IDS mailing list archives
Re: what is required for an engineer to become an SECURITY engineer
From: Jose Maria Lopez <jkerouac () bgsec com>
Date: 28 Dec 2004 23:42:54 +0100
El jue, 23 de 12 de 2004 a las 07:42, Ravi Kumar escribió:
Hi, I was asked to prepare syllabus for security management,incident handling,forensics analysis, intrusion detection etc., Th intention is train an engineer to become a SECURITY engineer. we know there are several certifications which are designed for this purpose. I want from you with your security experience tell us what should an BASIC course for security really requires. If industry wants to recruit an engineer for its security needs what type of experience they look for? Note: Please dont relate my question with any certifications and be generic. Thanks for any help, -Ravi
This is probably the most complicated question ever sent to this list. I'll explain why I think so. A security engineer should have a *very* *very* wide of tech knowledge. He should be able to understand, configure and monitor the hardware of the networks. He must know almost everything about the operating systems that he wants to secure. He must be aware of the dangers of Physical Security Threats and Social Engineering. He must know the most important Opensource and Comercial tools to secure systems. He must know how to treat with Incidents. He must know about Forensics. I could follow ad infinitum. But believe me. The most important thing about a security engineer it's the personal abilities. Knowledge can be adquired with time and courses, but the personal abilities are inherent to the person and it's very difficult to adquire new ones. So the first thing you must do it's to select the right person, even if it's not the one that has the more complete knowledge in the field. And the second thing more important for me it's experience. The security field it's always changing and the threats can be of many kinds, it's very important to have a background of managing threats to face the new ones. So you should select also a person with experience. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac () bgsec com bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÑA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road" -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- what is required for an engineer to become an SECURITY engineer Ravi Kumar (Dec 23)
- RE: what is required for an engineer to become an SECURITY engineer Randy Golly (Dec 27)
- RE: [in] what is required for an engineer to become an SECURITY engineer Curt Purdy (Dec 27)
- RE: [in] what is required for an engineer to become an SECURITY engineer skill2die4 (Dec 30)
- Re: what is required for an engineer to become an SECURITY engineer Jose Maria Lopez (Dec 30)
- <Possible follow-ups>
- Re: what is required for an engineer to become an SECURITY engineer Richard Bejtlich (Dec 27)