Have you ever thought about
applying for Information Security Position? Well, I have thought about it and
as I am currently on different industry, a little research on the info
security positions will help me out to know more on the available positions. Many organizations rely on professional
certifications, so it is always good step to look at the related job
descriptions and try to determine which certification programs will help in the
job market. International Information Systems Security Certification Consortium
(ISC)2 offers security certifications such as Certified Information
Systems Security Professional (CISSP), Systems Security Certified Practitioner
(SSCP) and Certified Secure Software Lifecycle Professional (CSSLP) which can
be a plus point in the resume. Depending upon the info security positions you
are interested in, there are several certifications specifically designed for
that position such as Information Systems Audit and Control Association (ISACA)
sponsors four certifications: Certified Information Security Manager (CISM),
Certified Information Security Auditor (CISA), Certified in the Governance of
IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC). The
SANS Institute, formerly known as the System Administration, Networking, and
Security Institute developed a series of technical security certifications
known as the Global Information Assurance Certification (GIAC).
Chief information security officer
(CISO) is often considered the top InfoSec officer in the organization and usually
the Certified Information Systems Security Professional (CISSP) and Certified
Information Security Manager (CISM) certifications are common qualifications
for the position. The CISO must be knowledgeable in all areas of InfoSec,
including technology, planning, and policy. Below figure (Whitman, M., & Mattord, H., 2014) shows possible
information security positions and reporting relationships within a business
organization:
For someone who is new to the
Information security industry and with not much professional experience, I
would recommend to start with the role of Security Technician which is an entry
level position. It requires some level of experience with a particular hardware
and software package and familiarity with a particular technology. The job
tasks will involve configuring firewalls and IDPSs implementing security
software, diagnosing and troubleshooting problems and coordinating with systems
and network administrators to ensure security technical controls are properly
implemented.
References:
IU edu (n.d.). Roles and Responsibilities for Technicians.
Retrieved May 18, 2015 from https://protect.iu.edu/cybersecurity/policies/ISPP-25/25.1/technician
Whitman, M., & Mattord, H. (2014). Management of
information security (4th ed.). Cengage Learning
No comments:
Post a Comment