I have a masters in Network security and working as a Information security and network analyst. I also have a CCNA and trying to figure out if i should head the cisco way to get ccsp/ccnp or get into the ISC2 arena. How are Infosec jobs in the North west region? What are the exact skill set companies are expecting for entry,mid level positions in information security and network administration ? Answer: xxxxx, As usual getting them all is the best but we all know that you need to prioritize. I think with a grad degree you have already made a good investment. On the policy/information security/risk side CISSP and CISM best practices certifications do help you to speak the same jargon with the industry. When you get these certs, you will naturally acquire the jargon and you may also become a member of ISSA, ISC2 or ISACA to join the social networks that come with these certifications. I also like the CISA certification where you get an official auditor title. These certifications will play nice with your Masters Degree in Network Security. The member websites also provide plenty of frameworks, tools and methodologies to begin with. Product vendor certifications are different. These certifications usually open the door for entry level positions. For example if you have CCSP, and the position you are applying to is a Cisco shop, you have a higher chance. There is a big gap when you compare vendor certifications with generic security best practice certifications though; vendor certifications are usually very hands on and they do require day to day sharpening of skills- and you cannot do this alone, yourself, away from the vendor, try this path only if - you like operations and hands-on troubleshooting - you have a change to use these products in your daily life - you have a chance to work on complex requirements (for example if you have never worked on a complex dynamic routing environment, your Cisco routing cert is valueless) Once you become a subject matter expert on a vendor product you may command a higher income, but that is not a work from home and then get certification process. - Your main question is about the jobs. In small shops information security and network management are usually merged in 1 group/role... In Again, certifications are just 1 component of the hiring decision matrix; experience, work ethic, income expectations, work authorizations, people skills usually play a larger role in hiring decision, but it is correct that certifications may help you to pass the non-IT recruiter screenings. You should choose the path that makes you happy to work. That will make you successful regardless of the path you choose. If you will enjoy working on security policies at 11pm, if you won’t see the work as “pays the bill” thing, that is the right path for you. If you are ambitious, and you believe you have the bandwidth to get both vendor and best practice certifications just go for them, it is not tough. The trick is that “job market” can drive you only to a certain point, the rest is dependant on your personal interest and you enthusiasm for the path you choose. Let me know if you have a specific question, Regards, - yinal ozkan p.s. you may check my previous posts related with this topic: http://security.24kasim.org/2008/10/it-security-consultant-jr.html http://security.24kasim.org/2007/08/are-cissp-cisa-and-cism-credentials.htmlQuestion:
Monday, March 23, 2009
Information Security Career Advise
Subscribe to:
Post Comments (Atom)
1 comment:
Do you guys know that, there is a growing demand for professionals having skills in Information System audit, security and control. I was interested in getting an excellent job opportunity in the IS audit field, and this site helped me to meet some important requirements. They made me aware that passing the CISA exam is the primary requirement and having at least 5 years of experience as an Information System auditor. I am very thanking full to them. cisa
Post a Comment