Looking to get into IT security..

Right now I am looking for a way to get into the Security field, I feel as though I am past tired of the Desktop support position I am in right now. As you guys have probably went through after a while you don't feel as though it's challenging anymore and sometimes boring.

I recently just passed the CCNA test a few days ago and I know Python programming as well while I was at my current position. Unfortunately the contract that I am on doesn't have networking positions and there aren't any opening on the other contracts. I would rather not wait around since people don't leave positions often where I work at. I know the security field is a broad field so there isn't just one simple answer but what should I be looking for to get a entry level security position to start off? What job titles and skills should I seek?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

JDMurray

The first thing you will discover is that there is no such thing as an entry-level security position. People at the bottom level are usually doing something else system- or network-related and get assigned "grunge work," such as reading logs, blocking IPs, sending abuse emails, running reports, manual event correlation ("watching the screens"), etc. Doing this allows the "log dog" to become known within the organization as one of the security people. As mid-level security positions open up, so does the log dog's chances to move into a true InfoSec job description.

Having the CCNA is a good first step towards a career in network security. You must now attempt to assume responsibility of security-related tasks, such as those I've mentioned. Getting a few more security certifications (CCNA:Security, CCNP:Security, SSCP, Wireshark, Snort, OSCP, SANS/GIAC, etc.) will help point out to hiring managers where your interests are and where you want to take your career.

Jad207

JDMurray wrote: »

The first thing you will discover is that there is no such thing as an entry-level security position. People at the bottom level are usually doing something else system- or network-related and get assigned "grunge work," such as reading logs, blocking IPs, sending abuse emails, running reports, manual event correlation ("watching the screens"), etc. Doing this allows the "log dog" to become known within the organization as one of the security people. As mid-level security positions open up, so does the log dog's chances to move into a true InfoSec job description.

Having the CCNA is a good first step towards a career in network security. You must now attempt to assume responsibility of security-related tasks, such as those I've mentioned. Getting a few more security certifications (CCNA:Security, CCNP:Security, SSCP, Wireshark, Snort, OSCP, SANS/GIAC, etc.) will help point out to hiring managers where your interests are and where you want to take your career.

Thanks JDMurray, It sounds like I should move towards a network admin position to get the opportunity to be involved with some aspect of security. It doesn't seem like I can move to a security position from where I am at now with desktop support by what your saying.

I will go after the CCNA: Security certification next and hopefully that will open some doors for me to get in. What about the CEH?

paul78

Jad207 wrote: »

It sounds like I should move towards a network admin position to get the opportunity to be involved with some aspect of security.

Having a network background can be useful but not necessarily required. It largely depends on what type of IT security interest you. Network security is only a small sliver of Infosec. If you like working with desktop infrastructure already and you enjoy it, perhaps you want to consider endpoint security.

Jad207

paul78 wrote: »

Having a network background can be useful but not necessarily required. It largely depends on what type of IT security interest you. Network security is only a small sliver of Infosec. If you like working with desktop infrastructure already and you enjoy it, perhaps you want to consider endpoint security.

Thanks Paul, I will look into endpoint security. Do you know of a article or thread that discusses the different roles in IT security other than network and endpoint so I can get a better understanding? I've searched but I only see general stuff so far.

paul78

Try the SANS reading room. There is a section on InfoSec careers there written by several members.

SANS Security Training and Your Career Roadmap

(Edit- minor correction)
The above is actually the SANS marketing and sales materials. The reading room that contains more relevant whitepapers on getting started is here- http://www.sans.org/reading_room/whitepapers/infosec/

Also check the main reading room- there is a lot of topics related to Infosec including endpoint protection.

Mike-Mike

great thread