Security Basics mailing list archives
RE: Career Choice
From: "Andrew Blair" <Andrew.Blair () genmills com>
Date: Sun, 13 Mar 2005 22:37:21 -0600
I can speak to this strategy having recently chosen it. The security industry requires trust. Trust requires experience. I took a job for a larger company knowing I was going in doing tech support. From the first day I made known my interest in security and actively looked for opportunities to contribute to security initiatives and expand and share my security knowledge. After only 9 months (thanks to some auspicious timing) I was given a job taking care of client security for all PCs in our company. This job puts me in contact with the people responsible for securing our servers, networks, and applications. I would say be willing to start with something basic and use that opportunity to show security interest and knowledge. After you get some credibility and have a chance to show your knowledge other opportunities will start to show up for you. If you can, get one of the certifications that do not require experience (Security+ for example). I think it demonstrates that you have at least a basic competency (results may vary company to company... I've heard some value it more than others). Andy -----Original Message----- From: Michael Krymson [mailto:krymson () gmail com] Sent: Thursday, March 10, 2005 6:24 PM To: Zaven; security-basics () securityfocus com Subject: Re: Career Choice It is a hard road, but you could start out at any sort of entry-level position in a company, even Tech Support (yeah I know you will think oh God, but the experience should be had at least once in every techies career). Pick a company that you can earn you way up in, Tech Support, maybe Systems Administration of some sort, and maybe even earn their trust to give you a shot at security related things. In all you do though, keep security in mind and on your sleeve. If you mean in terms of what skills you can hone on your own, certainly *nix experience is great. In fact, if you can, make your main computer a Linux computer (or for the brave, a BSD variant). Learn some programming, for instance Perl or Python. With a CS degree, that shouldn't be foreign to you at all. Learn networking and TCP/IP. You can do some of that at home with your home network. Grab old PCs that no one wants anymore, some cable, and a cheap switch and start playing. For entry level, you'll need those building blocks among other things, to show you have potential and are willing to learn and research on your own. At 07:34 PM 3/8/2005, Zaven wrote:
Britton, Jeff B. wrote:If you want to break into the security industry right out of school, you'll probably need one of
two
things... 1. A darn impressive resume 2. An inside contact to get you a jobI'm about to graduate from a UC with a Comp.Sci degree, and I want to
go
into security. Since no one will be trusting the security of their enterprise to a newbie, what types of real-world experience should I be
shooting for? I've been thinking about expanding my UNIX administration
skills as a start. What else is valuable for an entry-level SA? ^Z
Current thread:
- Re: Career Choice, (continued)
- Re: Career Choice Geoff Scott (Mar 10)
- RE: Career Choice Kelley (Mar 10)
- Message not available
- Re: Career Choice Richard Kirk (Mar 09)
- Re: Career Choice Michael Booxbaum Sardinas (Mar 10)
- Re: Career Choice Richard Kirk (Mar 10)
- Re: Career Choice Kinnell (Mar 10)
- Re: Career Choice Michael Krymson (Mar 11)