NetwkAdmin job background?
    Currently working on: Linux and Python
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,732 Admin
    What is it that you want to do in Information Security? People usually get into InfoSec as an adjunct specialty to something that they are already doing (e.g., system design, sys/netadmin, accounting, operations management), and not as something that is completely brand new to themselves.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    JDMurray wrote: »
    What is it that you want to do in Information Security? People usually get into InfoSec as an adjunct specialty to something that they are already doing (e.g., system design, sys/netadmin, accounting, operations management), and not as something that is completely brand new to themselves.

    I think you may have answered my question with your first line. Maybe you can tell what the areas name would be. I am interested in security administration of systems, and the network infrastructure. Monitoring the logs and making sure that policies are enforced.
    Currently working on: Linux and Python
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    If you want to secure the systems or network you're going to have to have experience on that system. How can you secure something you don't understand. So yes, you will need a network or systems admin background.
    I bring nothing useful to the table...
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    If you want to secure the systems or network you're going to have to have experience on that system. How can you secure something you don't understand. So yes, you will need a network or systems admin background.

    That was my thought as well. I just wondered what everyone thought and had experienced on their path to security.
    Currently working on: Linux and Python
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,732 Admin
    I am interested in security administration of systems, and the network infrastructure. Monitoring the logs and making sure that policies are enforced.
    A lot of that is low-level grunt-work handled by software. You'll be a tool-user and fix-it guy and might never have an opportunity to learn much about the real design and implementation of security. That's OK for entry-level work, but plan on shooting higher for a better career.
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    JDMurray wrote: »
    A lot of that is low-level grunt-work handled by software. You'll be a tool-user and fix-it guy and might never have an opportunity to learn much about the real design and implementation of security. That's OK for entry-level work, but plan on shooting higher for a better career.

    Exactly. Try your best to pick some other things other than the lower level log analysis. Like he said It will get you into the field, but you are going to want more substance. I currently do IDS/IPS analysis, which is a lot of monitoring.
    I bring nothing useful to the table...
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    JDMurray wrote: »
    A lot of that is low-level grunt-work handled by software. You'll be a tool-user and fix-it guy and might never have an opportunity to learn much about the real design and implementation of security. That's OK for entry-level work, but plan on shooting higher for a better career.

    Okay, thanks for the help JDMurray/L0gicB0mb508. By shooting higher what should I be aiming for?
    Currently working on: Linux and Python
  • L0gicB0mb508L0gicB0mb508 Member Posts: 538
    Okay, thanks for the help JDMurray/L0gicB0mb508. By shooting higher what should I be aiming for?

    Well I think for the time being doing logs and things like that will be a good step for you. However, after some time in this you'll be wanting to move up. I can't really say what you should be aiming for, because there are soo many areas to specialize in. I know you want to do systems/network security, but even then there are soo many niches. You can pen test, configure security appliances, work in compliance auditing on systems, and even specialize in security polices/management.

    I think maybe you should explore some infosec options and see what your end goal is.
    I bring nothing useful to the table...
  • kimanydkimanyd Banned Posts: 103
    Go for an MCSE and/or CCNP. Security will be intertwined throughout all those studies, and you'll develop a solid understanding of the technologies you'll be working with in the process.

    +1 to all the other great advice thus far.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    kimanyd wrote: »
    Go for an MCSE and/or CCNP. Security will be intertwined throughout all those studies, and you'll develop a solid understanding of the technologies you'll be working with in the process.

    +1 to all the other great advice thus far.

    I know I definitely want to get the MCSE and the CCNA. I was thinking down the line that doing the CCSP would be useful. Is the CCSP completely Cisco hardware related or does it cover security in general?
    Currently working on: Linux and Python
  • kimanydkimanyd Banned Posts: 103
    It seems like the CCNP and CCSP go hand in hand. I'm not sure which order I'll get them in, but I'm definitely going after both. I was chatting with dtlokee about this, and he was telling me stories about how he knew some people who were exclusively CCSPs had trouble carrying out basic R&S tasks. I don't want that to be me...

    I think the CCSP is going to focus mainly on Cisco equipment. The CCNA: Security (which is a prereq to the CCSP) seems to be Cisco's version of the Security+, but it's still geared Cisco equipment.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,732 Admin
    kimanyd wrote: »
    I think the CCSP is going to focus mainly on Cisco equipment.
    Oh yeah, big-time. I decided not to consider the CCSP because I don't ever expect to be that deeply involved in working with Cisco equipment--unless I'm one-day writing management software for it. I would consider studying for the CCSP exams only in that case.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    Thanks guys, I want to know that I have good foundation before I hit the manufacturer specific certifications. I really don't want to be one of those people you mentioned Dynamik err, kimanyd.... Yikes! You seriously need to choose one or the other :Dicon_rolleyes.gif
    Currently working on: Linux and Python
  • GAngelGAngel Member Posts: 708
    Thanks guys, I want to know that I have good foundation before I hit the manufacturer specific certifications. I really don't want to be one of those people you mentioned Dynamik err, kimanyd.... Yikes! You seriously need to choose one or the other :Dicon_rolleyes.gif

    The real foundation in info sec is TCP/IP. If you don't understand how it really works you'll never understand why things are done certain ways or how to solve issues when the standard tools don't work.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    GAngel wrote: »
    The real foundation in info sec is TCP/IP. If you don't understand how it really works you'll never understand why things are done certain ways or how to solve issues when the standard tools don't work.

    Thanks for the reminder. I plan to study more deeply into TCP/IP world after my Bachelor degree is knocked off. I have this book set on the wish list right now.

    Amazon.com: TCP/IP Illustrated Volumes 1-3 Boxed Set (v. 1-3) (0785342776317): W. Richard Stevens, Gary R. Wright: Books
    Currently working on: Linux and Python
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,732 Admin
    GAngel wrote: »
    The real foundation in info sec is TCP/IP.
    I'd actually turn this around and say that the design, implementation, and configuration of TCP/IP over the past 40 years has been the real detriment to network-based InfoSec.
  • Paul BozPaul Boz Member Posts: 2,621 ■■■■■■■■□□
    I had roughly zero security experience prior to getting into my current job. My cisco certs got my foot in the door and my technical knowledge of networking and security concepts got me the job. Without my Cisco certs I would have never been offered a phone interview never mind a face to face. Learn TCP/IP, learn IPSec and other security services, and understand the concepts of security from a high level. Read the SSCP and or CISSP books for prep. Getting into security or any other field really comes down to impressing the guy or gal that is interviewing you.

    Also, Dynamik has relatively little security background but he has more MS certs than god, so I gave my boss his resume and he earned his job the same way I did. Knowledge of what his certs are in and a basic understanding of security concepts. If us monkeys can get into security anybody can :D
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    [email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
Sign In or Register to comment.