Computer veteran looking to break into security
I've been in the computer field for 20 years but do not have any security
experience. Would it be possible to break into the field with education/certification? What would be the best path for a beginner (in terms of
inexpensive training, certification, etc.)? How easy would it be to break into the field after that? And how about salaries? Thanks.
Thanks for your recent e-mail inquiry. While it is indeed possible to
"break into" the security field with education and/or a relevant
certification, a perusal of the certifications behind my recent survey of
will reveal that senior-level security certs usually
come with a 3+ year on the job experience requirements.
Thus, while you can break into the field with an entry-level cert like
the TICSA, SSCP, CIW Security Professional exam, and so forth, most of the
stronger, more valuable credentials will only be open to you after you
put some time in and pay your dues to the subject, so to speak.
To get yourself started, I recommend tackling the BrainBench Internet
and Network security exams first, tackling the CIW Security professional
exam second, then looking into either the ISC-squared's SSCP or the
TruSecure/ICSA TICSA certification. After you climb those various entry-
level certifications, you can start looking into other programs from
ISC-squared (CISSP), TruSecure/ICSA (ICSE), SANS (GSEC and advanced
certs) and so forth.
For pure entry-level credentials, you will be hard-pressed to exceed
normal salaries for network or system administrators. But when you start
climbing the ladder, you'll start to experience more pay benefits as
salaries climb beyond the 50s and 60s, into higher levels. For senior
security certs (CISSP, CCO, CPP and so forth) six-figures are not
I hope I've answered your questions. If you have further follow-up or
additional comments or concerns, please post again.
For more information on this topic, visit these other searchSecurity resources:
Best Web Links: Career Information
Security Career Center
This was first published in January 2002