Security Basics mailing list archives

Re: Security Jobs

From: Peter Odigie <peterquid () gmail com>
Date: Wed, 3 Jun 2009 10:49:31 +0100

Just a thought. Getting a security related job means going for a
security related job. I think.

You have the skills, you have the flair, according to Steve, package
yourself well.

In my country, Nigeria, I am actually trying to setup a security
outfit.  One challenge is to get the trust of the big companies!
Still working on it!

Peter

On 6/2/09, Stephen Mullins <steve.mullins.work () gmail com> wrote:

This answer assumes you are in the United States.

I think your problem is how you market yourself.  You need to
emphasize your security experience over your systems experience as
much as possible.  If your resume says, "Systems Administrator for the
past 10 years" then that's what you're going to be pegged as by the HR
folks.  Call yourself a "Security Administrator" if your job entails
any level of security awareness whatsoever (and it should if you're a
good Sys Admin).

Companies these days look at every individual as a specific tool with
a specific function within the organization.  They hire the Systems
guy to work on Systems and a Security guy to do Security.  They have
little to no interest in hiring someone that "is willing to learn" or
"has an interest in" an area outside of their specialty.  The average
person under 30 changes jobs once a year.  People over 30 change jobs
once every 3 years.  Companies have no reason to train someone because
they won't be on the job long anyway.  Exceptions - government or
military jobs (non-contractor).

I think you need to better understand the employment environment in
which all of us operate.

Steve

On Fri, May 29, 2009 at 5:00 PM, Curt Shaffer <cshaffer () gmail com> wrote:

This is just a general question for people in the security field out
there.
I have been in the IT industry for 10 years now. I have a large range of
experience with systems (Windows and *nix), and networks (wired, wireless,
LAN and WAN). I have, what I feel and others have told me, an intricate
knowledge of a range of IT related topics covering many areas. In
searching
for a career, I have found myself getting bored over and over. The main
reason is because I tend to get pigeon holed into one thing or another, it
mainly seems to be systems only things. I've always like security and have
devoted quite a bit of time to studying it pretty intensely over the past
2
years or so. The main reason is because it seems to me that being in
security allows you to keep up on and working on a lot of different pieces
in the IT spectrum. I have had the Security + certification for some time.
I
am working on my GPEN then following that with the CISSP by the end of the
year. The problem is, I have been trying to break into a security job but
I
still always find myself getting only systems related stuff. I will say I
get people that say "we need a systems guy with a strong security focus",
but the never equates to a security job. Can anyone out there in the field
give me some direction on how I can get a "real" security job?

Thanks

Curt


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
Instructor-Led and Online formats is the most concentrated exam prep
available. Comprehensive course materials and an expert instructor means
you pass the exam. Gain a laser like insight into what is covered on the
exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
Instructor-Led and Online formats is the most concentrated exam prep
available. Comprehensive course materials and an expert instructor means you
pass the exam. Gain a laser like insight into what is covered on the exam,
with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

Security Jobs Curt Shaffer (Jun 01)
- Re: Security Jobs Chris (Jun 01)
  - Re: Security Jobs Drew Brown (Jun 02)
- Re: Security Jobs Stephen Mullins (Jun 02)
  - Re: Security Jobs Peter Odigie (Jun 03)
  - RE: Security Jobs Curt Shaffer (Jun 03)
    - Re: Security Jobs Stephen Mullins (Jun 03)
    - RE: Security Jobs Curt Shaffer (Jun 03)
    - Re: Security Jobs Stephen Mullins (Jun 03)
    - Re: Security Jobs Jeffrey Walton (Jun 03)