Re: Security Jobs

[Drew Brown <dbrown () byu net>]

One thing to bear in mind is that security is much more than
technology. It's process understanding and audit technique. I'd invite
the list to share their thoughts, but I would ask yourself: if there
is a suspected compromise, can you go through the processes to detect
it? If yes, you probably have solid IT skills. But then, do you
understand the controls and processes to mitigate it? These are
largely not systems/IT skills. It seems to me that hacking takes
mostly IT know-how, but prevention and detection require an auditor's
toolkit as well.

On 6/1/09, Chris <cweindel () gmail com> wrote:
> On Fri, May 29, 2009 at 4:00 PM, Curt Shaffer <cshaffer () gmail com> wrote:
> > This is just a general question for people in the security field out
> > there.
> > I have been in the IT industry for 10 years now. I have a large range of
> > experience with systems (Windows and *nix), and networks (wired, wireless,
> > LAN and WAN). I have, what I feel and others have told me, an intricate
> > knowledge of a range of IT related topics covering many areas. In
> > searching
> > for a career, I have found myself getting bored over and over. The main
> > reason is because I tend to get pigeon holed into one thing or another, it
> > mainly seems to be systems only things. I've always like security and have
> > devoted quite a bit of time to studying it pretty intensely over the past
> > 2
> > years or so. The main reason is because it seems to me that being in
> > security allows you to keep up on and working on a lot of different pieces
> > in the IT spectrum. I have had the Security + certification for some time.
> > I
> > am working on my GPEN then following that with the CISSP by the end of the
> > year. The problem is, I have been trying to break into a security job but
> > I
> > still always find myself getting only systems related stuff. I will say I
> > get people that say "we need a systems guy with a strong security focus",
> > but the never equates to a security job. Can anyone out there in the field
> > give me some direction on how I can get a "real" security job?
> >
> > Thanks
> >
> > Curt
> >
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: InfoSec Institute
> >
> > Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
> > Instructor-Led and Online formats is the most concentrated exam prep
> > available. Comprehensive course materials and an expert instructor means
> > you pass the exam. Gain a laser like insight into what is covered on the
> > exam, with zero fluff!
> >
> > http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
> > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> This list is sponsored by: InfoSec Institute
>
> Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
> Instructor-Led and Online formats is the most concentrated exam prep
> available. Comprehensive course materials and an expert instructor means you
> pass the exam. Gain a laser like insight into what is covered on the exam,
> with zero fluff!
>
> http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
> ------------------------------------------------------------------------

-- 
Sent from my mobile device

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------