No one can tell you exactly how to get into the information security field. It’s more of a “choose your own adventure” story than a well-defined path. If you consult with professionals working in information security, you’re going to learn quickly that few people follow the same path into the industry.
Information security is a more advanced branch of IT. Whichever way you arrive, you need a background of base skills, but because information security has a lot of depth and dimensions, it’s less important what that background is. You can come from development, server administration, a computer science degree, or even tech support. Leverage your strengths and experience as they apply to information security.
This isn’t a field for the lazy or unmotivated. You’re always going to be pushing yourself, and there isn’t a lot of room to get comfortable or complacent. Information security is rapidly evolving, and that’s not going to change.
As new threats arise, new preventative measures rise to meet them. Then attackers invent new threats, and the cycle continues. Add in the changes always introduced by new technology, and it’s instantly clear why this field is so challenging.
Security clearance is a real thing, and you’re going to be working around it for your entire career. It can range from restricting access based on users and groups all the way up to actual government security clearance.
Expect to be thoroughly vetted by companies before being hired, and background checks are standard practice. Once you’re hired, you’re going work within the confines of security clearance. You won’t have access beyond your clearance, and you won’t be able to grant access to anyone else beyond their clearance. If something is above your level, you’ll need to escalate the issue.
The field evolves too rapidly for a degree (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Nick Congleton. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/eUZrxXFxBf8/