Hello soldiers of the cyber resistance,
You are tuning in to CRR, Cyber Resistance Radio.
Today in our second podcast we talk about information security job positions.
Even though information security jobs are quite new, there is a big distinction between the various positions.
Job positions differ from the technical professionals to the governance professionals. So in some jobs you are implementing technical information security solutions like firewalls are intrusion detection systems and in other positions you are working on information security policies.
This governance part of information security requires you to be more involved in company policies and the training and awareness of information security of employees.
Many people obtain security jobs after they have been in IT for a number of years.
In many cases, the ability for a security job is a matter of opportunity, being in the right place at the right time. However, a lot more then good luck is required, you need the desire and the aptitude for a security job.
So what kind of positions are out there ?
And how can i get this new job, but it requires experience. How can i get experience if I don’t get this job ?
Well most people that work in security have some kind of experience coming from their old job, take for instance the following professions;
Human resources employee.
These jobs all have elements within them that are related to security. Either on the technical level, service level or management level.
This is a good foundation on which you can further build your career as a security professional.
Let’s take one example of a network administrator.
One day you are working on the network and maintaining it, the next day your department boss ask you how secure is the network, since we have indicators we might have been hacked a few times. Give me a report on what tools are in place and how can we protect ourselves better, can you do some research and report back to me next week ?
Caught completely off-guard and taking care of the request from your boss you are now taking the first steps into being a security professional. If you do a good job, it is not unthinkable you will be asked more frequent in the future or management decides to create a new job position.
With this short story i only want to give you an idea you do not need a background in information security, you will grow into it. Of Course your chances only increase when you are already working in IT, either as an engineer in charge of secure coding or at the management level being responsible for overall security of applications, the network and the way employees handle sensitive information.
What you positions are out there, let’s start with the technical positions first;
Tasks; user account administration, firewall administration, implementing and maintaining of intrusion detection systems and intrusion prevention systems, data loss prevention, anti malware administration, spam administration, security incident and event management, vulnerability management.
Analysis of events related to intrusion detections systems, data loss prevention, vulnerabilities etc. Basically you analyse everything that the systems in place detected and you think of ways to enhance security based on current technologies.
Further the analogy of cryptographic algorithms in the industry and comparison with the algorithms currently in place, then deciding to upgrade to better system security.
You might think of a security specialist as a security analyst, security engineer, forensic investigator, it auditor and security architect all rolled into one. This senior function is for people that have knowledge about a wide range of subjects within security.
Then we have the security architect, this position is all about designing processes and systems. This is one of the most senior positions within infosec.
Moving on to the forensic investigator
Sometimes known as the forensics analyst of forensics specialist, in this job position you investigate networks and computers usually after a breach has occurred.
You check for break ins and see if the policy has been violated by either employees, third parties or black-hat hackers.
Then one to the last technical position in this list, the IT auditor.
As an auditor you determine the effectiveness of security controls, and then communicate the level of effectiveness to others in the same organisation through written reports. The auditor usually has a whole checklist that is based on general or national security guidelines for organisations. This way they do not skip any part of security, but an auditor does more than ticking the boxes on a checklist. The auditor has to understand the way technologies work and know security is more the a checklist.
Also the auditor needs to be independent and objective in his approach, it is best if they are not members of the department they are editing. Most of the time an IT auditor is an external person.
Now let’s take a look at security management positions.
Basically managing all the people of the technical part of security. This position can best be done by people that have a good vision but lack the time to do security themselves. Often the manager will execute the security policies that have been handed to him by a CISO. (Chief information security Officer)
This position is usually found in organisations with industry regulation, a compliance officer ensures that the organisation is compliant with applicable laws and regulations. You can find these position in the following sectors, finance, public utilities, healthcare, government, entities that process credit card data, organisation that write software for processing credit card data.
Also known as a CPO, chief privacy officer, this position is usually found in organisations that store or process large amounts of sensitive data. This information must be protected from disclosure and there must be assurance of proper handling of data.
Sensitive information includes names and contact information, including social security numbers, account numbers, medical information etc. Each regulation or standard has its own definition of sensitive information and required protection and handling requirements.
Moving on to the last job position with security management positions, the CISO.
The chief information security officer does the following, create and edit and evaluate security policies, risk management and risk treatment, security architecture, security operations, security incident response. The CISO is part of the executive management and has a advisory role towards management. The CISO will also discuss recent issues with the management and his vision on how to prevent incidents from happening.
Most of the time the CISO has to negotiate with other executives to ensure that the organisation is on the right way to manage security and technology related risk.
We now come at the end of the second podcast, much of this podcast has been acquired through reading books about information security jobs and the sector as a whole.
Hope this podcast will make it somewhat easier to decide what job position to go for, either technical or on the management side of things. Of Course all positions have been discussed very briefly. Just browse around for job positions and the required experience and certificates.
Next time we talk about experience and certificates.
Become a soldier in the Cyber Resistance and inform yourself.
Stay safe, turn off your television, tune in to our podcast and arm yourself with knowledge.